Skip to content

Multichannel ad campaigns: A deep dive into Google’s consent requirements for Campaign Manager 360 and Display & Video 360

The ability to seamlessly connect with audiences across various platforms is now a fundamental aspect of any marketer's playbook. But the rules are changing for businesses using Google Marketing Platform products, including Campaign Manager 360 and Display & Video 360.
Resources / Blog / Multichannel ad campaigns: A deep dive into Google's consent requirements for Campaign Manager 360 and Display & Video 360
Published by Usercentrics
4 mins to read
Mar 29, 2024

Google’s updates to Campaign Manager and Display & Video 360 are more than just routine enhancements; they’re a strategic move to align with evolving privacy standards by strengthening the enforcement of their EU user consent policy.

Understanding what changes for Google Campaign Manager 360 and Display & Video 360 platform users is pivotal for crafting effective and privacy-compliant multichannel campaigns. But what has changed and when does enforcement on new requirements start?

Google’s EU user consent policy is a set of guidelines that businesses must follow when they use Google services to collect data from users in the European Union (EU), European Economic Area (EEA), and the United Kingdom (UK).

The policy requires businesses to make clear disclosures to users regarding the collection, sharing, and usage of personal data, particularly for the personalization of ads. Another requirement is for websites and apps to collect users’ legally valid consent for the use of cookies or other local storage and for handling personal data for ad personalization, in line with the EU ePrivacy Directive and the General Data Protection Regulation (GDPR).

The policy also mandates that businesses retain records of consent and provide clear instructions for users to revoke their consent. Moreover, businesses must identify each party that may receive users’ personal data due to the use of Google products and offer prominent and easily accessible information about the use of this data.

Find out more about managing user consent in compliance with Google’s EU user consent policy

Read the deep dive on our blog

Listen to our Consented Podcast episode

Who needs to comply with the new requirements?

Google’s requirements and enforcement actions apply to data from:

  • Website owners: Tags that send data to Google.
  • App developers: SDKs that send data to Google.
  • Data uploads: Tools to upload data from non-Google sources, such as offline conversion imports or store sales.

What are the new requirements for businesses using Google Campaign Manager 360 and Display & Video 360?

To continue using personalization capabilities beyond March 6, 2024, advertisers using Campaign Manager 350 and/or Display & Video 360 who are targetting users in the European Economic Area (EEA) must collect end-user consent and pass consent signals to Google via their Floodlight tags.

Similarly to the requirements imposed to advertisers using Google Ads you must collect consent for use of personal data from end users based in the EEA and share consent signals with Google.

Read also: Implementing consent for Google ads personalization: A comprehensive guide to the Google Ads compliance alert

Begin by partnering with a Consent Management Platform (CMP) that’s part of Google’s CMP Partner Program, such as Usercentrics CMP for Web and Apps or Cookiebot Web CMP. This platform will assist in streamlining the user consent management process in a GDPR-compliant way across your digital properties.

Learn more about Google’s CMP Partner Program: What is a Google-certified consent management platform and why do you need one? Ad compliance requirements simplified

Usercentrics is a Google-certified CMP for Consent Mode V2

Usercentrics is a Google-certified Consent Management Platform (CMP) for Consent Mode V2. This means that Usercentrics enables website and app owners to efficiently signal consent information to Google and serve personalized ads to users who have consented, ensuring compliance with data privacy regulations such as the GDPR, ePrivacy Directive and the Digital Markets Act.

By implementing Usercentrics CMP on your website and/or app with Consent Mode V2 enabled by default, you ensure you can continue using Google’s measurement, ad personalization and remarketing features in 2024.

Step 2: Implement consent solutions: Consent Mode or IAB TCF v2.2

With the assistance of your CMP partner, implement Consent Mode or the IAB Transparency & Consent Framework (TCF) v2.2.

Consent Mode is a Google-specific solution that enables you to adjust how Google tags operate based on the consent status of users, particularly in relation to analytics and advertising.

IAB TCF v2.2 is a standardized framework by the Interactive Advertising Bureau Europe to facilitate the transmission of user consent choices to ad tech vendors.

These solutions will help you manage how your tags operate based on the consent provided by users, ensuring that you handle consent in a way that is recognized by Google and other ad tech providers, for broader compliance.

Step 3: Create a compliant consent banner

Work with your CMP partner to design and deploy a consent banner that meets local regulations and the EU user consent policy. This banner should be clear, transparent, and provide users with informed choices regarding their data privacy.

Step 4: Ensure Compliance Without a CMP

If you opt to collect consent without the aid of a CMP, verify that your existing consent banner is fully compliant with the EU user consent policy. It should accurately convey consent options to the users and respect their choices regarding personal data usage.

Step 5: Share consent signals with Google

Depending on the type of Floodlight tag you’re using, there are different methods to ensure that end-user consent is accurately signaled to Google:

  • For Google Tag or Google Tag Manager: Utilize consent mode or the IAB Transparency & Consent Framework (TCF) v2.2 to pass consent signals to Google. This can be done by reviewing and applying the next steps provided in Google’s documentation or support resources.
  • For iframe or image Tags: If you’re using iframe or image tags, you should use the TCF v2.2, or include the npa (non-personalized ads) and ltd (limited data usage) parameters to pass consent signals to Google.
  • For Floodlight GET/S2S requests: When making server-to-server (S2S) requests, you should include the eea (European Economic Area), ad_user_data, and npa parameters in your requests to pass on consent information.

It’s important that you regularly review the documentation provided by Google and ensure that your tags are updated to comply with the latest consent requirements and best practices.

