Google Consent Mode V2 Recommendations

Let me clarify my thoughts on Google Consent Mode v2 and other tracking techniques.

In user data and privacy context, it is unequivocal: if you measure a user individually, regardless of the technology used, consent is required. This is a fundamental principle in respecting user privacy and adhering to privacy laws.

So, if you’re tracking my behavior on your site with:

  • user-id
  • user-id-hashed
  • digital fingerprinting-id-hashed-encrypted
  • session-id
  • cookie-id
  • pings

You MUST ask me if I want to be tracked!

Google Consent Mode v2 represents an evolution in Google’s approach to tracking users. However, whether Google or any privacy-conscious competitor tracks my behavior on your site, even anonymously, you MUST ask for my consent to track. Let’s look closely at Google Consent Mode v2.

The enhanced conversion modeling, even without specific cookie consent, is a clever way to circumvent user preferences. This update, despite its technical advancements, underscores a broader issue: Google’s persistent efforts to track and analyze user behavior, often overshadowing genuine privacy concerns. Businesses adopting this mode should be wary of the implications it has on user trust and the ethical considerations of digital privacy.

Key Features of Google Consent Mode v2

  1. Additional Parameters:
    Google Consent Mode v2, with its new parameters ad_user_data and ad_personalization, ostensibly gives websites control over user data and personalized advertising. However, this control is superficial. These parameters still facilitate data collection for Google, often without transparent user consent. This approach undermines user privacy, as it prioritizes advertising needs over genuine consent, casting doubts on Google’s commitment to user privacy and the spirit of regulations like GDPR. The addition of these parameters appears more as a means for Google to maintain data dominance under the guise of compliance and user control.
  2. Better Integration with Privacy Directives, really?: Google’s claim that Consent Mode v2 aligns better with privacy directives like GDPR and the e-Privacy Directive is questionable. While it professes to ease compliance for companies by adjusting data collection based on user consent, this approach can be seen as a mere facade. It potentially allows for the continued collection of user data under the pretext of compliance, without fully respecting the essence of user privacy and consent as intended by these regulations. This raises concerns about the actual effectiveness of these measures in protecting user privacy.
  3. Enhanced Conversion Modeling: Google’s “Enhanced Conversion Modeling” in Consent Mode v2, which estimates user actions even without specific cookie consent, is concerning. It suggests a disregard for true user privacy preferences as it continues to analyze and extrapolate user behavior. While beneficial for businesses seeking insights, this practice undermines the principle of consent, treating user privacy as a secondary concern to data collection. This approach highlights a fundamental issue in Google’s privacy practices, where user consent is often sidestepped for the sake of data utility.
  4. Impact on Advertising and Analytics: Adopting Google Consent Mode v2 for Google Analytics is crucial for businesses using Google Ads in their advertising strategies, particularly in the European Economic Area (EEA). With its implementation, advertisers will be able to capture data about new EEA users after March 2024, significantly impacting the effectiveness of their advertising campaigns.
  5. Basic vs Advanced Implementation: Google Consent Mode v2’s two-tiered implementation – Basic and Advanced – is problematic. The Basic option restricts data collection without consent, but the Advanced option, by sending anonymous, cookie-less pings to Google, allows for continued data collection under the veil of anonymity. This undermines the concept of consent, as it essentially allows Google to continue gathering data, irrespective of user preferences. This distinction between Basic and Advanced implementations creates a false dichotomy between compliance and data collection, compromising user privacy.

Importance of the Update for Businesses

Google Consent mode v2 suggests a commitment to user privacy, but in practice, it may not adequately safeguard user data. Businesses are encouraged to adopt these new functionalities for compliance and advertising effectiveness, but this push overlooks the potential privacy compromises involved. It creates pressure to conform to Google’s standards, which may not align with the true intent of privacy regulations.

How will Google Consent Mode will help to Google Ads Conversion tracking?

The key to Google’s consent mode is:

How will Google Ads measure conversions when a user doesn’t want to be tracked?

This is where what they call “URL Passthrough” applies.

What is URL Passthrough?

It involves copying the parameter that Google indicates in the URL and dragging it during the user’s navigation. It’s a similar and less elegant method to what we do in SEAL Metrics.

Therefore, what Google Ads looks for to measure conversions is something like this: A user arrives at your website from Google Ads, the GCLID parameter appears in the URL, and as the user navigates the website, this GCLID parameter is dragged along. If this user converts, the conversion pixel looks for which GCLID it belongs to. Since there’s no cookie, because the user has rejected cookies, it searches for the GCLID in the URL. In this way, the conversion knows which GCLID it corresponds to, and Google Ads will know:

  • The campaign.
  • The ad group.
  • The ad text.
  • The keyword

that generated the click.

Is this URL passthrough legal?

The technology of dragging a parameter in the URL is legal and complies with privacy regulations. But here, the key is to know: What parameter is being dragged?

Dragging a user-id, session-id, or an ID that identifies a person or makes them identifiable (Examples of Personal Information); requires consent from the user.

Dragging the adin parameter of SEAL, which is a parameter that identifies marketing campaigns but not people, is legal.

Dragging a GCLID that identifies or makes a person identifiable by Google, would not be legal.

Check if you have set up correctly Google Consent Mode v2 in your site for FREE.