Analytics

Consent

Not too long ago, Google announced a new consent mode for Google tags. It allows you to build a mechanism where Google’s tags parse, react, and respond to the consent status of your site visitors.

Consent

Consent Mode with a custom Google Tag Manager template

In short, consent mode is a beta feature, which lets you determine whether or not Google’s advertising tags (Ads and Floodlight) and analytics tags (Universal Analytics, App + Web) can utilize browser storage when sending pings to Google’s servers.

This is (somewhat) in line with, for example, the General Data Protection Regulation (GDPR) and the ePrivacy Directive (ePD) in the European Union, which restrict the storage and processing of personal data (GDPR) and the storage of other data (ePD) with regard to data subjects.

Table of Contents  [+show] [–hide]

  • How consent mode works
  • The gtag() call
  • Restrict advertising storage
  • Redact advertising data
  • Restrict analytics storage
  • What happens when consent is updated
  • URL passthrough
  • Summary
  • Much of this guide revolves around how to set this up in Google Tag Manager, but the overview of the feature applies to implementation using the Global Site Tag (gtag.js) as well.

    Disclaimer: This article is a technical overview of how consent mode works. You need to align the implementation with whatever laws and regulations apply to your organization and the users that visit your site(s).

    Make sure you read the official support documentation as well as the developer guide to get up to speed.

    First of all, consent mode is not a consent management solution. For consent mode to be effective, you need to already have a system or solution in place for collecting and resolving the user’s consent with regard to the data being collected on your site.

    Consent mode has two variants. There are the default settings the page will use while waiting for the user’s consent status to be resolved. Then there are the updated settings that are sent as soon as consent has been resolved.

    Default settings should be established as early as possible in the page load. Ideally, you’d add a new gtag snippet to the top of the page template, and establish the default consent settings in that snippet.

    Note! You do not have to be using gtag.js to deploy consent mode. The API just happens to be the global gtag() method, but it works fine with Google Tag Manager’s tags.

    When Google’s tags fire, they will check the consent status from the default settings and act accordingly.

    Once you’ve established the user’s consent, you can call the update command. This lets you change (or keep) the status of advertising storage and of analytics storage.

    The gtag() call

    As mentioned above, consent mode utilizes the gtag() API. This, in turn, pushes the information into dataLayer for Google Tag Manager to utilize.

    Here’s what the default snippet would look like. Remember, ideally this would be positioned at the top of the page. You can also fire it through Google Tag Manager using a Custom HTML tag or a custom template, but in that case you must make sure that it fires before any Google tags fire.

    window.dataLayer = window.dataLayer || [];
    function gtag() { window.dataLayer.push(arguments); }
    gtag('consent', 'default', {
      ad_storage: 'denied',
      analytics_storage: 'denied',
      wait_for_update: 500,
      region: ['US-CA', 'FI']
    });
    

    The gtag() command above sets default consent settings for visitors from California (US-CA) and Finland (FI) to deny access to advertising and analytics storage. For these users, only cookieless pings will be sent to Google servers. There’s also a wait time of 500 milliseconds before any Google tags are allowed to fire, to give time for the update command to be invoked.

    The region parameter is only relevant in the default command, as by the time you run update you should know whether to enable or disable storage for the current user regardless of where they are from.

    Once you’ve established the user’s consent choices, you can execute the update command. In the following example, the user has given storage access for analytics tags but has denied access to storage for advertising scripts.

    gtag('consent', 'update', {
      ad_storage: 'denied',
      analytics_storage: 'granted'
    });
    

    You don’t have to provide ad_storage again, as it was already denied in the default settings. However, I recommend to explicitly include them in the update command as well to make sure mistakes don’t lead to storage being used when the user hasn’t opted in to such a thing.

    Restrict advertising storage

    To restrict advertising storage, you need to call the default or update command and set the value of ad_storage to 'denied' in the consent object.

    When advertising storage is restricted, here’s what happens:

  • No new advertising cookies are written. This means that if the URL has the gclid from a Google search ad click, for example, it will not be written in a first-party cookie.
  • No existing advertising cookies may be read. If there already was a cookie with a click identifier, this would not be used by or sent with the tags.
  • Third-party cookies are solely used for spam and fraud detection. If there already are cookies written on, for example, doubleclick.net, they would be included in the request (assuming the browser doesn’t block third-party cookies), but Google says it will only use them for spam and fraud detection.
  • Google Analytics will not read or write advertising cookies, nor will it use them for Google Signals.
  • IP addresses are used solely for geolocation. They are not collected by Google Ads or Floodlight tags. Google Analytics does collect them, but you can opt in to IP anonymization.
  • The full page URL is collected with possible click identifiers. If the current page URL has click identifiers, they are sent to the advertising and analytics platforms with the current page URL.
  • Redact advertising data

    You can increase the fidelity of advertising storage restrictions by additionally calling the following gtag() API:

    gtag('set', 'ads_data_redaction', true);
    

    Consent

    This only works when you set ad_storage to denied.

