UniConsent
Google will support the US National string within the Interactive Advertising Bureau’s (IAB) Global Privacy Platform (GPP) beginning July 2024. This move aims to enhance flexibility for publishers and their partners in adhering to US state privacy regulations. Notably, this change aligns with ongoing efforts to streamline consent management and privacy compliance. In this article, we help you understand what this update means and how UniConsent is supporting this transition.
Google Data Privacy Changes: Key Updates in July 2024
Previously, advertising data was managed through various IAB privacy strings, each addressing a specific aspect of privacy compliance. While with the growing complexity of the advertising ecosystem and the increasing number of privacy regulations, a more unified and adaptable solution became necessary. This led to the introduction of the IAB Global Privacy Platform (GPP), designed to streamline and simplify these processes.
The IAB’s Global Privacy Platform (GPP) stands as a pivotal initiative by the IAB Tech Lab, revolutionizing privacy and consent management across digital media landscapes. This platform is designed to harmonize technical standards in privacy, offering a unified framework that ensures compliance with various privacy laws and regulations worldwide. By doing so, GPP aims to simplify adherence to privacy norms for online advertising businesses operating globally.
The GPP will support all existing privacy and more in the future, including:
The US National string is part of the IAB Privacy’s National Privacy Technical Specification, which outlines how consent signals should be communicated to ensure compliance with diverse state-level privacy requirements. This update facilitates a more coherent approach to managing user data and privacy preferences across the United States, addressing the patchwork of state laws such as the California Consumer Privacy Act (CCPA) and the Virginia Consumer Data Protection Act (VCDPA).
Google Global Privacy Platform v1.1 (GPP v1.1) for compliance with US privacy laws, though its use is not mandatory for US states.
For users in the European Economic Area or the UK, Google will continue using the IAB Europe TCF with a certified CMP, like UniConsent CMP, and TCF strings sent through GPP will not be accepted.
Despite IAB deprecating the US Privacy String in January 2024 in favor of GPP, Google will still read the US Privacy String to support web and app partners.
It’s important to note that Google does not mandate the use of a Consent Management Platform (CMP), GPP, or the US National specification for compliance in US states. Publishers and CMPs are recommended to adopt GPP strings for US state privacy law compliance.
Google accepts only the following strings within GPP: US National, California, Virginia, Colorado, and Connecticut.
Google does not accept the IAB Canada TCF, US Privacy String, US State Utah, or IAB EU TCF v2 as part of GPP support.
Publishers should collaborate with their CMP partners to ensure that IAB EU TC strings are generated according to the IAB EU TCF v2 specification.
For US National, Google will activate restricted data processing (RDP) if any of the following criteria are met, Google only reads these fields:
US States string for California, Google will activate restricted data processing (RDP) if any of the following criteria are met, Google only reads these fields):
US States string for Virginia, Connecticut, and Colorado will activate restricted data processing (RDP) if any of the following criteria are met, Google only reads these fields:
The user opted out of the Sale of the Consumer's Personal Information.
The user opted out of Processing the Consumer's Personal Data for Targeted Advertising. Google will activate restricted data processing (RDP) if any of the following criteria are met:
The user opted out of the Sale of the Consumer's Personal Information.
The user opted out of Processing the Consumer's Personal Data for Targeted Advertising.
Using UniConsent CMP now to meet All of these requirements.
Google recommends that publishers continue to use their tools for tagging sites, apps, and requests for child-directed treatment to ensure compliance with COPPA and other relevant regulations.
For US National, Requests will be marked for child-directed treatment (TFCD) if any of the following criteria are met:
Requests will trigger restricted data processing (RDP) if any of the following criteria are met:
For California, Requests will be marked for child-directed treatment (TFCD) if any of the following criteria are met:
For Virginia, Colorado, Requests will be marked for child-directed treatment (TFCD) if the following criteria are met:
For Connecticut, Requests will be marked for child-directed treatment (TFCD) if any of the following criteria are met:
Requests will trigger restricted data processing (RDP) if any of the following criteria are met:
Using UniConsent CMP now to meet All of these recommends.
UniConsent CMP is a globally recognized and certified Consent Management Platform (CMP) catering to leading publishers and serving tens of millions of users daily. By providing a seamless privacy experience, UniConsent CMP helps businesses navigate the post-GDPR era and meet the evolving demands of data protection regulations. Contact us to learn more: hello@uniconsent.com
Activate Google Consent Mode UniConsent to enhance the accuracy of your Google Analytics and Google Ads conversion data.
Set up Google Consent Mode →Get started to make your website and application compliant for EU GDPR, US CPRA, CA PIPEDA etc
Sign upLeading CMP UniConsent Partners with Google to Activate Consent Mode
RTL Belgium Ordered to Add "Reject All" Button and Stop Using Deceptive Colors on Cookie Banners
CCPA: What is Opt-Out Preference Signal (OOPS)
Google Consent Mode V2 Explained
New York Attorney General Releases Guidelines for Website Privacy Controls
Google's Recent Decision to Retain Third-party Cookies
Get started to make your website and application compliant for EU GDPR, US CPRA, CA PIPEDA etc
Sign up