Implement consent for ads personalisation in WordPress – Google Consent Mode v2
Last updated on:
Google Consent Mode v2 is what the internet is going crazy about these days, because starting from March 2024 it is mandatory for all websites which utilizes Google Ads and targets users from countries in the European Economic Area.This is necessary to preserve the tag-based audience re-marketing functionality. Additionally there are some rumors that the GCM will also be mandatory for Google Analytics 4.
In this article you can read what is Google Consent Mode, what is necessary to implement it and how it can be done on a WordPress based website.
Table of Contents
Check if Google Consent Mode requirements are applicable to you
But first things first. How do you check if you’re directly affected by this requirement? Actually it is quite easy – you just need to log into your Google Ads and Google Analytics accounts and look for the following warnings:
Google Ads warning about consent signals
Implement consent for ads personalisation You are not providing EEA end-user consent signals required for ad personalisation features. Take action before March 2024 or your campaign performance will be impacted.
Google Analytics – verify your consent settings
Verify your consent settings for end users in the European Economic Area (EEA) End users in the European Economic Area (EEA) must provide consent for their personal data to be shared with Google for advertising purposes.
What is Google Consent Mode?
Google Consent Mode is just a mechanism which enables Google to know about user consent choices on your website. Technically it’s nothing new and was introduced already on April 2021.
Here’s how Google describes it:
Consent mode receives your users’ consent choices from your cookie banner or widget and dynamically adapts the behavior of Analytics, Ads, and third-party tags that create or read cookies. Source
What’s necessary for GCM implementation?
To make it clear – there are different rules for ADVERTISERS and PUBLISHERS. Those who just advertise their site via Google Ads need nothing more than a GDPR / GCM v2 compliant cookie banner and a policy which declares how cookies are used, HOWEVER for content publishers who use Google Ad Manager (not to mix it with Google Ads) there’s one additional requirement – you are required to use a Google certified Consent Management Platform. Now more about this in details:
GDPR cookie banner
A GDPR compliant cookie consent banner on your website which supports the Google Consent Mode v2 and preferably uses Consent Management Platform which is certified by Google.
Privacy Policy or Cookie Policy page
Privacy Policy or Cookie Policy page on your website which informs the user in details about the use of cookies – how they are used, what personal information is being collected and how the data is being shared with the third parties.
Consent Management Platform certified by Google*
While this is only a recommendation for Google Ads users, it is a must-have requirement for publishers who use Google AdSense, Google Ad Manager, or Google AdMob to place advertisements on their websites or apps.
Note that if you’re a publisher – you will have to use a CMP solution which is certified by Google and has an integration of TCF (Transparency and Consent Framework by IAB). This practically means that you will have to pay for a premium version of a WordPress plugin which meets these standards, since no plugin will offer this for free. Unless of course you, as a publisher, want to pay hefty annual fees for registering your own CMP.
Google Consent mode implementation in WordPress
There are two ways how you can do this and let’s start with the most easiest one, which as I said before – is also a requirement if you are a content publisher.
#1 By using a CMP which is certified by Google
This is Google’s recommended way of implementation. You just need to lookup a CMP which is certified by Google, optionally (a requirement for publishers) has a TCF support and offers a WordPress plugin for placing a Cookie Consent banner on your website.
I prefer to use a Cookie Script CMP which I have personally tested (in fact I’m also using it here on DoInWP).
It is a certified CMP by Google
It has a TCF integration and reasonably cheap premium plans
It offers a free plan which will be sufficient for most websites
With this CMP you can get your site GDPR / GCM v2 compliant in minutes because many things are automated
The only downside of this CMP is their WordPress plugin which have not been updated for some time and contains some bugs along with PHP8 compatibility issues. Since I liked how easy it was to setup everything, I’ve fixed these problems and a modified release can be downloaded here.
