Most people are pretty happy when they take a look at their web site traffic and see that a large...
It’s time we became consenting adults.
(A guide to digital consent requirements)
As digital privacy concerns mount, understanding the intricacies of consent has never been more crucial. In this guide, we'll explore how to effectively navigate the changing tides of digital consent requirements.
For years we’ve been warned about the death of the third-party cookie (I wrote another article about this topic 2 years ago). Digital marketers love cookies because they (theoretically) help us target the right people at the right time – two of the core principles of marketing strategy (right message is the third). However, consumers believe that cookies are inherently evil and that tracking their data that will somehow be used against them, or more likely be resold or stolen. In Europe, the General Data Protection Regulation was enacted in 2018 to help protect consumer privacy. Since then, we’ve seen additional regions jump on board with policies of their own. In the United States, there hasn’t yet been a federal law introduced, but more and more states are enacting their own laws (of course, each a little different from one another).
The reality of the situation is that consumers want privacy – while they may not fully understand the technical details or impact of these decisions, there’s an inherent feeling the industry needs to do better and provide choice and control over data collection. As marketers, we need to stop fighting this desire and embrace consumers’ wants.
Stop fighting consumers desires.
There are an array of tools available that enable website visitors to “consent” to being tracked. Most consumers won’t consent and that is ok. Most businesses and organizations do not rely on web tracking to determine how successful their business is – they look at revenue, sales pipelines, charitable donations, etc. You do not see web traffic or attribution on a P&L statement. Our favorite tool for compliance is Iubenda (we have been using it since 2017, in anticipation of GDPR requirements). One of the best aspects of Iubenda is their long-term commitment to evolving and adapting to new privacy requirements as they are enacted. As of this writing, Iubenda supports GDPR, FADP, LGPD and the US (California, Virginia, Colorado, Connecticut and Utah). It’s both affordable and relatively easy to implement and manage. With that said, there are many other privacy compliance management tools available – Google has a good comparison list of some of the most popular CPMs that meet their consent mode requirements.
Support the needs of marketers.
Of course, as digital marketers we’ve been collecting data on consumer behavior for years (honestly, direct mail marketers have used much more granular data than digital marketers for a much longer time) and we don’t want to let it go. Sadly, Google Analytics (currently on over 28 million websites) is not GDPR compliant and uses cookies to gather some portions of their data. Google is also now requiring implementation of some form of consent mode in order to run certain types of ads in certain markets. Tools like Matomo and Fathom Analytics offer alternative analytics platforms that can help you maintain backend website tracking without requiring the use of cookies. Each of these tools are heavily focused on ensuring your website visitors’ digital privacy and provide a variety of options for improved attribution. We’re currently running all three platforms on our site in a belt and suspenders type approach to ensure we’re collecting the most data possible. Excluding the influx of bot traffic that was reported in GA4 earlier this year, we’re seeing that roughly ¼ of our site visitors are “accepting” data collection.
Implementing User-Centric Consent Practices
The time has passed to stomp our feet and keep our heads in the sand – it’s time to accept the reality of consumers’ desire for data protection and act like grown-ups and implement what users want. Before you start implementing your overall consent policy, it’s important to review your currently tracked metrics and redefine your KPIs and attribution models and make any adjustments necessary. For example, you may be looking at what was previously reported as “conversions” (recently renamed Key Events) in Google Analytics, when you should actually be evaluating actual form fills or online sales data. Once you have a consent strategy defined, you’ll need to:
Step 1: Install a consent tool on your site. (Using this link https://iubenda.refr.cc/gaadmin you can save 10% off your first year of Iubenda).
Step 2: Install an alternate compliant analytics tool. Matomo is the most robust choice in our opinion. Note: Like GA4, installing Matomo does require more than just adding code on your site to get the full functionality).
Step 3: If you’re running Google Ads, set up Consent Mode.
Step 4: Monitor your results across platforms and identify discrepancies (and refine/update your measurement strategy again).
Living in a privacy focused, cookie-less world.
Navigating the landscape of digital consent is not just about compliance; it's about respecting your users and fostering trust. By choosing the right tools and strategies, you can ensure your marketing efforts are both effective and ethical. As noted earlier, business impact is always the most important metric in marketing success. Television advertising has been successful for years without cookies and user data – because it generates sales. Digital does the same thing; you may just need to look a little harder to find it. I shared my views on this back in 2011 – enjoy my 4 minute rant on how our industry has been focused on the wrong metrics and we need to do a better job – privacy and cookie deprecation are just the next challenges we face.
