What is Google Consent Mode v2?
Google Consent Mode v2 is a sophisticated framework designed to bridge the gap between user privacy and the need for businesses to leverage valuable data for marketing and analysis. It acts as a crucial intermediary, ensuring that the collection and processing of user data by Google services like Google Ads and Analytics strictly adheres to user preferences and the evolving landscape of data privacy regulations.
For businesses implementing Google Consent Mode v2 offers significant advantages by ensuring compliance with stringent regulations like the GDPR and the DMA, businesses can mitigate the risk of hefty fines and legal repercussions and collecting data when users have explicitly consented, marketers receive a more accurate picture of user behavior and the most important part is that marketing tools obtain anonymized and modeled data, to be used with algorithms and AI, even if the user does not accept cookies.
In order to communicate the choices that users make on the Cookie Banner, Google has set the following consent types and storage types:
|
Consent Type |
Description |
|
ad_storage |
Enables storage (such as cookies) related to advertising. |
|
ad_user_data |
Sets consent for sending user data related to advertising to Google. |
|
ad_personalization |
Sets consent for personalized advertising. |
|
analytics_storage |
Enables storage (such as cookies) related to analytics e.g. visit duration. |
|
Storage Type |
Description |
|
functionality_storage |
Enables storage that supports the functionality of the website or app e.g. language settings. |
|
personalization_storage |
Enables storage related to personalization e.g. video recommendations |
|
security_storage |
Enables storage related to security such as authentication functionality, fraud prevention, and other user protection. |
*source https://support.google.com/tagmanager/answer/10718549?hl=en
Furthermore, consent has two basic timings: the default consent state that occurs only once when loading a single web page and the update consent state that can occur multiple times with the use of a web page.
The biggest configuration challenge of Google Consent Mode v2 on Google Tag Manager is to get the consent choices of users as soon as possible in the default consent state, both for official Google Tag Manager Tags related to Google Analytics 4 and Google Ads and for third-party tags that are loaded according to Google Consent Mode v2, in this article we will see how to do it by reading the cookie set by the CMP in order to obtain the consent status already during the default consent status for OneTrust CMP and CookieBot CMP reading the value of the cookie that records consent states and communicating it to Google Consent Mode v2.
Google Consent Mode v2 and Elevar: best practices with OneTrust
OneTrust CMP has decided to give the name OptanonConsent to the cookie that records the user’s consent, so we will have to create a Cookie type variable on Google Tag Manager
Now you need to obtain data from the cookie for every consent type, in this example I create a new variable configuration RegEx Table to obtain consent state for functionality_storage
According to OneTrust documentation
- Strictly necessary cookies ID C0001: the website needs these cookies in order to function properly (example: identify items placed into a shopping cart)
- Performance cookies ID C0002: get information about how site visitors are using the website (example: Google analytics)
- Functional cookies ID C0003: provide additional enhancement of the experience of site visitors (example: language selector for localization)
- Targeting cookies ID C0004: cookies that attempt to gather more information about a user in order to personalize marketing (example: remarketing)
- Social media cookies ID C0005: social media services added to the site that enable users to share content with their friends and networks easily
Be careful because the values from 0001 to 0005 can be associated with different types of consents so first check from your OneTrust configuration to which type of consent the number is associated and if you have problems understanding it contact OneTrust support. In my example configuration C0005 does not correspond to social media cookies as per documentation but to security_storage cloning the content of functionality_storage.
Also test carefully with GTM debugger the real association on the number and type of consent otherwise you risk configuring the Google Consent Mode v2 incorrectly.
After you have created ReGex variables for all consent types
go to Templates and search in the tag templates gallery Consent Mode (Google + Microsoft tags) by Simo Ahava (more info on https://github.com/gtm-templates-simo-ahava/consent-mode) and add it to GTM.
Create a new Tag with Consent Mode (Google + Microsoft tags) template
and trigger with Consent Initialization – All Pages
In the example I have intentionally unchecked Pass Ad Click Information Through URLs (url_passthrough) because it often creates incompatibilities with your CMS but if it does not create problems it is recommended to enable it, try to activate and test.
Remember to activate Enable consent overview in admin > container settings
With this trick the default consents of the cookie banner are defined immediately at the start of GTM and are passed to the third-party platforms (Google Analytics, Google Ads, Facebook Pixel, TikTok Pixel, Microsoft Ads etc) in the trigger Consent Initialization – All Pages unlike the CMP which instead passes this data in the consent update which occurs later and often too late causing tag activations to be lost.
I also recommend checking that the CMP Google Consent Mode v2 option does not override the settings of the newly created tag, in which case it will be necessary to disable some options by contacting the CMP support.
The last step is to create the tag for the consent update state: always with the Consent Mode (Google + Microsoft tags) template
best trigger for this tag is the custom event trigger OneTrustGroupsUpdated
but I prefer check consent update also in dom_ready and window_load custom events
and sometimes I also add user_engagement custom event.
Obviously the tags will have to be configured with the Google Consent Mode, for Google tags it will be necessary to set No additional consent required while for third-party tags such as the Facebook Pixel and its events Require additional consent for tag to fire like this example
Request Tracking
Google Consent Mode v2 and Elevar: best practices with Cookie Bot
Cookie Bot CMP has decided to give the name CookieConsent to the cookie that records the user’s consent, so we will have to create a Cookie type variable on Google Tag Manager
Now you need to obtain data from the cookie for every consent type, in this example I create a new variable configuration RegEx Table to obtain consent state for analytics_storage
After you have created ReGex variables for all consent types
On this example I’ve created only for analytics_storage and ad_storage but you can obtain other consent states to the cookies.
After go to Templates and search in the tag templates gallery Consent Mode (Google + Microsoft tags) by Simo Ahava (more info on https://github.com/gtm-templates-simo-ahava/consent-mode) and add it to GTM.
Create a new Tag with Consent Mode (Google + Microsoft tags) template
and trigger with Consent Initialization – All Pages
In this example I’ve forced personalization_storage, functionality_storange and security_storage but you can obtain values from CookieConsent cookie, create RegEx and implement dynamic state.
In the example I have intentionally unchecked Pass Ad Click Information Through URLs (url_passthrough) because it often creates incompatibilities with your CMS but if it does not create problems it is recommended to enable it, try to activate and test.
Remember to activate Enable consent overview in admin > container settings
With this trick the default consents of the cookie banner are defined immediately at the start of GTM and are passed to the third-party platforms (Google Analytics, Google Ads, Facebook Pixel, TikTok Pixel, Microsoft Ads etc) in the trigger Consent Initialization – All Pages unlike the CMP which instead passes this data in the consent update which occurs later and often too late causing tag activations to be lost.
I also recommend checking that the CMP Google Consent Mode v2 option does not override the settings of the newly created tag, in which case it will be necessary to disable some options by contacting the CMP support.
The last step is to create the tag for the consent update state: always with the Consent Mode (Google + Microsoft tags) template
best trigger for this tag is the custom event trigger cookie_consent_update
but I prefer check consent update also in dom_ready and window_load custom events
and sometimes I also add user_engagement custom event.
Obviously the tags will have to be configured with the Google Consent Mode, for Google tags it will be necessary to set No additional consent required while for third-party tags such as the Facebook Pixel and its events Require additional consent for tag to fire like this example
Conclusions
In conclusion, implementing Google Consent Mode v2 and obtaining consent from cookies allows you to correctly configure Google Consent Mode v2 improving the performance of marketing campaigns by sending more precise data to advertising platforms and helps make data collection compliant for analytics and marketing.