Google Tag Manager Consent Modes - What Are They & How Do They Work?
We’ve all seem those horrible cookie consent banners and whilst I’m sure a vast majority of people would be happy with never seeing one again, frustratingly lots of countries around the world have specific laws that require a website to gain consent before tracking users or storing any data on that user (think GDPR or CCPA) so it’s not optional.
There are numerous ways of gaining consent before tracking and there some great providers such as OneTrust or Cookiebot that make this whole process a lot easier. You can also implement your own custom functionality to take care of the issue if you’re very aware of laws and process also.
But how these tools have played with Google Tag Manager has in the past required all kinds of custom triggers and complicated setups within Google Tag Manager. But why…?
Google Tag Manager has had a built in consent mode (still in BETA) for some time and whilst I look at GTM regulay I rarely (read barely ever) see it used and I’m not really sure why. I’m going to run through the ‘how to‘ in this post and why it’s better than using alternative solutions when it comes to consent within GTM.
So firstly, what does Googles Consent mode do?
Essentially, against each tag in your tag manager (if you open advanced settings) you can enable Consent settings and if set, they look for various consent modes to be granted (i.e ad_storage, analytics_storage, personalization_storage etc). You can trigger these from a cookie banner on the website.
If the specified consent modes have been granted then the tag can run. If not then it can’t. It makes for handling the firing of tags based on consent much easier than creating heavily customised triggers so should really be considered.
Whats the benefit?
The benefit of using the consent modes is that your triggers can be hugely simplified within tag manager (back to the good old days!).
I’ve seen sites baking cookie consent settings and typical trigger settings into GTM in a number of ways but using this means you can go back to much simplified triggers (i.e. all page views or similar) and the consent settings can live alongside.
This just makes the life of anyone administering the tool or trying to understand what fires under what conditions so much simpler.
And really that is the primary benefit. Ease of administration and setup but that isn’t to be nocked when you’re pulling your hair out over why ‘such and such’ trackings are not firing etc.
It gets a bit geeky from here, so feel free to bail out… you’ve got a sense of things from the above but if you want the nitty gritty…
领英推荐
How to use and change the consent status?
Using Googles consent mode does require some custom code but thankfully it’s not overly complicated and there are ways of tying it in with either bespoke cookie control banners or off the shelf products such as OneTrust.
But essentially, the process is this…
On load you firstly want to deny all consents. By default (since most sites don’t have any Google consent code) Google sets consent modes to ‘Granted’ so you have to deny them to esentially turn the tooling on. Really simple bit of script to do this that looks something like this:
<script>
window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);}
gtag('consent', 'default', {'analytics_storage': 'denied', 'ad_storage': 'denied', 'personalization_storage': 'denied'});
gtag('js', new Date());
console.log('Initialised deny consent script ran');
</script>
As you can see, we’re just passing into Googles dataLayer a consent object that all the various consent modes are passed, initially as denied.
Then to grant any of them, it’s simply a matter of running another event into the dataLayer to update whichever consent setting you want to, i.e.
window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);}
gtag('consent', 'update', {'analytics_storage': 'granted'});
console.log('Analytics consent granted');
You would do this IF either a banner was accepted on the page that granted that permission OR if a customer had previously accepted the banner for example. You could potentially update to deny the permission if someone updated their cookie banner settings also.
Since the dataLayer is read sequentially the last update to a particular consent setting is the one that is used in GTM.
It’s worth noting that Consent (or anything in Googles dataLayer) does not persist as customers browse around the site so this has to be set on each page load. The way I’ve seen the ‘consent settings’ passed typically from page to page is stored in a cookie that is read from on page load and initialises the required consents.
Once you’ve done this and enabled your tags you can see the consent state within the Google Tag Manager Debugger and for any tags that have run you can see the required additional consents.
More information on this can be viewed here: https://developers.google.com/tag-platform/devguides/consent
In summary
I hope you find this a useful and quick introduction to Googles Consent modes and if you’re setting up cookie control or looking to improve upon what you have it’s certainly the route to take nowadays. Feel free to drop me a line if you have any questions.
Front-End Developer
1 年Hello Nick. I really liked your post. I was wondering if you could help me with something. I've been trying to find what consent variables should I add for LinkedIn Insights - that is how I came across your post. I've tried adding `ad_storage`, then `analytics_storage`, then both, and my LinkedIn Insights tag does not fire. I've also tried adding a custom variable, named it `my_custom_variable_storage`, and added it to the consent mode for LinkedIn Insights, and still, it did not fire. I was wondering if you know what should I add there?