RubyLaw | As of March 6, Google Consent Mode is Required to Comply With EU Laws

As of March 6, Google Consent Mode is Required to Comply With EU Laws

Attention: Google Consent Mode, a regulatory compliance feature that allows you to communicate your users’ cookie or app identifier consent status to Google, is now required to comply with new EU laws.

Background: As one of the “gatekeepers” of the European Union’s Digital Markets Act (DMA), Google must comply with standards that went into effect on March 6. This, in turn, makes its Consent Mode feature requisite—particularly to marketers using Google to advertise in the European Union.

Google Consent Mode configures Google tags and scripts on third-party websites, modifying how they use each visitor’s data based on their consent status. At its core, it’s a compliance feature, similar to others intended to uphold the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CPRA, formerly the CCPA). Implemented within Google Tag Manager or Google Analytics 4, it places more privacy controls within the user’s hands by providing user consent preferences to websites.

It also enables website users to allow or deny consent from analytics and marketing cookies (and scripts) that gather user information. Version 1 of Consent Mode launched in November 2023; Version 2 is the latest iteration of Google’s Consent Mode, and adds new parameters to provide more user privacy controls around storing personal user data for ad personalization.

Websites can adopt Basic or Advanced Consent Mode. Basic Consent Mode doesn’t load Google tags by default; it only loads them and collects data after a user consents. Advanced Consent Mode loads Google tags when a user opens the website (or app) but also allows a website (or app) to set default consent for users.

Why this is important: As Google and other “gatekeepers” enact changes, the increasing enforcement of the DMA could impact your firm and should be considered within the scope of your team’s marketing strategy. A failure to prepare and respond could result in a significant gap in data capture for new users from the European Economic Area.

What can we do to be prepared?: We first recommend determining if these new regulations apply to you, and whether Basic or Advanced Consent Mode is best for your firm. Ensure that your Google Analytics 4 (Advanced) or Google Tag Manager (Basic) has enabled Consent Mode.

Then, verify, confirm, and update your cookie consent banner based on your firm’s interpretation of the regulations. Conduct an audit of all cookies on your site, and refer to our recent Client Alert on Google Tracking Protection for more insights on RubyLaw’s cookie audits.

For everything else, including how to make necessary Consent Mode updates for your site via Google Analytics 4 or Google Tag Manager, how to adhere to privacy regulations, what other firms are doing to prepare, and how RubyLaw Analytics, our cookie-less alternative for collecting metrics about your site and users, can help your firm, please contact our Client Experience team.