What is Google Consent Mode? Implementation guide

Learn how implementing Google Consent Mode v2 with a Google-certified CMP can help you balance user privacy and effective data collection to achieve and maintain privacy compliance while optimizing your marketing efforts.
Resources / Blog / What is Google Consent Mode? Implementation guide
Published by Usercentrics
14 mins to read
Jul 22, 2024
Start scan

Google requirements for its customers in 2024, including the use of Consent Mode v2, introduces yet another layer to an already tall stack of user privacy requirements. This can be daunting for businesses that need to comply but don’t necessarily have a significant amount of time, money, or expertise to invest in doing so.

Fortunately, many of Google Consent Mode’s requirements overlap with those of the General Data Protection Regulation (GDPR), Digital Markets Act (DMA), and others, so meeting its criteria can move you toward privacy compliance with multiple regulations.

Adhering to the rules set requiring the use of Google Consent Mode will help ensure that you can still collect and use valuable customer data and retain access to all of the Google services features your business relies on, while operating with transparency and building trust with your users.

This in-depth guide will help you better understand what Google Consent Mode is, what Google’s requirements mean for your business, and how you can best meet those requirements in a way that enables your continued success.

The latest version of Google Consent Mode was designed to enable websites to communicate users’ cookie consent choices to various Google tags that help measure website and advertising performance.

The tool was initially used primarily for anonymized data tracking. However, its intent and use have evolved, and today Google Consent Mode v2 functions more as a signaling tool.

“Google Consent Mode allows websites to adjust the Google tag behavior based on user consent for ads and analytics, ensuring compliance with laws like the DMA. It dynamically manages data collection, using signals that can employ data modeling to fill gaps when consent is denied. Let’s use the cookie banner as an example: When a user visits a website, a cookie banner asks for consent to use cookies and based on the user’s choice, Consent Mode will adjust the behavior of Google tags”

Following the latest updates, website operators can continue to meet compliance requirements, integrate systems, and respect users’ consent choices automatically with a consent management platform (CMP) like Usercentrics CMP, which comes with Consent Mode integrated, or directly with the global site tag (gtag.js) or Google Tag Manager (GTM).

A user’s consent choices, recorded in the CMP, determine whether Google collects and processes their full data or anonymized data that can’t personally identify them.

One of the primary reasons to use Google Consent Mode v2 is to achieve or maintain compliance with global data privacy regulations, including the General Data Protection Regulation (GDPR).

The Digital Markets Act (DMA) only requires designated “gatekeepers” like Alphabet (which owns Google) to comply, but in order to do so the company needs to require the business customers using their services, and collecting users’ personal data, to also meet compliance requirements.

“The biggest adjustments are the additional storage types for more granular advertising options regarding whether user data can be used for advertising purposes. The more granular options support Google’s conversion optimization and with that monetization through ads in general”

User consent and online ads

User consent is a necessity for online advertising under many global privacy regulations, as it allows you to compliantly gather user data and use it to promote your product to customers who are already in your marketing funnel.

The data you collect enables you to deliver relevant, personalized ads to users to enhance their interactions with your brand and increase the effectiveness of your campaigns.

With the proper implementation of Google Consent Mode v2, you can ensure that your users have full control over their data and how it’s used across digital spaces. This will help you to build trust with your customers, making them more inclined to trust you with their data and personalization actions, while helping to enable compliance with data privacy regulations like the GDPR, DMA, and others.

What services does Google Consent Mode v2 support?

Google Consent Mode currently supports the following Google services:

  • Google Analytics 4 (GA4)
  • Google Ads (Google Ads conversion tracking and remarketing)
  • Floodlight
  • Conversion Linker

It’s a simple, convenient customization tool and another way to stay one step ahead of evolving legal and technology needs for data privacy compliance.

