Skip to main content

How to check Google Consent Mode V2 is working

To fully understand your website visitors' behavior while respecting their privacy, it's necessary to ensure that Google Consent Mode V2 is properly implemented.

If your business is operating within the European Economic Area (EEA) this framework is a must - because of data privacy regulations (GDPR).

Google Consent Mode V2 enables websites to adjust the Google tag's behavior based on user consent, ensuring that data collection and advertising practices comply with legal requirements.

tip

If you're using Shopify, here's how to implement Google Consent Mode V2 on your Shopify store

In other words: does your consent banner do what it's supposed to?

To have a clear picture of whether a website follows the guidelines for proper consent mode v2 implementation we’ll use the official Google Tag Assistant:

tag-assistant

After clicking on “Add domain”, simply type in the domain of the website you want to check (http part included!) and click “Start debugging”.

connect-tag-assistant

For the demo we’re looking at Cookiebot.

We call it "consent" banner and not "cookie" banner. The end user should be asked about consent to be tracked rather than asked about cookies - which is just one technology behind tracking & collecting user data. :::

After clicking connect on the Tag assistant, the browser will open the Cookiebot website in a new tab:

cookiebot-site-open-with-tag-assistant

Before making any choice regarding consent - let’s go back to tag assistant. We can see that a pageview has been sent to GA4:

By clicking on the Page view tag ‘card’ we can see more details - let’s focus on the parameters highlighted in green boxes:

“Cookie consent state” parameter reflects the consent mode v1 status. Let’s decode what G100 stands for:

  • G1 is always there
  • first zero means that user has NOT allowed to be retargeted with ads based on this visit i.e. ad_storage is denied
  • second zero is for analytics_storage and it states that this visit should NOT be tracked even for understanding traffic source, website behaviour, conversions etc.

The parameter right below it, called ‘gcd’, holds information important for understanding the implementation of consent mode v2.

Its current value is 13p3p3p3p5l1. This unreadable string is actually coded consent status for:

  1. Ad storage
  2. Analytics storage
  3. Ad user data
  4. Ad personalization
  5. Ad data redaction (unofficial)

The letters in the gcd parameter determine both default and updated status of user consent for each of the five aforementioned features. Here’s what they mean:

In our particular case - 13p3p3p3p5l1 means that storage for ads and analytics, as well as user data and ad personalization is denied by default and the update is missing (p).

Also ad_data_redaction is l, meaning that there’s not even a default state for it.

Once we click on “Allow all” cookies button on the website - the page_view is sent again and here are the values for that event:

The gcd value turns to 13r3r3r3r5l1 - all ps turned to rs - and if we look at the table above r stands for denied by default and granted after update.

Note the number 1 at the very end of gcd - despite heavy tests we can not confirm with 100% certainty that it stands for ads_signals GA4 setting, but some resources out there claim so. The table below reveals meaning of values 1-6 defining consent and ad signal status

Now let’s get back to the primary consent mode parameter investigation, let’s clear cookies and allow analytics tracker only, while denying the website the right to retarget us with ads based on remarketing cookie technology. We do that by customising our consent:

We accepted Statistics but denied Marketing, so let’s take a look now how does that affect gcd:

gcd has all qs (denied both by default and after update) except second letter which is r - that stands for denied by default but granted after update. Note how the Client ID parameter persists from page to page now:

We encourage you to play around with different combinations of consent granted and see how your implementation behaves.

NB: There are several ways to clear cookies - we’re doing it from Chrome dev tools > Application > Cookies

clear-cookies-in-browser

Conclusion

Although the Google documentation about consent mode v2 doesn’t follow the pace at which updates are being released, it's clear we can use the gcd parameter to inspect the consent states passed to Google via gtag.