Everything you need to know about Google Consent Mode

It’s getting harder for advertisers to collect data now that they need explicit permission to place cookies. As a solution, Google launched a new privacy setting: Google Consent Mode. This tool helps you measure conversions while respecting visitors' privacy preferences. In order to do so, it uses two new tag settings: one for analytics and one for advertising.

Google trackers receive information through Google Consent Mode about how to operate, before and after visitors have set their cookie preferences. That means that you’ll be able to report on the number of conversions coming through advertising channels correctly, something that’s often blocked by a cookiebanner or the Consent Management Platform (CMP).

Without Consent Mode, conversions will be measured in an aggregated way, rather than at the user level. As a result, the remarketing lists will be less effective.

Screenshot Google Consent Mode

source: https://blog.google/products/marketingplatform/360/measure-conversions-while-respecting-user-consent-choices/

How does Google Consent Mode work?

With Consent Mode, Google wants to ensure that you (as a website-owner) take users’ cookie settings into account.

Google Consent Mode uses two new parameters: ad_storage en analytics_storage. You have to add that to the dataLayer on your website yourself. This keeps an eye on the behaviour of Google-tags and cookies. If you use a cookiewall or the Consent Management Platform, you’ll be able to implement both parameters based on your visitor’s choices.

With which services is Google Consent Mode compatible?

Google Consent Mode is supported by a number of Google products:

  • Google Analytics

  • Google Ads

  • Floodlight tags

Therefore, this doesn’t have an effect on other ad cookies such as the ones from Facebook or Linkedin. These platforms are sorting out their own solution at the moment, but we expect it to have many similarities with Google Consent Mode.

Default and Update command

Consent Mode operates through two commands: default and update. You have to fire the Default command for every page load, even if the user has not yet given consent on your cookiewall or CMP. The example below shows how we ensure Analytics-cookies are gathered, but no ad cookies.

 // Define the gtag() API
 window.dataLayer = window.dataLayer || [];
 function gtag(){dataLayer.push(arguments)};
 // Call default commands with static settings to fall back on
 //Consent commands must appear before gtag.js or Google Tag Manager is loaded.
 gtag('consent', 'default', {
 	'ad_storage' : 'denied',
 	'analytics_storage' : 'granted'

You can add this script to your website both hardcoded and through Google Tag Manager. It’s important, however, that the script is fired for all other Google tags. If not, the Default command is not taken into account.

As soon as a user decides on a consent level or adjusts their current consent level, you have to use the Update command. In the example below we upload the values for ad_storage & analytics_storage dynamically.

 // Define the gtag() API
 window.dataLayer = window.dataLayer || [];
 function gtag(){dataLayer.push(arguments)};
 // Call update commands with variable settings
 	gtag('consent', 'update', {
 		'ad_storage' : {{ad_consent_value}},
 		'analytics_storage' : {{analytics_consent_value}}	

What data are transmitted as a parameter is set to “denied”?

Limited Advertising Storage

To limit Advertising Storage you have to set “ad_Storage” to “denied” when uploading your default or update tag. If Advertising Storage is restricted, the following happens:

  • No new advertising cookies are created. If the URL has a “gclid” coming from a Google Ads click, the value won’t be stored in a 1st-party cookie.

  • Existing advertising cookies are not read. If there’s a cookie with a click identifier, it won’t be read or sent with other tags.

  • 3rd-party cookies from advertising domains (doubleclick.net) are used only for spam and fraud detection.

  • Google Analytics won’t read or create advertising cookies, or use them for Google Signals.

  • IP-addresses are only used for their geolocation. IP-addresses are not collected by Google Ads or Floodlight tags. Google Analytics does collect iP-addresses, but you can keep them anonymous by using IP anonymization.

  • The full URL of the page is saved, including click identifiers (gclid, dclid,...)

Limited Analytics Storage

To limit Analytics Storage you have to set “analytics_storage” to “denied” when uploading your default or update tag. If the Analytics Storage is restricted, the following happens:

  • Google Analytics can’t read or create any 1st-party cookies: All hits fired before the page is refreshed or a new page is opened, get the same client ID. If there’s a _ga cookie, a temporary ID will be used.

  • Hits will still be sent to Google Analytics. Consent Mode only ensures that Google Analytics cannot read any data from cookies. These cookie-less hits are registered, but are not visible in Google Analytics reports at the moment. We do, however, expect them to be visible when Google's machine learning model is fully up and running.

Should I install Google Consent Mode?

Yes, as soon as possible. Since iOS 14.5 launched we notice that Google Analytics and Google Ads data are less accurate, because users don’t send data to these platforms anymore.

We advise to start thinking about a cookiewall solution or a Consent Management Platform immediately. Some of these tools make it very easy to install Consent Mode and you’re giving visitors full control over the data they want to make available to third parties at the same time.

This blog is written by the specialists of Intracto.

Intracto is now part of iO. Want to know more? Feel free to contact us!

logo iO