I will summarize it for you because we have already explained in this post the main differences between GDPR vs ePrivacy Regulation.
Basically, GDPR consists of “anonymizing” and protecting our users’ data. ePrivacy is about not being able to individually measure user navigation with any technology. Therefore, if you work with cookies, or with Google Analytics, if you are measuring individually, you are not ePrivacy compliant.
You can be GDPR compliant but your measurement tool is most likely not ePrivacy compliant.
GDPR & Google Analytics FAQs:
On Wednesdays, we host webinars where we share data and information on Sales Scalability and Web Analytics. Here’s a summary of the main questions we get asked by users.
- If I comply with GDPR should I ask for consent?
- Do I have to ask for consent for my Remarketing campaigns?
- Do I have to ask for consent if I work with anonymous userID?
- Do I have to ask for consent if I work with digital fingerprinting?
- Do I have to ask for consent to measure conversions?
- Do I have to ask for consent if I work with Server Side Tags?
- Do I have to ask for consent if I work with Google Floc?
- Do I have to ask for consent if I work with a modeling system to calculate statistics?
If I comply with GDPR should I ask for consent?
Yes, you should ask for consent because even if you are GDPR compliant you will most likely not be ePrivacy compliant. That is why we recommend working with SEAL Metrics.
Do I have to ask for consent for my Remarketing campaigns?
Of course, you do, since remarketing campaigns work by measuring the user individually, ergo for ePrivacy you have to ask for it.
Do I have to ask for consent if I work with an anonymous userID?
Yes, you must ask for consent. Since the User-id is an id that identifies an individual user, you must ask for consent for ePrivacy.
Do I have to ask for consent if I work with digital fingerprinting?
Yes, you must request it. Digital fingerprinting is a technique that makes it possible to identify a device. This technique applied to web analytics allows measuring the interactions of a user’s terminal without the need for cookies. As the regulation says, regardless of the technology applied, it is not possible to measure a user individually; ergo it requires consent.
Do I have to ask for consent to measure conversions?
You do if you are going to do data aggregation to count conversions. I mean, I generated 30 sales yesterday and nothing else. You could work without consent. But what happens is that the reality is different. I’m sure you’ll see conversions by traffic source, campaign, keyword… In order to assign conversions to a traffic source you have to analyze it individually, and you know what the regulations say, it requires consent.
Do I have to ask for consent if I work with Server Side Tags?
Being able to measure from the webserver instead of from Google Analytics, for example, is a particularly useful technique to “skip” the adblockers or restrictive browsers or more wary of user privacy as is the case of Safari or Firefox among others.
Server-side tags mean that the Google Analytics pixel sets the cookie from the client’s domain instead of Google’s domain, so usually, it is not blocked.
In the end, what this technique does is measure in an individualized way, so it requires consent.
Do I have to ask for consent if I work with Google Floc?
Google Floc was a measurement process invented by Google in order to be able to “measure” where consent did not allow it.
That is, Google Floc consists of measuring a percentage of your visitors, creating cohorts or groups of users of 1%, 3% or 5% of your traffic. They model (as they say) from this information and calculate the total traffic between those accepting cookies and those in the cohort group.
The idea seems interesting but it doesn’t work, it requires consent anyway. ePrivacy does not say that you can measure cohorts, no matter how small they are, without consent. It says that whatever the case may be, if there is individualized measurement, it requires consent.
Do I have to ask for consent if I work with a modeling system to calculate statistics?
Yes, exactly the same as in the Google Floc example.