Main content area

Simplify Cookie Control set up with Google Consent mode

Earlier this year, Google announced Consent mode as a convenient way to adjust how Google tags behave based on the consent status of your users - making it easier for advertisers to manage cookies related to advertising and analytics and in turn comply with privacy legislation such as GDPR in the UK. The feature is currently marked as a beta release by Google, which may mean some of the details below could change.

How does it work?

Google has added two new keys: ad_storage and analytics_storage, which may have the value of either "granted" or "denied". When consent is granted, the associated tags will utilise cookies and function normally as expected; though will otherwise adjust their behaviour accordingly.


Currently, this dynamic behaviour only applies to Google tags deployed via gtag.js or Google Tag Manager and includes a limited set of products:

  • Google Ads *
  • Google Analytics
  • Floodlight

* includes Google Ads Conversion Tracking and Remarketing; support for Phone Call Conversions pending as of 5th November 2020.

If you choose to use IAB Europe’s Transparency and Consent Framework (TCF) v2.0, then Google’s ad systems will already read and respect the Transparency and Consent String generated and require no further action.


If, however, you run Cookie Control without TCF enabled, then Consent mode does make configuration a lot easier for these products - simply because it does not require you to set up custom tags or events yourself. You only need to alter the value of ad_storage and analytics_storage as part of your Cookie Control configuration - namely the relevant cookie category’s onAccept and onRevoke callback function.

For example, if you have two categories, named Analytics and Marketing, then the optionalCookies property of your configuration would be as follows:

 optionalCookies: [
        name: 'analytics',
		label: 'Google Analytics',
        description: 'Analytical cookies help us to improve our website by collecting and reporting information on its usage.',
        cookies: ['_ga', '_gid', '_gat', '__utma', '__utmt', '__utmb', '__utmc', '__utmz', '__utmv'],
        onAccept: function(){
            gtag('consent', 'update', {'analytics_storage': 'granted'});
		onRevoke: function(){
            gtag('consent', 'update', {'analytics_storage': 'denied'});
        name: 'marketing',
        label: 'Google Ad Platforms',
        description: 'We use marketing cookies to help us improve the relevancy of advertising campaigns you receive.',
        onAccept: function(){
            gtag('consent', 'update', {'ad_storage': 'granted'});
		onRevoke: function(){
            gtag('consent', 'update', {'ad_storage': 'denied'});

This allows you to load Google Tag Manager as you normally would via a script reference or CMS plugin.

The only detail to be mindful of is that the default value for both ad_storage and analytics_storage is "granted" and needs to be altered to "denied" to be GDPR compliant. For instance:

  // Include the following lines to define the gtag() function when
  // calling this code prior to your gtag.js or Tag Manager snippet
  window.dataLayer = window.dataLayer || [];
  function gtag(){dataLayer.push(arguments);}

  // Call the default command before gtag.js or Tag Manager runs to
  // adjust how the tags operate when they run. Modify the defaults
  // per your business requirements and prior consent granted/denied, e.g.:
  gtag('consent', 'default', {
    'ad_storage': 'denied',
    'analytics_storage': 'denied'
<!-- Load gtag.js or Tag Manager as normal, e.g.: -->
<script async src="">
  window.dataLayer = window.dataLayer || [];
  function gtag(){dataLayer.push(arguments);}
  gtag('js', new Date());
  gtag('config', 'GA_MEASUREMENT_ID');
  gtag('config', 'AW-CONVERSION_ID');

  // Cookie Control, with optionalCookies described above


If you depend on other third party libraries, or load the Google products in a manner other than gtag.js or Google Tag Manager; then Consent mode doesn’t offer any immediate benefit - you will still need to create custom events in the manner already suggested by Cookie Control’s documentation so that they only load after a given user action.

For existing Cookie Control users who already have their configuration in place, it may be beneficial to update your configuration when possible as Google report more accurate measurement with Consent mode - though it does not impact the level to which you comply with privacy legislation in anyway.

If you'd like more details on how we can help with Cookie Control