Google Consent Mode has a multitude of features that can bolster compliance efforts and enhance your business operations. Here are some of its key advantages:

  • Establish a competitive advantage: Get an edge over competitors that are still grappling with outdated tracking methods and embrace privacy-led marketing.
  • Future-proof operations: Adapt to evolving data privacy regulations and business requirements and implement data- and consent-driven marketing strategies.
  • Optimize consent rates: Collect data for advertising and gain conversion insights from all users — even those that don’t provide consent — to optimize operations.
  • Build transparency and trust: Provide clear information about privacy law requirements and data usage to build and maintain user trust.
  • Collect data dynamically: Move toward consent-based data collection to respect user privacy without affecting the efficacy of your advertising business model.
“It is important because without Consent Mode website operators’ tracking capabilities will be highly limited by Google. But there is not just a downside: Google also provides the upside of using AI to recreate conversions and therefore making analytics and advertising possible, even without full consent.”

Google tags are loaded onto web pages before the cookie consent banner appears, so Google Consent Mode enables websites to dynamically adjust the behavior of these tags once a user allows or rejects cookies. Measurement tools will only be used for specifically determined purposes if the user has given consent.

Google Consent Mode features two tag settings to manage cookie behavior based on user consent choices:

  • analytics_storage: determines how analytics services (e.g. GA4) behave
  • ad_storage: determines how ad services (e.g. Google Ads) behave

Google Consent Mode v2 introduced two additional tag settings that are based on the same trigger as ad_storage:

  • ad_user_data: controls whether personal data is sent to a Google service
  • ad_personalization: controls whether data can be used for ads personalization (e.g. remarketing)

Website owners can also leverage conversion modeling to gather insights from anonymized data collected from users who reject cookies. This feature helps businesses gather essential data and marketing insights to fill in data gaps and understand user behavior without compromising on privacy.

A consent management platform can enable you to seamlessly collect user consent preferences and transmit them to Google services for further processing.

With Usercentrics CMP, you can automate detecting and categorizing all cookies and trackers in use on your site. Then with that information in the CMP user interface, users can accept all cookies, reject all (except strictly necessary cookies), or accept some cookies while rejecting others.

Users’ privacy preferences are maintained at every step, and companies still have access to sufficient information to maintain their ability to make data-driven decisions.

Find out how to meet Google’s EU privacy requirements

Download for free
Google CMP Partner

Basic vs advanced consent mode in v2

Google Consent Mode v2 introduces two levels of consent handling: Basic and Advanced. Each of these levels is designed to meet different operational needs and regulatory requirements.

Basic Consent Mode:

  • Simplified implementation: Easier to set up with minimal integration, making it ideal for small businesses or those new to consent management
  • Limited data: Supports essential data collection, focusing on enabling compliance with basic privacy regulation requirements
  • Little customization: Provides standard options for user consent without extensive customization capabilities, which is ideal for businesses with simple data collection needs

Advanced Consent Mode:

  • Comprehensive implementation: Requires more detailed setup and configuration, making it more suitable for larger businesses with complex data practices
  • Detailed data: Supports more granular data collection and processing based on detailed user consent preferences for businesses that need more in-depth analytics
  • High customization: Allows for tailored consent settings and greater control over data use that aligns with specific business needs and regulatory requirements, which is best for businesses that need to manage detailed consent scenarios

Google Analytics Consent Mode

Google Analytics Consent Mode for GA4 uses the analytics_storage tag to manage how GA4 cookies behave based on user consent.

When a user gives consent for analytics cookies, GA4 will collect full data from the user for statistical or analytical purposes.

Conversely, when a user rejects analytics cookies, GA4 limits the data it collects to information that can’t personally identify the user, including their browser or operating system and the referrer, or how the user came to the website.

Consent Mode for Google Ads

Google Consent Mode v2 uses the ad_storage tag to manage how Google Ads cookies behave based on user consent.

If a user gives consent for advertising cookies, Consent Mode for Google Ads will collect full data from the user for marketing or advertising purposes.

Where a user rejects cookies for advertising purposes, Google tags will not use advertising cookies and any Google Ads the user sees will not be targeted or personalized based on their data.

Read next: Google Ads, GA4 and consent management

What is conversion modeling?

Data from cookies is useful to help website owners track and identify users, study user behavior on their website and see the effectiveness of their ad campaigns and messaging in converting users to customers, among other things.

