Consent Versioning

What is Consent Versioning?

Consent disclosures change over time. Legal teams update TCPA language, marketing adds new partner names, and compliance adjusts wording for new regulations. Consent versioning tracks these changes so you can always prove exactly which version of the disclosure a consumer saw at the time of consent.

eConsent achieves this by computing a SHA-256 hash of the disclosure text at the moment of consent and matching it against your registered templates.

How It Works

Every time eConsent captures a consent event:

1. The disclosure text visible to the consumer is extracted
2. A SHA-256 hash is computed from the rendered text content
3. The hash is stored on the certificate
4. If the hash matches a registered template, the template name and version are displayed on the certificate

If you change even a single word in your disclosure, the hash changes, creating a distinct version.

Creating Consent Templates

Register your consent disclosure versions in the dashboard to give them human-readable names:

1. Navigate to Settings > Consent Templates in your dashboard at app.econsent.org
2. Click Create Template
3. Enter a template name (e.g., “TCPA Disclosure v3.1 - Solar”)
4. Paste the disclosure text that appears on your form
5. eConsent computes and displays the SHA-256 hash
6. Click Save

Once saved, any new certificates whose disclosure hash matches this template will automatically display the template name.

Managing Template Versions

As your disclosure language evolves, create new templates for each version:

• v1.0 — Original disclosure language
• v1.1 — Updated partner list
• v2.0 — Revised for new FCC ruling
• v2.0-ES — Spanish translation of v2.0

Each version has a unique SHA-256 hash. Old templates remain in the system so that historical certificates continue to show their matched version.

Viewing Version Information on Certificates

Open any certificate in your dashboard to see:

• Disclosure text — The exact consent language captured
• SHA-256 hash — The cryptographic fingerprint of the disclosure
• Matched template — If the hash matches a registered template, the template name is shown (e.g., “TCPA Disclosure v3.1 - Solar”)
• No match — If no template matches, the certificate still stores the hash and full text, but shows “Unregistered version”

Why Versioning Matters

In TCPA disputes, a common defense challenge is proving which disclosure the consumer saw. Without versioning:

• You cannot prove whether the consumer saw the old or new language
• Regulators may question whether the disclosure at the time of consent was compliant
• Auditors have no structured way to track disclosure changes

With eConsent’s versioning:

• Every certificate is cryptographically linked to a specific disclosure version
• You can search certificates by template or hash to see how many consents were captured under each version
• You have a clear audit trail of when disclosure language changed

Best Practices

• Register templates before deploying changes — Create the new template in your dashboard before updating the disclosure on your site. This ensures certificates match the template from the first consent captured.
• Use clear naming conventions — Include the version number, purpose, and language in the template name.
• Register templates for each language — If you serve disclosures in multiple languages, create separate templates for each language version.
• Review unmatched certificates — Periodically check for certificates with “Unregistered version” to ensure all active disclosures have corresponding templates.

Learn More

• See the full Consent Versioning documentation for technical details
• Learn about Consent Attestation and how hashes fit into the broader attestation system
• Contact support@econsent.org for questions