Consent Mode V2 Implementation Guide: Google's 2024 Requirements

Google now requires Consent Mode V2 for any business running ads targeting users in the European Economic Area (EEA). Without proper implementation, you’ll lose audience data, remarketing capabilities, and conversion tracking for EU users starting March 2024.

This guide covers everything you need to know to implement Consent Mode V2 correctly.

Consent Mode is a Google API that adjusts how Google tags behave based on user consent choices. Version 2 adds two new required signals:

Signal	Purpose	V2 Requirement
`analytics_storage`	GA4 cookies	V1 (existing)
`ad_storage`	Google Ads cookies	V1 (existing)
`ad_user_data`	Send user data to Google	V2 (new)
`ad_personalization`	Personalized ads/remarketing	V2 (new)

The key change: V2 requires explicit signals for ad_user_data and ad_personalization. Without these, Google won’t accept audience data from EU users.

Why This Matters

If you don’t implement Consent Mode V2 by March 2024:

Google Ads remarketing stops for EU users
Customer Match uploads fail for EU users
Conversion tracking degrades significantly
Audience building stops in GA4 for EU users

Implementation Options

You can implement Consent Mode V2 in three ways:

Option 1: Native CMP Integration (Easiest)

Many Consent Management Platforms (CMPs) now support Consent Mode V2 natively:

Cookiebot: Built-in support
OneTrust: Built-in support
Usercentrics: Built-in support
CookieYes: Built-in support
Termly: Built-in support

If using one of these, check their documentation for Consent Mode V2 activation. Usually it’s a toggle in settings.

Option 2: GTM Template (Most Control)

Use Google’s official Consent Mode template in GTM:

GTM → Templates → Search Gallery
Find “Consent Mode” by Google
Add to workspace

Option 3: Manual Implementation (Most Flexible)

Implement directly in code using gtag.js commands.

Step-by-Step GTM Implementation

Here’s the complete GTM implementation for Consent Mode V2.

Create a tag that sets default consent BEFORE any Google tags fire.

Create a new Custom HTML tag
Add this code:

<script>
  window.dataLayer = window.dataLayer || [];
  function gtag(){dataLayer.push(arguments);}

  // Set default consent state (denied for EEA users, granted for others)
  gtag('consent', 'default', {
    'analytics_storage': 'denied',
    'ad_storage': 'denied',
    'ad_user_data': 'denied',
    'ad_personalization': 'denied',
    'wait_for_update': 500  // Wait 500ms for CMP to load
  });

  // Optional: Region-specific defaults
  gtag('consent', 'default', {
    'analytics_storage': 'granted',
    'ad_storage': 'granted',
    'ad_user_data': 'granted',
    'ad_personalization': 'granted',
    'region': ['US', 'CA', 'AU']  // Non-EEA regions can default to granted
  });
</script>

Trigger: Consent Initialization - All Pages (fires before other triggers)

Critical: This tag must fire BEFORE your GA4 Configuration tag and all Google Ads tags.

Your CMP needs to push consent updates to the data layer when users accept or reject:

// When user accepts all cookies
gtag('consent', 'update', {
  'analytics_storage': 'granted',
  'ad_storage': 'granted',
  'ad_user_data': 'granted',
  'ad_personalization': 'granted'
});

// When user accepts only necessary cookies
gtag('consent', 'update', {
  'analytics_storage': 'denied',
  'ad_storage': 'denied',
  'ad_user_data': 'denied',
  'ad_personalization': 'denied'
});

// Granular consent (user picks and chooses)
gtag('consent', 'update', {
  'analytics_storage': 'granted',      // Accepted analytics
  'ad_storage': 'denied',              // Rejected ad cookies
  'ad_user_data': 'denied',            // Rejected data sharing
  'ad_personalization': 'denied'       // Rejected personalization
});

For each Google tag in GTM:

Open the tag
Go to Advanced Settings → Consent Settings
Select “Require additional consent for tag to fire”
Add the appropriate consent types:
- GA4 tags: analytics_storage
- Google Ads tags: ad_storage, ad_user_data
- Remarketing tags: ad_personalization

GTM → Admin → Container Settings
Enable “Enable consent overview”
This shows consent status in Preview mode

Testing Your Implementation

Use GTM Preview Mode

Click Preview in GTM
Check the Consent tab
You should see:
- Default consent state on page load
- Consent update when you interact with CMP
- Tags properly blocked/allowed based on consent

In the browser console:

// Check current consent state
dataLayer.filter(item => item[0] === 'consent')

You should see both default and update commands.

