Google Analytics 4 (GA4) offers powerful tools for data analysis, and with the introduction of consent mode, businesses now have more control over how data is collected and processed based on user consent choices. However, navigating consent mode in the GA4 BigQuery export can be challenging. In this guide, we’ll walk you through the key concepts of consent mode, explain the differences between basic and advanced implementations, and share how to analyse your data effectively.
What is Consent Mode in GA4?
Consent mode allows GA4 to adjust data collection based on whether a user has provided consent for analytics and ads storage. Information about user consent is stored in the privacy_info table within BigQuery, which includes three fields:
- privacy_info.analytics_storage: Indicates consent for analytics data storage.
- privacy_info.ads_storage: Indicates consent for ads personalisation data storage.
- privacy_info.use_transient_token: Currently unused by Google Analytics.
Both analytics_storage and ads_storage can contain the following values:
- Yes: Consent granted.
- No: Consent denied.
There are two ways to implement consent mode and these are Basic and Advanced Consent Mode.
Basic vs. Advanced Consent Mode
Understanding which consent mode you’re using is critical to analysing your data. Let’s break down the two main implementations:
Basic Consent Mode
In basic consent mode, the analytics_storage field only contains Yes, meaning data is collected only when users grant consent. If consent is denied, no data is collected.
Basic consent mode simplifies compliance but limits the amount of data available for analysis. For example, Google Analytics will entirely block event logging until consent is granted.
Advanced Consent Mode
Advanced consent mode provides more granular control. Data collection is handled based on each user’s consent status, making it ideal for sophisticated analytics and consent management strategies.
In advanced mode, the analytics_storage and ads_storage fields can vary between Yes, No, and even null. Events may still be logged as cookieless pings even when consent is denied. These pings strip parameters like user_pseudo_id and ga_session_id, meaning they lack identifiers, but still provide aggregated insights about user activity.
Understanding Cookieless Pings
Cookieless pings allow GA4 to log events even when consent for analytics or ads storage is denied. These events:
- Do not include personal identifiers such as user_pseudo_id or ga_session_id.
- Are limited in scope, providing basic information like event counts and traffic patterns.
If consent is later granted during the same session, previously denied hits can still contribute to enriched analytics reporting.
Analysing Consent Mode Data in BigQuery
To query your consent data in BigQuery, you can run the following SQL query to check how consent is being recorded:
SELECT
privacy_info.analytics_storage,
privacy_info.ads_storage,
COUNT(*) AS event_count
FROM `your_project.analytics_XXXX.events_*`
WHERE event_name = "your_event_name"
GROUP BY
analytics_storage,
ads_storage
This query will reveal how many events are recorded for each consent status. For advanced consent mode, expect to see variations (Yes, No, and null) in your results.
The Impact of Consent Mode on Your Data
Consent mode has significant implications for your data analysis:
1. Cookieless Data Challenges
Session Fragmentation
- When users do not provide consent for analytics cookies, GA4 may record data without assigning unique identifiers (e.g., user_pseudo_id or ga_session_id), limiting the identity stitching capabilities. As a result, session-based metrics, like bounce rate, session duration and conversions can appear fragmented or inflated. A single user’s activity may be miscounted as multiple sessions, distorting standard engagement metrics.
User Flow Complexity
- Behaviour flow, path analysis and funnel tracking become less reliable. With incomplete identifiers, tracing the path from first touchpoint to conversion is more difficult.
- Retention metrics such as the number of returning users can become artificially low if returning visitors without consent appear as brand-new users each time.
Loss of Granular Insights
- Without detailed cookie-based tracking - demographic and interest reports (e.g., age, gender, interests) may not be fully populated.
- If the marketing team relies on user-level or event-level data for personalisation and advertising campaigns, the lack of granular information complicates audience segmentation and performance analysis.
Potential Solutions
- Some tools and techniques exist to help mitigate the impact. Consent Mode modelling in Google Analytics, for example, uses statistical methods to fill in data gaps, though it’s not a full replacement for the actual user-level data.
- Server-side tagging or first-party identifiers (like a site login) can help consolidate session activity without relying solely on third-party cookies, but this approach must also comply with relevant privacy regulations.