When users consent to cookies, gathering comprehensive data becomes straightforward and makes precise ad targeting and data analytics easier. When users reject cookies, these are a little harder to do so since the data collected is restricted and anonymized, causing gaps in the analytics.

Google uses Machine Learning to fill in the gaps with conversion modeling. It studies data and trends from users who consented to cookies and estimates the behavior of users who reject cookies with the help of this data.

Conversion modeling helps ensure that businesses using Google Analytics Consent Mode data can still gain valuable insights and optimize their marketing strategies, even when full consent data is unavailable.

To maintain access to all of Google’s analytics and advertising services, you need to implement Google Consent Mode on your website if you’re doing business in the EU, UK, or Switzerland. There are two options for how you implement it.

The most straightforward solution is to use a CMP with Google Tag Manager. Another option is to have your tech team integrate it directly into your website with the Interactive Advertising Bureau’s (IAB) Transparency and Consent Framework (TCF 2.2).

Google Consent Mode and Google Tag Manager

Google Consent Mode can be integrated with Google Tag Manager in two ways, depending on whether the website owner uses a CMP.

  • With a CMP: Use the CMP’s Tag Manager template, which is integrated with the Consent API. This can be done from within Google Tag Manager itself, requires minimal coding, and saves website owners time and effort.
  • Without a CMP: Create a custom Tag Manager template, which requires coding knowledge and the help of a developer to build, implement, and update.

Once Google Consent Mode and Google Tag Manager are integrated, user consent choices in the CMP’s displayed consent banner are passed on to Google Tag Manager, which then governs how cookies behave for a user’s visit.

This integration helps ensure that all tags and tracking tools comply with user consent preferences to help businesses balance effective data collection and privacy compliance.

While integrating Google Consent Mode without a CMP allows for more flexibility, it demands more technical expertise and ongoing maintenance. Using Usercentrics CMP, on the other hand, simplifies this process by ensuring that user consent preferences are automatically communicated to Google.

Google Consent Mode v2 and the TCF 2.2

Google Consent Mode has been updated especially for websites where user consent is not obtained within the scope of the IAB Transparency and Consent Framework (TCF) with their CMP.

For companies actively using the IAB TCF 2.2, Google Tools will continue to read out and respect the IAB TC String. This means that all Google services, including Google Analytics and Google Ads, will honor the consent preferences specified in the String to help ensure that a user’s choices are applied across all integrated tools and services.

Leverage the TCF v2.2 for privacy compliance, revenue growth and great cross-platform user experience with Usercentrics CMP

Learn more

How to implement Google Consent Mode with the Usercentrics CMP

Implementing Google Consent Mode with the Usercentrics CMP solution as an alternative to prior blocking can be done in a single step. Existing customers and those with custom Data Processing Services should note the additional information below.

✔ Adjust the existing Google Tag Manager code by adding a few lines of code above your Google Tag Manager tag.

✔ If you are an existing customer, ensure the Google Consent Mode option is toggled ON in the Usercentrics Admin Interface.

✔ For new customers, Google Consent Mode is ON by default.

✔ If you have custom Data Processing Services, use the Usercentrics CMP events to signal the consent status via the Consent Mode API.

There is also a convenient feature that automates the process of enabling Google Consent Mode in Usercentrics CMP. Get it up and running in two easy steps.

Integrate Google Consent Mode v2 with Usercentrics CMP to collect valid user consent from EU/EEA users and adhere to Google’s user consent policy.

Learn more
Google CMP Partner

Google Consent Mode does not replace a CMP; it serves as a link between the CMP and Google services. This has become increasingly important since enforcement of the Digital Markets Act (DMA) began in the EU in March 2024, and the gatekeepers have levied stricter requirements on their business customers.

With Google (via parent company Alphabet) designated one of the seven gatekeeper companies under the DMA, to ensure end to end privacy compliance in its business ecosystem, third-party customer companies using Google services will need to achieve valid privacy compliance and signal consent to tracking, particularly for advertising purposes.

