Menu
Once upon a time, consent management was simple. If a user accepted consent, then tags were allowed to fire. But if a user declined consent, then tags were not allowed to fire. Full stop. Everything was straightforward and easily verifiable. Life was good and all were happy. Sure, cookie pop-up banners may have been annoying, but at least there was an easy way to check to see if organizations were correctly adhering to laws and respecting customer consent preferences.
But over time, for various reasons, in the United States, adtech companies chaffed. This “nuclear option” of simply blanket-disallowing all tags from firing meant that valuable user data was being left on the table! Troves of precious customer data that could be harvested to make millions upon billions was instead not being collected! This made adtech companies sad.
But America, being the land of 50 laboratories of democracy, soon charted a different course! Whereas in Europe, Brussels simply decreed: “Unless there is explicit user consent, you may collect NOTHING!” In America, starting in California, they created a new concept called a “Service Provider”. If a company considered itself a “Service Provider”, then it could still continue to collect data EVEN if the consumer declined to be tracked, as long as “the data collected was not for targeting or advertising purposes”.
This made the adtech companies happy! This clever carveout would allow them a mechanism by which to continue collecting the incredibly coveted consumer data! For instance: Consent Mode for Google tags is a great example of a vendor (Google) acting as a “Service Provider”. With Consent Mode enabled, organizations could still fire Google tags on their websites even when users declined consent. The Google tags would then collect behavioral information to understand how users were interacting with the organization’s site and how campaigns were performing without collecting customer data for targeted advertising.
But with this development, alas, for all the guardians of the land (like InfoTrust) that monitor websites, the task of verifying consent became a more complicated endeavor. Now, whether a tag fires is no longer indicative if the site is adhering to customer preferences. Instead, like so many things when money is at stake, it’s become a much more nuanced auditing procedure. Luckily, Tag Inspector can help! Here is one way Tag Inspector can be leveraged to verify if Google Consent Mode is properly set up on a website.
In the Tag Inspector “Tag Details” view, you can click on the “GA4” tag to see the Data Processing Parameters there are being set for the tag. Here for the site, the two values to examine are GCS and NPA:
When a user has granted consent, GCS is allowed to be G111 and NPA is allowed to be 0. Translated, this means Google is allowed to set both analytics and ads cookies and doesn’t need to serve “non-personalized ads” (NPA).
GCS stands for “Google Consent Status” (Source: Google):
NPA stands for “Non-Personalized Ads” (Source: Google):
However, if a user declines consent, then the GA4 results on that “Decline All” scan on this site now look very different:
Notice how “GCS” is now set to “G100” and “NPA” is now set to “1”. Meaning that while Google is allowed to fire the GA4 tag, it is no longer allowed to set ads or analytics cookies on the site. And since NPA (non-personalized advertising) is enabled, Google is now only allowed to deliver non-customized and non-targeted ads to the customer.
And this is just one example! As more and more tags grow increasingly sophisticated, it is no longer sufficient to simply check to see if a tag is or is not firing when a user accepts or declines consent. You will need to increasingly dive into the weeds to verify that the tag is configuring parameters correctly when it fires. Luckily, with a tool like Tag Inspector, this is an easy task!
If this piques your interest, reach out to your friendly Tag Inspector consultant today and we’d be happy to help!
Do you have questions about Google Consent Mode and Tag Inspector?
Our team of experts is here to help whenever you need us.