2. Bias in Consent-Based Data
Skewed User Demographics
- Users who opt out may differ significantly from those who opt in, possibly by age, tech-savviness, or privacy sensitivity. If you only analyse consenting users, you might overlook key behaviours or preferences of a sizeable audience segment.
- Implication: Your marketing campaigns and product decisions may cater primarily to the preferences of those who consent, missing out on broader insights.
Incomplete Behavioural Insights
- Non-consenting users may have different on-site behaviours: they might browse less, purchase differently or be more likely to return via direct traffic. If you exclude them, your overall engagement metrics may be overstated or understated.
- When interpreting data, consider whether low-engagement or high-engagement cohorts are overrepresented among consenting users.
Impact on Segmentation and Attribution
- In consent-based environments, you might see a skew in attribution reports if certain channels like social media or paid search attract users more likely (or less likely) to consent.
- Caution: Marketing budgets and campaign optimisations that rely solely on consenting-user data may inadvertently shift spend towards biased segments.
Strategies to Address Bias
- Estimate Conversion Probabilities: Use modelling techniques to estimate how many conversions or actions might occur among non-consenting users. Although not exact, these estimates can provide a more holistic view.
- Transparent Reporting: When you present metrics to stakeholders, clearly identify that these figures represent consenting users only. Contextualising the data as partial or modelled is crucial for informed decision-making.
- Segment Comparisons: Compare consenting vs. non-consenting user segments (at least in aggregate) to see if behavioural or demographic differences are statistically significant. This can help gauge the degree of potential bias.
Moving Forward with Consent-Aware Analytics
Emphasise Privacy-First Strategies
Maintaining user trust is essential in today’s privacy-focused landscape. Ensure that the consent prompts are transparent, easy to understand and compliant with regional data protection laws such as GDPR and CCPA. By prioritising user privacy, you can create a trustworthy environment that fosters long-term customer relationships.
Adopt a Data Governance Framework
Establish clear internal policies for handling partial or aggregated user data. This includes documenting assumptions made during the analysis of consent-based data and ensuring that these are consistently applied across teams. A strong governance framework enables better decision-making and ensures accountability in data practices.
Leverage Predictive Modelling Tools
Take advantage of machine learning algorithms or Google’s Consent Mode modelling capabilities to fill in gaps caused by missing user identifiers. While no modelling approach is perfect, a well-designed model can mitigate the impact of incomplete data and provide actionable insights that align with user privacy preferences.
Plan for Cookieless Futures
The analytics and advertising industries are transitioning toward cookie-less environments and first-party data. To stay ahead, experiment with first-party data collection methods, server-side tagging, and privacy-safe identity solutions. These strategies will position your organisation to adapt effectively to the evolving landscape of data privacy and compliance.
Best Practices for Navigating Consent Mode
- Focus on Key Metrics: Shift your attention to aggregated data or cookieless event counts when consented data is limited. For example, total events (pageviews, clicks, conversions) and conversion rates to understand overall site engagement.
- Segment Your Analysis: Separate consenting and non-consenting users to identify trends without introducing biases.
- Regularly Review Data Models: Adjust your data models as more consent-based data becomes available.
- Implement Data Modeling and Estimation: When user_pseudo_id or ga_session_id is missing, consider advanced SQL or ML-based approaches to approximate session boundaries or unify partial events. If you rely on Google’s Consent Mode modeling, be sure to understand its methodologies and limitations. Currently GA4 exports to BigQuery do not include modelled data and Google's modelled data can only be viewed in GA4.
- Maintain Clear Governance and Documentation: Establish internal guidelines for handling partial or modeled data. Communicate assumptions, limitations, and estimation methodologies to stakeholders. Keep your team informed on any changes that might affect consent signals, data storage, or export configurations as privacy laws and platform policies evolve rapidly.
Conclusion
Consent mode in GA4 adds complexity to BigQuery exports, but it also enables businesses to handle user privacy more responsibly. By understanding how consent data is logged and learning to analyse cookieless events, you can still extract meaningful insights while remaining compliant with privacy regulations.
.png)
