How to collect consent for GA4

In recent years, increasing regulatory activity around cookie consent has led to a move away from third-party tracking. Google Analytics 4 and new features like Google Consent Mode signal an industry shift towards privacy-minded design in analytics and advertising. 

Here’s what you need to know about GA4, its privacy features, and a few different ways you can control the tag behavior of your Google products based on user preferences collected with your consent management platform. 

What is GA4?

Google Analytics 4 is Google’s new cross-platform web analytics and measurement platform which is set to replace Universal Analytics. 

Unlike with Universal Analytics where you could use third-party cookies, GA4 will rely on a combination of first-party cookies and machine learning to generate event based insights. 

Is GA4 privacy safe?

Google has described GA4 as a platform that was designed with privacy at its core. 

Unlike Universal Analytics, GA4 will not store IP addresses. This is likely in part due to decisions from data protection authorities finding that Google’s anonymization function was not sufficient to prevent linking to an individual. 

Additionally, instead of dropping third-party cookies which can track user behavior beyond a website, Google Analytics will only drop first-party cookies. This is in line with Google’s plans to phase out third-party cookies by the end of 2023. 

These changes don’t mean consent requirements change or go away, as GDPR and ePrivacy requirements are still relevant where they apply.

Implementing cookie consent for GA4

When transitioning to GA4, the first step is creating a new GA4 property based on the original Universal Analytics property. The GA4 property will have a new tag that needs to be implemented on your site.

If you’ve already set up consent based triggers for the Universal Analytics tag, you can easily apply that same process to your new GA4 tag. If, however, this is your first time implementing consent collection for Google products, here are some strategies to consider.

Option A: Integrate with Google Consent Mode

Consent Mode refers to the consent checks built into certain Google products to interpret user consent choices and adjust tag behavior accordingly. Google products that support Google Consent Mode are associated with consent types, which indicate the kinds of storage used. 

To integrate Google Consent Mode with Sourcepoint’s Dialogue CMP, you will first adjust the Consent Settings of your GA4 tag. In the Sourcepoint portal, you will need to add the vendor named Google Consent Mode Products to your vendor list. You can then create custom purposes for that vendor based on the built-in consent checks listed for the Google product used. Google Analytics has built-in consent checks for analytics_storage and ads_storage. 

For the step-by-step process, take a look at our help center article on using Google Consent Mode (GCM)

Option B: Create a custom consent trigger

Using Google Tag Manager (GTM), you can create triggers that carry an indication of consent in order to control when the GA4 tag should fire. More than one trigger type can accomplish this, and your setup could depend on your consent management platform. 

To use this method with Sourcepoint’s Dialogue CMP, you’ll want to create a custom event trigger in GTM and then use the name of that custom event in the consent actions of a specific vendor—in this case, Google Analytics. 

Our help center article on Google Tag Manager (GTM) Integration walks through the steps of setting up a consent based trigger for firing vendor tags on your site. 

Option C: Fire custom JS with consent actions

You can also fire vendor tags directly from the Sourcepoint portal in vendor list settings, using consent and reject actions. This is a good option for vendors that you don’t want to manage via Google Tag Manager, and it works with Google Analytics too. 

Consent actions are typically used for firing vendor JS code upon consent, while reject actions are useful for firing code to indicate an opt-out. They can both be configured for individual vendors or for entire purpose categories. 

To use this method for GA4, simply navigate to your vendor list and select Google Analytics. Then under consent actions, paste your GA4 tag into the custom JS section. That tag will only fire when consent is given. 

Our help center articles on consent actions & reject actions illustrate how to do this with any vendor. 

Collecting consent in a “cookieless” world

In conclusion, the move to first-party tracking doesn’t mean the end of consent! And while new features like Google Consent Mode are available for integration, your consent setup doesn’t need to change dramatically. 

Consult with your data protection officer to understand which strategy makes the most sense for your organization, and make use of the Sourcepoint Help Center for guidance on easy implementation. Your Sourcepoint account manager is also available for additional support. 

Watch our webinar on demand

In our webinar, Collecting consent in a “cookieless” world, Sourcepoint’s Sr. Solutions Consultant Atanur Demirci is joined by Sercante’s CRM and Marketing Automation Strategist Richard Feist to demonstrate methods of implementing consent collection for GA4. 

Watch on demand