    When you do this, the following additional restrictions will apply:

  • Advertising hits will be routed through a new cookieless domain. Instead of routing them to doubleclick.net or google.com, the requests are sent to googleadsyndication.com, which will not have any cookies set on it.
  • Ad click identifiers will be redacted from advertising requests and consent pings.
  • Page URLs with click identifiers will be redacted. Note that Google Analytics will still collect the full page URL with click identifiers in place.
  • Consent

    Restrict analytics storage

    If you choose to restrict analytics storage by setting the value of analytics_storage to denied in the consent object, Google Analytics will not be able to read or write first-party cookies.

    This means that all hits that fire before the user reloads or navigates to another page will have the same client identifier (because it’s stored in a global variable). However, as soon as the user navigates away from the current page or reloads the page, a new client identifier will be sent with the hits on this new page load.

    In other words, Google Analytics will not read or write the _ga cookie (even if one already exists). Instead, it will use an ephemeral identifier that exists solely for the duration of the current page load.

    Importantly, restricting analytics STORAGE will not prevent hits to Google Analytics from being sent. The consent mode setting solely prevents Google Analytics from storing data in or reading data from browser cookies (or other storage).

    Update 7 October 2020: It looks like even though the hits are being collected by Google Analytics, they’re not actually surfaced in the reports (apart from Real Time). We’ll see if Google uses this data to model behavior out of the cookieless pings at some point, but for now you can ignore the warning below.

    Data collected like this will mess up your Users and Sessions counts and should be isolated to its own Google Analytics property. It’s thus a good idea to push something to dataLayer to reflect the consent status, so that you can use this to redirect the hits to a new web property and not mess up your data.

    If you send the update command, you will be able to either deny or grant advertising and analytics storage access to all Google tags regardless of region.

    Consent

    If you deny storage access, then any tags that fire after the update call will be restricted as described in the previous chapters.

    If you grant storage access, then tags will have full access to storage. If you grant access to advertising storage, then any ads data redactions you might have established will no longer apply.

    In addition to this — as soon as you run the update command and grant access to advertising storage, all advertising pings that might have already fired without storage access will fire again. Thus cookies will be written and read, and the requests will be routed through domains that can carry third-party cookies as well.

    URL passthrough

    If you’re using gtag.js, you can toggle URL passthrough on. It checks the current page URL for advertising parameters (gclid, dclid, gclsrc, _gl), and adds them to all internal link URLs the user might be clicking through.

    It’s a useful feature to have in case consent is granted outside the landing page, but it does lead to URL pollution and can mess up sites where functionality is based on a strict set of URL parameters (especially beyond obvious landing pages).

    The command looks like this:

    gtag('set', 'url_passthrough', true);
    

    For this to work, the site must load a gtag.js library, so just using the gtag() API will not work.

    If you’re using Google Tag Manager, you can achieve the same functionality by using the cross-domain linking capabilities of the Conversion Linker tag.

    Summary

    First of all, remember that consent mode is a beta feature. It’s likely to change before it’s officially out of beta (at which point I’ll update this article accordingly).

    Nevertheless, it gives you a nice way to control storage especially with advertising tags. You’ve already been able to control Google Analytics storage with the storage tracker setting, but now it’s also configurable via this gtag() API.

    It’s important to note that consent mode mostly applies to storage access and doesn’t actually block any requests. I’m certain there will be debate about whether this is enough or not. However, especially in the European Union the laws seem to be rather clear that as long as the nothing is stored (or read from storage), and as long as only ephemeral identifiers that can in no way be linked back to a natural person are used, this approach should be good enough.

    You will need to trust Google on the ad_storage bit, though. Google promises they won’t use third-party cookies for other than spam and fraud detection, but this is difficult to audit.

    Similarly, consent mode only covers the identifiers that we know about. There might be data leaks, intentional and unintentional, in requests to Google that allow far more data controlling options than the user has opted in to.

    Still, I think any effort taken by Google to improve security and privacy control over their services is welcome. It’s just important that this doesn’t lead to complacency, though. Just because Google offers it natively doesn’t mean you can abandon due diligence in making sure that consent (and any other legitimate purposes) are observed and periodically audited.

    Related posts

    Provision

    admin

    Как 25 человек обманом убедили работать в несуществующей игровой компании

    admin

    It`s a Sony! Впечатления от ультрапортативного флагмана 20 лет спустя

    admin

    Leave a Comment