If you’ve tried to make sense of Google Consent Mode v2, you’ve probably encountered two terms that look nearly identical but behave very differently: Basic Consent Mode and Advanced Consent Mode. Choose the wrong one, and you’ll either lose significant conversion data for Google Ads or fall short of what your privacy policy and users actually expect.
This guide explains exactly what each mode does, the scenarios where each one is right, and how to implement them correctly in Google Tag Manager.
What Is Consent Mode and Why Does It Exist?
Google Consent Mode is an API that lets your tags communicate consent signals to Google’s products. Instead of blocking tags entirely when a user declines cookies, Consent Mode lets tags fire in a “cookieless” mode — collecting behavioural signals without writing persistent identifiers.
Google uses these cookieless pings alongside machine learning to model conversions you would have lost with a hard block approach. The result is more complete conversion data in Google Ads without violating user consent.
Consent Mode v2 (required since March 2024 for EEA traffic) added two new signals:
ad_user_data— consent to use data for Google advertisingad_personalization— consent for personalised advertising
These join the existing analytics_storage, ad_storage, functionality_storage, personalization_storage, and security_storage signals.
Official reference: Google Consent Mode developer documentation
The Fundamental Difference
| Basic Consent Mode | Advanced Consent Mode | |
|---|---|---|
| Tags fire before consent? | ❌ No — tags blocked until consent given | ✅ Yes — tags fire immediately with denied defaults |
| Cookieless pings sent? | ❌ Not before consent | ✅ Yes, before consent is obtained |
| Behavioural modelling? | ❌ Limited (only opted-in users) | ✅ Full modelling from cookieless pings |
| Data gap? | Larger (no pre-consent data) | Smaller (modelling fills the gap) |
| GDPR compliance approach | Stricter — no processing until consent | Requires careful implementation |
| Setup complexity | Simpler | More complex |
Basic Consent Mode: How It Works
In Basic Consent Mode, Google tags are blocked from loading entirely until the user actively accepts or rejects cookies. Your CMP (Consent Management Platform) fires first, collects the user’s decision, and only then does GTM load the relevant tags.
This means:
- Users who close the banner or bounce without deciding contribute zero data to your analytics or Google Ads
- Users who accept contribute full data as normal
- Users who decline contribute no data (not even cookieless pings)
Simo Ahava describes this well: Basic Consent Mode is essentially a tag-blocking approach with Consent Mode signals applied after the fact to the users who do consent.
When Basic Consent Mode is Right
- Your organisation’s legal team requires that no Google scripts load without explicit consent
- You’re in a sector with strict interpretations of GDPR (healthcare, finance, legal)
- Your CMP vendor supports only Basic mode out of the box
- Your audience is primarily in markets with strong privacy expectations (Germany, France, Netherlands)
Setting Up Basic Consent Mode in GTM
Step 1: Configure Default State
In GTM, create a new Custom HTML tag with the following and set it to fire on All Pages with the highest tag priority (e.g., priority 10):
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
// Set denied defaults BEFORE any other tags fire
gtag('consent', 'default', {
'ad_storage': 'denied',
'ad_user_data': 'denied',
'ad_personalization': 'denied',
'analytics_storage': 'denied',
'wait_for_update': 500
});
</script>
The wait_for_update (in milliseconds) tells Google tags to pause briefly while waiting for consent updates from your CMP.
Step 2: Block All Google Tags Until Consent
In GTM → Admin → Container Settings → enable Consent Overview. Then for each tag that processes personal data:
- Click the tag → Consent Settings → Built-in consent check
- Set
ad_storageand/oranalytics_storageas required
This ensures the tag won’t fire unless the consent signal is granted.
Step 3: Update Consent on User Decision
Your CMP must push consent updates to the dataLayer when the user makes a decision:
// When user accepts all
gtag('consent', 'update', {
'ad_storage': 'granted',
'ad_user_data': 'granted',
'ad_personalization': 'granted',
'analytics_storage': 'granted'
});
// When user declines all (analytics only)
gtag('consent', 'update', {
'ad_storage': 'denied',
'ad_user_data': 'denied',
'ad_personalization': 'denied',
'analytics_storage': 'denied'
});
Most major CMPs (Cookiebot, OneTrust, Complianz, CookieYes) have GTM integration guides that handle this automatically.
Advanced Consent Mode: How It Works
In Advanced Consent Mode, Google tags load immediately with denied consent signals. The tags fire but operate in a cookieless mode — they send anonymised, cookieless pings to Google rather than full tracking data.
When the user accepts consent, the tags “upgrade” to full tracking mode within the same session. If the user declines, the tags continue operating in cookieless mode for that session.
This cookieless ping data feeds Google’s conversion modelling — machine learning that estimates how many conversions likely occurred among the users who declined cookies, based on statistical patterns from opted-in users.
Why Advanced Consent Mode Gives You More Data
Consider a site where:
- 40% of users accept cookies
- 60% decline
With Basic Consent Mode: you get conversion data from 40% of users. Google models nothing because it has no pre-consent signal.