Consequences of non-compliance

Advertisers who fail to comply with Google’s EU user consent policy by March 2024 will be unable to serve personalized ads, such as remarketing, in Campaign Manager 360 and Display & Video 360 for users in the European Economic Area (EEA).

Google has stated that failure to comply with its EU User Consent Policy could result in limitations or suspension of the use of Google products or even termination of the agreement. This presents a significant risk to the continued use of Google’s advertising platforms

Continue using Google’s measurement, personalization and remarketing features in 2024. Implement Usercentrics — Google-certified CMP for Consent Mode v2.

Start 30-day free trial

Frequently asked questions

What is Google’s EU user consent policy?

The EU user consent policy is a set of guidelines established by Google that mandates businesses using its services to collect data from users in the European Union (EU), European Economic Area (EEA), and the United Kingdom (UK) to make clear disclosures to users regarding the collection, sharing, and usage of personal data, particularly for the personalization of ads.

You can find more detailed information on Google’s dedicated pages below:

Why is GDPR user consent crucial for businesses using Google's Campaign Manager 360 and Display & Video 360?

GDPR user consent is crucial as it requires advertisers targeting users in the EEA to collect end-user consent and pass consent signals to Google via their Floodlight tags, ensuring compliance with the GDPR.

What is Google Consent Mode?

Google Consent Mode is a tool that enables websites to communicate users’ cookie consent choices to various Google tags that help measure website and advertising performance. The tool was initially used primarily for anonymized data tracking. However, its intent and use have evolved, and today it functions more as a signaling tool.

What is TCF v.2.2?

The IAB Europe’s Transparency & Consent Framework (TCF) v2.2 establishes industry standards for transparency and user consent regarding data collection for targeted advertising. Effective from 16 January 2024, publishers and developers who monetize their digital platforms through Google’s adtech products, such as Google AdSense, Ad Manager, or AdMob, are required to integrate a Google-certified consent management platform (CMP) that complies with TCF 2.2 for serving ads in the EU, EEA, or the UK.

How can you integrate with TCF v.2.2?

You can integrate with TCF v2.2 in one of the following ways:

What is Campaign Manager 360?

Campaign Manager 360 is an ad management and measurement system for advertisers and agencies. It offers a centralized tool for managing your digital campaigns across websites and mobile.

What is Display & Video 360?

Display & Video 360 helps teams execute digital advertising campaigns. Your team can create and manage campaigns, creatives, audiences, inventory, exchanges, Floodlight activities, and reports for all of the partners they’ve been given access to.

What is the difference between Campaign Manager 360 (CM360) and Display & Video 360 (DV360)?

Campaign Manager 360 (CM360) and Display & Video 360 (DV360) are both part of the Google Marketing Platform. CM360 offers a range of targeting options but may not have the same level of granularity as DV360 for programmatic and audience targeting. DV360 provides advanced audience targeting capabilities, including first-party and third-party data integration, allowing for more precise targeting in programmatic campaigns.

Do I need to take any action if I use Consent Mode but don't engage in personalized advertising?

No action is required if you’re already using Consent Mode and do not partake in personalized advertising, such as remarketing.

What should I do if I use Consent Mode and want to start using personalized advertising?

If you’re using a Google-certified consent management platform (CMP), it will automatically update to the latest version of Consent Mode. Ensure you coordinate with your provider to use the most recent update. If you manage your own consent banner, you need to implement Consent Mode v2.

I'm using TCF v2.2 with my consent banner. Is there any action I need to take?

Currently, no action is needed if you have a consent banner that uses TCF v2.2, as it already captures consent for ad personalization.

What if I have a consent banner but don't use Consent Mode?

To fully utilize Google’s advertising capabilities, you should implement Consent Mode. Enable it in your banner settings if you’re using a Google-certified CMP such as Usercentrics Web & App CMP. If you manually control when your Google tags load, not implementing Consent Mode may result in data loss due to unverified user consent choices.

What steps should I take if I don't have a consent banner and am not using Consent Mode?

It’s crucial to manage user consent. Set up a consent banner on your site, and if it’s from a Google-certified partner, ensure Consent Mode is enabled. If you’re creating your own banner, you’ll need to manually implement Consent Mode. Alternatively, enable TCF v2.2 for your Floodlight tags by adding window ['gtag_enable_tcf_support'] = true; to your global header tags.

What actions do I need to take if I’m using Customer Match partners to upload data for users in the European Economic Area (EEA)?

If you are using a Customer Match partner to upload data for users in the EEA, you’ll need to work with your Customer Match partner to ensure you are passing the required consent signals to Google.

What is the significance of the consent message for user tracking in relation to Google's EU user consent policy?

The consent message for user tracking is essential as it mandates businesses to obtain legally valid consent from users for the use of cookies or other local storage and for handling personal data for ad personalization, aligning with the EU ePrivacy Directive and the GDPR.

Feb 3, 2025
Norway’s data privacy protections have become stricter and in line with EU standards, with regulatory updates for cookie use taking effect as part of the E-Com Act (Ekomloven). We explore what the new rules are, how companies can comply with them, and what penalties are for violations.
Visual representation of adpaa, showcasing innovative data protection solutions for enhanced security and privacy.
Jan 31, 2025
The American Data Privacy and Protection Act (ADPPA), if enacted, would have established the first comprehensive federal data privacy law in the US. Learn about privacy requirements, enforcement mechanisms, and special obligations for large data holders.
Person looking at a smartphone with a concerned expression, hand on forehead. A warning icon is displayed on the image.
Jan 30, 2025
Privacy advocacy group noyb filed a complaint against social networking app BeReal for allegedly manipulating its users into consenting to specific uses of their data. Is consent by banner fatigue a violation of the GDPR? We look into the case.