Google Consent Mode is an integrated tool that enables Google services to run on websites based on the types of consent collected from website users, without requiring Google to have direct access to personal data or denying companies access to information they need to drive conversions.

However, obtaining user consent remains the website operator’s responsibility, and Consent Mode doesn’t work as a standalone. With the help of a CMP, you can collect granular user consent for all cookies and tracking technologies in use on the site in accordance with the GDPR and other data privacy laws.

By pairing the Consent Mode API with the Usercentrics CMP, websites can indicate if the user has given consent for cookie usage related to analytics, advertising, or both. The supported Google tags will respect this signal and adjust their behavior accordingly, only using cookies if consent was granted for the specific purposes.

For example, if the website user decides to reject the use of cookies or trackers for certain marketing technologies, Google Consent Mode will react based on this consent status and will only display purely context-based advertising to that person on the website, without any personalization. This enables companies to meet regulatory requirements while still respecting users’ privacy choices.

Data privacy laws like the GDPR, Brazil’s LGPD, and more provide individuals online with protection and control over their personal data, who has access to it, and how it’s used. As technologies evolve, the average person creates more and more data online every day.

Laws like the GDPR require prior consent for access to and processing of that personal data, which can reveal a great deal about individuals — some of the information being quite sensitive. Without consent, people’s privacy could also be violated without their knowledge for the benefit of companies using their data.

This way, businesses can still obtain and use personal data, and in many cases do so to create better experiences for their customers, but only with individuals’ consent, and only within the parameters of what those people have agreed to or the law allows.

Learn more: 7 Criteria for GDPR-compliant consent

Consumers are also increasingly aware of the value of their data, their rights, and the collection and use of their data online by companies.

This means that companies that want to build and retain user trust and develop long-term engagement must give users choices around whether or not to be tracked using transparent, user-friendly notices about their privacy compliance and data collection practices, as well as employing compliant consent mechanisms.

Proactively embracing consent-based marketing helps protect companies’ revenue and brand reputation while helping to future-proof growth and helping them to get ahead of their competitors.

The future of digital marketing includes a focus on driving revenue by optimally leveraging technologies that address companies’ responsibilities and serve users’ needs. In an era when consumers have more and more choices and the ability to leave companies that don’t provide great experiences, companies can no longer rely on dominant market positions or limited alternative options.

Companies can evolve their marketing efforts with smart, data-driven decisions by using tools like Google Consent Mode v2 and integrating them with a robust CMP to help ensure compliance and use data effectively.

According to Google, if a user doesn’t provide consent to tracking via G4A (analytics_storage: denied), all data will be anonymized. Google will not collect any personally identifiable information when a user has denied consent, so the data will be captured without a client ID and recorded in aggregated form.

Additionally, if the placement or reading out of advertising cookies is prevented (ad_storage: denied), the main processing purposes for which user consent is usually obtained will no longer be active. This helps to ensure that any data collected is not used for personalized advertising, in line with the GDPR’s requirements.

Can these technologies be used without user consent?

Anonymized data — like the information that Google tags collect when a user rejects tracking — is not considered to be personal data under the GDPR and therefore can be used without consent.

Here, it’s important that website operators ensure that users are able to easily reject tracking and also guarantee that data collected after this rejection:

  • cannot be used to identify a user
  • is not forwarded to third parties to be used for their own purposes
  • is not forwarded to servers in third countries

Google Consent Mode v2 ensures that if a user denies consent, only non-identifiable information is collected. Data is anonymized and aggregated to provide a generalized view of user behavior rather than specifics. Plus, the tool prevents the transfer of data to third parties and countries, unless express consent is given.

These factors help to ensure that Google Consent Mode v2 complies with the provisions of the GDPR, enabling companies to collect data from anonymous users even without consent.

Learn why a Google-certified CMP like Usercentrics is essential for serving ads in the EU and EEA.

Learn more
Google CMP Partner

With valid consent collection from website users, advertisers can continue to optimize opt-ins, measure conversions, and retrieve analytics insights with Google Consent Mode v2 while achieving and maintaining GDPR compliance.