With Advanced Consent Mode: you get full data from 40%, plus Google models estimated conversions from the 60% using their cookieless pings. In practice, you’ll see 15–30% more modelled conversions in Google Ads reports.
When Advanced Consent Mode is Right
- You run Google Ads and conversion volume matters to campaign performance
- Your legal team accepts that cookieless pings (no persistent identifiers) are acceptable under GDPR
- You want Google’s modelling to fill gaps in your conversion data
- You’ve worked with your CMP to confirm that cookieless pings are considered legitimate interest rather than consent-based processing
Setting Up Advanced Consent Mode in GTM
Step 1: Default Denied Consent (Same as Basic)
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('consent', 'default', {
'ad_storage': 'denied',
'ad_user_data': 'denied',
'ad_personalization': 'denied',
'analytics_storage': 'denied',
'wait_for_update': 500
});
</script>
Step 2: Allow Tags to Fire (Don’t Block Them)
This is the key difference from Basic. In Advanced mode:
- Your GA4 Configuration tag fires on All Pages without a consent check blocker
- The GA4 tag itself detects the denied consent signal and operates in cookieless mode automatically
- You do NOT add a consent-based trigger that blocks the tag
Step 3: Update Consent on User Decision
Same as Basic — your CMP fires gtag('consent', 'update', {...}) when the user decides.
Step 4: Verify Cookieless Pings Are Firing
In Chrome DevTools → Network → filter by google-analytics.com or googletagmanager.com. Before consent is given, you should see network requests but without the _ga cookie parameter. After consent, you’ll see the full _ga cookie.
The Consent Mode Tag in GTM (Built-in Template)
GTM has a native Google Consent Mode tag type that simplifies setup. Instead of writing raw gtag('consent', ...) calls in Custom HTML tags:
- GTM → Tags → New → Tag Configuration → search “Consent”
- Select Google Consent Mode (Legacy) or the newer Consent Initialization option
- Configure default consent states for each signal
- Set trigger: Consent Initialization - All Pages (this fires before other triggers)
Using the built-in tag is recommended — it guarantees correct firing order relative to other tags.
Verifying Your Consent Mode Implementation
Check 1: Consent Overview in GTM Preview
In GTM Preview mode, click any tag and look at the Consent tab. It shows:
- Which consent types the tag requires
- Whether consent was granted or denied at fire time
- Whether the tag was blocked due to consent
Check 2: Consent State in DebugView
In GA4 → Admin → DebugView, consent status is visible per event. Events fired without analytics_storage consent appear with a consent_status: denied label.
Check 3: Network Request Inspection
Open Chrome DevTools → Network → filter requests to google-analytics.com:
# Full tracking (consent granted) — look for _ga cookie:
https://www.google-analytics.com/g/collect?...&_ga=...
# Cookieless ping (consent denied in Advanced mode) — no _ga cookie:
https://www.google-analytics.com/g/collect?...&gcs=G111...
The gcs parameter encodes the consent state. G111 means all consents denied; G100 means analytics_storage granted.
Check 4: Google’s Consent Mode Checker
The Consent Mode Checker Chrome extension from Google’s partners shows real-time consent signals on any page.
Common Mistakes to Avoid
Mistake 1: Setting defaults after tags fire
The gtag('consent', 'default', {...}) call must execute before any Google tag fires. If your Consent Mode default tag has a lower priority than your GA4 tag, the GA4 tag fires first without consent controls. Always use Consent Initialization trigger or set tag priority explicitly.
Mistake 2: Not updating consent dynamically
Setting defaults is only half the job. If you don’t push gtag('consent', 'update', {...}) when users accept or decline, consent stays denied forever even for users who agree.
Mistake 3: Mixing Basic and Advanced Some teams block tags AND set Advanced mode defaults. This defeats the purpose of Advanced — if you block the tag from loading, the cookieless pings never fire.
Mistake 4: Forgetting ad_user_data and ad_personalization
These are the two new v2 signals. Without them, you may lose access to remarketing audiences for EEA users even if ad_storage is granted.
Mistake 5: Testing only on accept Always test the decline path. Open a private window, visit your site, decline cookies, and verify in DevTools that either (a) no Google tags fire (Basic mode) or (b) cookieless pings fire without cookies (Advanced mode).
Which Mode Should Aumlytics Clients Use?
Our recommendation for most e-commerce and SaaS clients:
Use Advanced Consent Mode if:
- You run Google Ads with conversion tracking
- Your legal counsel agrees cookieless pings are acceptable
- You want maximum conversion data completeness
Use Basic Consent Mode if:
- Your sector (healthcare, finance) demands stricter no-fire-before-consent
- You’re targeting primarily German or French audiences where regulators have taken a harder line
- Your CMP doesn’t support the pre-consent firing model
In all cases, both modes require proper CMP setup, correct GTM tag configuration, and verified testing before you can consider the implementation complete.
Need help auditing your current Consent Mode setup or migrating from a legacy cookie-blocking approach? Book a free consultation — we’ll review your implementation and identify any compliance gaps.