Quick answer: Google Consent Mode v2 is now mandatory for any website using Google Ads, Analytics, or any Google marketing tag in the EU. Since March 2024, websites without a properly configured Consent Mode v2 setup lose remarketing audiences, conversion tracking, and campaign optimization data. Here's how to audit and fix your implementation.
What Is Google Consent Mode v2?
Consent Mode v2 is Google's framework for adjusting how Google tags behave based on a user's cookie consent choices. When a user rejects cookies, Google tags still fire — but in a "cookieless" mode that uses modeled data instead of actual tracking.
The key difference from v1: two new consent signals were added:
| Signal | What It Controls | New in v2 |
|---|---|---|
ad_storage | Advertising cookies (Google Ads, Floodlight) | No (v1) |
analytics_storage | Analytics cookies (GA4) | No (v1) |
ad_user_data | Whether user data can be sent to Google for advertising | Yes |
ad_personalization | Whether personalized ads can be shown | Yes |
Why It Matters: What Happens Without It
- No remarketing audiences — Google Ads can't build audience lists for retargeting
- No conversion tracking — Conversions from EU users won't be attributed correctly
- Campaign performance drops — Smart Bidding loses signal data, CPAs increase
- Compliance risk — Without proper consent signal forwarding, you may be violating GDPR and the DMA (Digital Markets Act)
Audit Checklist: Is Your Setup Correct?
Use this checklist to verify your Consent Mode v2 implementation:
1. Check if Consent Mode is Active
Open Chrome DevTools → Console → Type dataLayer and press Enter. Look for a consent event with default command. You should see all four signals set:
ad_storage: 'denied'analytics_storage: 'denied'ad_user_data: 'denied'← Must exist for v2ad_personalization: 'denied'← Must exist for v2
2. Check the Default State
The default consent state should be denied for all signals before the user interacts with the banner. If any signal defaults to granted, you're setting cookies before consent — a GDPR violation.
3. Verify Consent Update on Accept
Click "Accept All" on your cookie banner, then check dataLayer again. You should see a consent event with update command, changing all signals to granted.
4. Check the "Reject" Path
Clear cookies, reload the page, and click "Reject". All signals should remaindenied. Crucially: no Google cookies should be set. Check the Application → Cookies tab in DevTools.
5. Verify in Google Tag Assistant
Install the Google Tag Assistant Companion Chrome extension. Navigate to your site and check:
- All four consent types appear in the Consent tab
- The "Consent Mode" indicator shows "Active"
- No warnings about missing
ad_user_dataorad_personalization
6. Check Google Ads Diagnostics
In your Google Ads account: Tools → Diagnostics → Consent Mode. Google shows whether your tags are properly sending consent signals. Look for the green checkmark on all four parameters.
Compatible CMP Platforms
These Consent Management Platforms support Consent Mode v2 natively:
| CMP | Built-in v2 Support | Free Tier | Google CMP Partner |
|---|---|---|---|
| Cookiebot (Usercentrics) | Yes | Yes (1 domain) | Yes |
| CookieYes | Yes | Yes | Yes |
| Complianz | Yes | Yes (WordPress) | Yes |
| Axeptio | Yes | Yes | Yes |
| OneTrust | Yes | No | Yes |
| Termly | Yes | Yes | Yes |
| Tarteaucitron | Partial (manual config) | Yes (open source) | No |
Common Mistakes
- Missing
ad_user_data/ad_personalization— This means you're still on v1. Update your CMP or GTM configuration - Consent default set to 'granted' — Illegal under GDPR. Must default to 'denied' in EEA countries
- Google tags firing before consent script — If your gtag.js loads before the CMP banner, cookies are set before consent
- No region-specific settings — Consent Mode supports
regionparameter. Set 'denied' default only for EEA, UK, and other regulated regions - Not testing the reject path — Most sites only test "Accept All". The reject path is where GDPR violations hide
How PrivacyChecker Helps
PrivacyChecker automatically detects whether your website has Google Consent Mode v2 configured correctly. Our scanner checks:
- Presence of all four consent signals in the default consent state
- Whether cookies are set before consent is granted
- Whether the cookie banner has a functional reject button
- Third-party scripts loading before consent (dark patterns)
- Google tag compliance with current DMA requirements
Run a free scan to check your Consent Mode v2 setup in under 60 seconds.
Frequently Asked Questions
Is Consent Mode v2 mandatory?
Yes, for any website serving EU users and using Google Ads, GA4, or any Google marketing product. Since March 2024, Google requires Consent Mode v2 to maintain full advertising functionality. Without it, you lose remarketing, conversion tracking, and audience data for EU users.
Does Consent Mode v2 make my site GDPR compliant?
Not by itself. Consent Mode is a technical framework that helps Google tags respect consent choices. But you still need a compliant cookie banner (with clear accept/reject options), a valid privacy policy, and proper consent records. UsePrivacyChecker for a full compliance audit.
Can I use Google Analytics without Consent Mode?
Technically yes, but in the EU this creates significant legal risk. Without Consent Mode, GA4 sets cookies regardless of consent status, which violates the ePrivacy Directive. Several DPAs (Austria, France, Italy) have already ruled against GA4 use without proper consent mechanisms.