Changing Privacy Regulations and What to Do with Google Tags – Consent Mode

**Important – The information covered in this article is not intended to be legal advice or counsel. You should not act or refrain from acting on the basis of any content included in this article regarding legal compliance without obtaining appropriate legal guidance. The contents of this article contain general information related to various laws and regulations, but may not reflect your current situation. In addition, applicable laws and regulations regularly change. This is particularly true with respect to data privacy laws and regulations. Therefore, any laws and regulations described or otherwise referenced in this article may not be current when you read the article or even at the time of publication. We disclaim all liability for actions you take or fail to take based on anything in this article. Any action you take or any action you refrain from taking based on the information in this article is entirely at your own discretion and risk.**

As the industry continues to deploy and transition to Google Analytics 4 (GA4), Google has been actively enhancing its privacy-centric features. One of these improvements, Consent Mode, not only holds value for organizations but may also become a global requirement for leveraging Google products moving forward. While Google has not officially announced this requirement, discussions in partner forums and support article documentation suggest that Consent Mode will be mandatory for organizations with visitors from the EEA region in Europe. Using Consent Mode would likely be required to aid in Google’s compliance requirements under the European Digital Markets Act (DMA) in 2024. 

In this blog post, we aim to provide proactive insights into this possible requirement and shed light on the benefits of Google Consent Mode.

What Is Google Consent Mode? 

Google Consent Mode is a method that allows Google tags to communicate and respect the consent preferences of consumers. It does so by passing an additional parameter within Google tags, such as Google Ads, Floodlights, and GA4. Based upon the Consent Mode indication, Google tags will modify their behavior in line with the consumer’s consent choice. It works in conjunction with your consent management platform, rather than replacing it.

Addressing Consent Requirements

Google Consent Mode was first introduced in September 2020 as a means of addressing measurement challenges resulting from the ePrivacy Directive and related cookie laws. This has evolved due to GDPR and DMA requirements for Google to document and add controls around the processing of personal data for advertising use cases. Consent Mode is now a means of indicating to Google what data and for what purposes they can process the data sent to Google Analytics and Ads platforms. The introduction of Consent Mode V2 in November 2023 added additional parameters to facilitate these requirements. 

At minimum, beginning in March 2024, organizations collecting data from users in the EEA will need to implement the “basic” version of Consent Mode to ensure signals related to the consumer’s consent selections are sent to Google. Without at least the “basic” version of Consent Mode implemented, it is likely that no data will be able to be used for advertising use cases (audience creation and targeting) across Google products. 

Addressing Data Collection Challenges

One of the key challenges organizations face is when European consumers do not provide consent for the setting of cookies and/or the processing of personal data for analytics and advertising purposes, resulting in a complete halt in data collection. The “advanced” implementation of Consent Mode addresses this issue by modifying the tag behavior of GA4 tags to collect core interaction data without the use of cookies or user identifiers. Instead of storing cookies when consent is denied, the GA4 tag will instead collect anonymous interaction data and utilize conversion and behavioral modeling techniques to fill in data collection gaps. This ensures the continued collection of core interaction data while adhering to privacy regulations.

Implementing Google Consent Mode

Deploying the “basic” implementation of Google Consent Mode should have minimal impact on your data collection architecture. It simply passes an indication of the user’s consent preferences whenever Google tags fire. With this implementation, Google tags only load and send data for users who have consented. The setup process is straightforward for websites, and the lift is minimal. For mobile apps, the implementation may require a few additional lines of code, but it is still manageable.

Deploying the “advanced” implementation of Google Consent Mode requires Google tags to load and send data for all interactions, regardless of the consumer’s consent selection. In this scenario, for consumers who have not consented, only anonymous and cookieless interaction data is collected. This architecture requires the same Consent Mode configuration as the “basic” implementation, along with the removal of consent condition logic from Google tags/pixels. Deploying the “advanced” implementation often requires discussions about implications with the legal and privacy teams and likely updates to disclosures for consumers. 

Advanced Features and Modeling Capabilities

Google Consent Mode enables many advanced features and modeling capabilities within Google Marketing Platform products once implemented. Advanced features available will depend upon which Google platform is in use and which architecture type (basic or advanced) of Consent Mode is implemented.

“Basic” Consent Mode architecture enables:

• Advertising features to be used
  • Google Analytics
• Conversion Modeling
  • Google Ads & Google Analytics

“Advanced” Consent Mode architecture enables:

• Advertising features to be used
  • Google Analytics
• Conversion Modeling (improved)
  • Google Ads & Google Analytics
• Behavioral Modeling 
  • Google Analytics

What You Need to Know and Action to Take (Particularly by March 2024)

• In March, DMA will come into force, which means organizations with visitors in the EEA region will need to adopt Google Consent Mode to use data for advertising use cases. It is likely this will become a global requirement by the end of 2024 for all measurement use cases as well.
• Google Consent Mode does not replace any existing consent management platforms, but works alongside them. Consent Mode is a way to register the preferences users have made when they consent to various processing activities by platforms like Google Ads, Floodlights, and GA4. 
• “Basic” Consent Mode enables conversion modeling for improved conversion reporting in Google Analytics and Ads.
• “Advanced” Consent Mode additionally enables behavioral modeling in GA4 to help fill observability gaps resulting from consumers that do not consent to the setting of cookies and the processing of their personal data. 
• For websites, the lift for Google Consent Mode is minimal, while for Mobile Apps it is slightly more, but still achievable by only adding a few lines of code. 
• Advanced features and modeling can also be enabled with Google Consent Mode, but the architecture requirements often require additional compliance discussions.

Google Consent Mode is an essential privacy-centric solution that organizations should consider, especially in light of potential future requirements. By implementing Consent Mode, you can ensure the continued collection of data across Google Marketing Platforms to help facilitate measurement and advertising use cases. If you have any questions or need assistance with implementing Consent Mode, please reach out to our team.