Quick Instructions on how to integrate it:
Register an account at Cookie-script.com(no e-mail verification necessary)
Download a Cookie Script plugin from the official WordPress repository or a modified version where I’ve fixed the bugs and PHP8 compatibility issues from here.
Configure your Cookie Consent banner at the cookie-script.com website and place its url in the plugin settings.
All it takes is to register an account on the CMP website, configure your Cookie Consent banner (intuitive configuration where many things are done automatically) and download a WordPress plugin for it.
#2 By implementing the change manually
For more advanced developers Google also offers instructions on how to implement or adjust the Google Consent mode v2 in their own consent solution – you can read more about it here.
Verifying changes after implementation
Note that when you finish the implementation of Google Consent Mode v2 – you will still see the warnings from Google Ads and Google Analytics.
For changes to take effect, you must wait for up to 48 hours.
If 48 hours have passed, check if Google has accepted your GCM implementation by doing following steps:
Visit Google Analytics and select your analytics property;
Click on “Admin“, then look for “Data collection and modification” and click on “Data streams“;
Select the data stream of your website and expand the “Consent Settings” section (if not already expanded);
In the list you should see an item “Ads personalization consent signals active” marked with a green checkmark;
This means that you’ve correctly implemented a Cookie Consent Banner with Google Consent Mode v2 enabled
If you still see warnings about consent signals, you probably need to wait a bit more or check if everything has been implemented correctly.
Statistics may drop in Google Analytics because of Google Consent Mode
It is to be expected that the statistics of users, page views or events may significantly drop in Google Analytics after implementing Google Consent Mode on your website – sometimes the drop can be as high as 60% or more.
That’s because each site visitor must now give a permission by accepting the cookies. If a visitor does not accept the cookies– Google Analytics will not log the information about his visit.
Solution: Motivate the user to accept the use of cookies
You can use some clever tricks to ensure that most of the visitors accepts the use of cookies. Remember that for the most visitors this “cookie message” is not important at all – they naturally want to close it, get rid of it as fast as possible, just to see what’s on your website.
Therefore try designing your cookie banner in such way:
Ensure that there is no “X” button. Naturally when a site visitor sees some popup he’s not interested in, he will use the “X” button to close it. For a GDPR compliant cookie banner this means – the user has not consented to the use of cookies; Some resources may say that if there is no “X” button, the consent banner is not GDPR compliant, but that’s not true, since the GDPR regulations always state that the choices between accepting and denying cookies must be equal.
Ideally to meet the GDPR regulations the “Accept” and “Deny” buttons in a cookie consent banner must be in the same colors – visually equal choices, but just take a look around! Wherever you look, this concept is not being used in practice – almost every site will use high contrasting color for the “Accept” button and make the “Deny” button less appealing. There are many samples when the buttons are even not the same size. Coming out of that – I’d at least stick to the same principle – use a high contrasting and encouraging (e.g. green, blue, yellow) color for the “Accept” button and make the “Deny” button less outstanding.
Try making the cookie notice large enough so it partially covers the site content, therefore encouraging the visitor to make a choice;
Things to not do when designing a cookie consent banner, since these could seriously break GDPR guidelines:
Do not use small or a low contrast text for the “Reject” or “Customize” buttons;
Do not create a “cookie wall” by blocking the access to content while visitor has not consented – the user must be able to browse the site even with a visible cookie message. The site can be partially visible.
Respect the user consent choices – do not automatically accept the cookies or automatically mark all the options as checked for the visitor.
Cookie notice – good and bad samples
Bad sample: The visitor has an easy choice to reject the use of cookies – the X icon is most commonly used to “close unimportant stuff” and along with the “Decline All” button it gives the visitor a double chance to reject the use of cookies.
Good sample: The visitor has an equal choice of accepting or rejecting the use of cookies. There is no additional check-boxes present at the initial cookie consent banner and the “Accept All” button is with a higher contrast, therefore encouraging the visitor to choose it first.