Google Consent Mode seamlessly combines the protection of users’ data with companies’ and the advertising industry’s interests, so you can collect customer data to enhance your marketing efforts while protecting user privacy.

The simplest way to obtain granular, GDPR-compliant user consent for the use of cookies and other tracking technologies is via a CMP.

Usercentrics CMP gives users granular control over their data privacy preferences via a brand-aligned consent notice, helping you to comply with major privacy regulations while building customer trust.

A flexible solution to optimize consent rates and comply with ever-changing regulations

Learn more

Frequently asked questions

Is Google Consent Mode v2 mandatory?

Although it’s not mandatory, businesses that rely on Google services, like Google Analytics 4 and Google Ads, will need to implement Google Consent Mode v2 if they do business in the EU, UK, and Switzerland, collect users’ personal data, and want to maintain access to all functions of Google’s services.

Google’s guidelines are designed to ensure that the company is able to comply with the stringent requirements of the Digital Markets Act (DMA) and the GDPR, via its own EU user consent policy. This includes obtaining prior consent (opt in) from users if they plan to collect or process any of those users’ data.

Implementing Google Consent Mode will enable your business to continue gathering valuable insights from your users while staying on the right side of data privacy laws.

How do I know if Google Consent Mode is implemented on my website?

Most web teams likely know if Google Consent Mode has been implemented. However, in the event that you’re inheriting an existing web setup, you can use Google Tag Assistant to check the status of Google Consent Mode on your website.

Open a page on your website in Tag Assistant and browse as a website visitor. Navigate to the Tag Assistant window, click on a page or message, and select the Consent tab.

If Google Consent Mode is implemented, you will see consent status for the ad_storage and analytics_storage tags. If it isn’t implemented, you will see a message that says “Consent not configured.”

Do I need a consent management platform to use Google Consent Mode?

Google Consent Mode isn’t a standalone tool, so using it integrated with a CMP will simplify the process of bringing your data collection practices in line with Google’s requirements.

A CMP integrates with Google Consent Mode to automate the collection, management, and signaling of user consent preferences to enable adherence to major data privacy regulations like the GDPR and Google’s requirements for its business customers.

Using a CMP simplifies the implementation of Google Consent Mode and enables you to easily customize consent management of the Google services you use, and the consent notices on your website, helping you to achieve compliance, protect ad revenue, and maintain a strong brand to build trust with your customers.

How is Google Consent Mode used for Digital Markets Act compliance?

Because the DMA requires the designated gatekeepers to obtain prior consent (opt in) from consumers for access to their personal data, companies like Google need to ensure that they, and the companies that rely on their platforms, collect, manage, and signal valid consent from European, UK, and Swiss users. For Google’s platforms and services, third parties can use Google Consent Mode for that signaling, combined with a CMP to obtain the consent information that is signaled.

Companies that implement a consent management platform (CMP) like Usercentrics CMP have Google Consent Mode built in and available by default, which makes it easy to collect, manag, and signal consent in a way that’s compliant with regulations.

Signaling valid user consent to Google and enabling continued access to their services (and the revenue they generate) is also streamlined.

Do I need Google Consent Mode to be GDPR-compliant?

Google Consent Mode itself isn’t necessary for GDPR compliance. That said, it is a valuable tool that can help your business fulfill the requirements set out by the regulation.

Golden Gate Bridge
Sep 19, 2024
In effect since January 1, 2020, the California Consumer Privacy Act (CCPA) was the first US state-level consumer privacy law. It established consumers’ rights, set obligations for businesses, and influenced subsequent privacy regulations in other states.
Utah Consumer Privacy Act
Sep 17, 2024
The UCPA provides rights to consumers and places responsibilities on businesses to protect consumer data and use it compliantly. We explore its key provisions and what they mean for both consumers and companies.
Woman holding phone
Sep 2, 2024
Usercentrics CMPs have earned Google’s Gold Tier certification for CMP Partners. In addition to meeting Google’s stringent standards for CMP Partner certification, Usercentrics has also met additional high standards of quality, reliability, and user-friendliness.