Check Tag Behavior

Deny consent
Verify Google tags don’t fire (or fire with limited data)
Grant consent
Verify tags fire normally

When consent is denied, Google can model conversions using machine learning. To enable this:

GA4 → Admin → Data Collection and Modification → Data Collection
Ensure “Google signals data collection” is ON
Modeling happens automatically

Enable in Google Ads

Google Ads → Settings → Measurement → Conversions
Enable consent mode modeling
You need ~100 daily consented conversions for modeling to work

Common Implementation Mistakes

// Wrong order - tags fire before consent is set
gtag('config', 'G-XXXXXXXX');  // GA4 fires with no consent info
gtag('consent', 'default', {...});

// Right order
gtag('consent', 'default', {...});
gtag('config', 'G-XXXXXXXX');  // GA4 respects consent state

In GTM, use the Consent Initialization trigger for default consent.

Mistake 2: Missing V2 Signals

// Wrong - only V1 signals
gtag('consent', 'default', {
  'analytics_storage': 'denied',
  'ad_storage': 'denied'
});

// Right - includes V2 signals
gtag('consent', 'default', {
  'analytics_storage': 'denied',
  'ad_storage': 'denied',
  'ad_user_data': 'denied',        // V2 required
  'ad_personalization': 'denied'   // V2 required
});

Mistake 3: Not Updating All Signals

// Wrong - only updates V1 signals
gtag('consent', 'update', {
  'analytics_storage': 'granted',
  'ad_storage': 'granted'
});

// Right - updates all signals
gtag('consent', 'update', {
  'analytics_storage': 'granted',
  'ad_storage': 'granted',
  'ad_user_data': 'granted',
  'ad_personalization': 'granted'
});

Mistake 4: CMP Not Pushing Updates

Your CMP must push the consent update to the data layer. Many CMPs have this built in, but check:

Open browser console
Interact with consent banner
Run: dataLayer.filter(item => item[0] === 'consent')
Verify update command appears

If no update appears, your CMP isn’t configured correctly.

Mistake 5: Ignoring Region Defaults

// Consider different defaults by region
gtag('consent', 'default', {
  'analytics_storage': 'denied',
  'ad_storage': 'denied',
  'ad_user_data': 'denied',
  'ad_personalization': 'denied'
});

// Non-EEA regions can default to granted
gtag('consent', 'default', {
  'analytics_storage': 'granted',
  'ad_storage': 'granted',
  'ad_user_data': 'granted',
  'ad_personalization': 'granted',
  'region': ['US', 'CA', 'MX', 'AU', 'NZ', 'JP']
});

URL Passthrough and Link Decoration

For better cross-domain tracking with denied consent:

gtag('consent', 'default', {
  'analytics_storage': 'denied',
  'ad_storage': 'denied',
  'ad_user_data': 'denied',
  'ad_personalization': 'denied',
  'url_passthrough': true  // Enables URL parameter passing
});

This passes limited conversion data through URL parameters when cookies are blocked.

In GTM, enable “URL Passthrough” in your Consent Mode template settings.

Verifying Compliance

Check Google Tag Assistant

Install Tag Assistant Legacy extension (for this specific check)
Load your page
Click the extension
Check for consent mode status

Check GA4 DebugView

GA4 → Admin → DebugView
Load your page with consent denied
Events should show with consent status

Check Google Ads

Google Ads → Tools → Conversions
Your conversion tags should show “Consent mode detected”

Timeline and Requirements

Google’s Deadline

March 2024: Consent Mode V2 required for EU audience building and remarketing
Without V2: You’ll lose EU remarketing audiences and customer match functionality

Who Must Implement

Any business showing consent banners to EU users
Any business running Google Ads targeting EU countries
Any business collecting EU user data for Google audiences

Who Can Skip

Businesses not targeting EU users at all
Businesses not using Google Ads
Businesses already blocking all Google tags for EU users (though this loses all EU data)

Integration Checklist

Before going live, verify:

Default consent fires BEFORE all Google tags
All four consent signals are set (analytics_storage, ad_storage, ad_user_data, ad_personalization)
CMP pushes consent update on user choice
Consent update includes all four signals
GTM tags have appropriate consent requirements
Preview mode shows correct consent flow
Tags respect consent state (blocked when denied)
URL passthrough enabled (optional but recommended)

Need Help With Implementation?

Consent Mode V2 has many moving parts, and incorrect implementation can either:

Break your EU tracking completely
Violate GDPR by tracking without consent

Both are bad outcomes.

If you’re unsure whether your implementation is correct, or you’re seeing issues with EU tracking, we can help diagnose the problem.

Get a free scan and we’ll check your Consent Mode implementation and tell you exactly what’s missing or misconfigured.

What Is Consent Mode V2?

The Consent Signals

Why This Matters

Implementation Options

Option 1: Native CMP Integration (Easiest)

Option 2: GTM Template (Most Control)

Option 3: Manual Implementation (Most Flexible)

Step-by-Step GTM Implementation

Step 1: Set Default Consent State

Step 2: Update Consent When User Chooses

Step 3: Configure GTM Consent Settings

Step 4: Enable Consent Overview