It's no secret that the privacy landscape has been going through some major changes lately. End-users are (rightly) concerned about the use of their personal data and regulators are tightening the screws with regulations such as GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act). In addition, the imminent “death” of third-party cookies adds an even greater urgency to updating your privacy standards.
But worry not, because Google is addressing privacy needs through new features and functionalities available with the launch of Google Analytic 4 (GA4). GA4 is designed to tackle the challenges we face in this ever-changing privacy landscape while still enabling businesses like yours to generate the data-driven insights you need to succeed. Let’s see how.
Google Signals – This feature can be activated within the GA4 interface and can provide information on users that are signed into their Google account and have turned on Ads Personalisation with consent to have their information shared. Enabling Google Signals is essential for remarketing and cross-device reporting, while also providing more user targeting options, such as demographics. Google also allows you to enable or disable Google signals data collection on a per-region basis, giving you even greater flexibility.
Which brings us to…
Granular Location and Device Data Collection with Regional Controls - With regional controls, you can tailor your data collection settings to comply with the specific privacy regulations in different regions, specifically more granular location-and-device data such as City and Device Model. Just note this is opt-out feature that you must manually change, and any historical data collected will still exist.
IP Collection - In GA4, IP addresses are anonymized, meaning they are not stored or logged. This way, a user’s location can remain truly anonymous.
EU Data Collection Location – In addition to specifying data collection by region, GA4 collects all data from EU based-devices on servers also based within the EU, keeping the data of your EU users within the region's jurisdiction.
Data Retention - With GA4, you can set data retention periods to manage how long certain user or event data persists in your properties. These are either 2 months or 14 months for standard GA4 accounts and up to 50 months for event-level data for GA4 360 accounts. One thing to note: the data retention setting does not affect standard aggregated reports.
Data Deletion Requests – Google Analytics 4 makes it easy for you to handle data deletion both through the user interface and the User Deletion API and even allows you the ability to choose certain parameters. Keep in mind that a data-deletion request can take between 7 and 63 days to be processed, and data must be more than 12 days old before it can be deleted.
Data Thresholding - Sometimes, it's best to keep things a bit more general. In Google’s words “Data thresholds are applied to prevent anyone viewing a report or exploration from inferring the identity of individual users based on demographics, interests, or other signals present in the data”. While it may be frustrating to think of missing data, know that thresholding ensures privacy compliance.
With all these features available to ensure that the data collection is privacy-compliant, you might be wondering how you’ll be able to get accurate, actionable data. The good news is that Google is working to address this as well. Below are some ways in which Google is tackling data accuracy.
Consent Mode - Consent mode in GA4 allows you to communicate your users' cookie or app identifier consent status to Google, so you can respect their privacy preferences. When users visit your website or use your app, consent mode dynamically adjusts the behaviour of Google Analytics, Ads, and third-party tags based on their consent choices. If users deny consent, instead of storing cookies, tags send cookieless pings to Google. But here's the cool part: GA4 fills in the data gaps with conversion and behavioural modelling, ensuring you still get valuable insights even when consent is denied.
Enhanced Conversions - GA4 with AI magic! Enhanced Conversions supplements your existing conversion tags by sending hashed first-party conversion data from your website (such as email address) in a privacy safe way. The hashed data is then matched with signed-in Google accounts in order to attribute your campaign conversions to ad events, such as clicks or views, giving your measurement a fuller picture.
Server-Side Tagging – Server-side tagging via Google Tag Manager improves data quality by allowing you to correct inconsistencies in event data, validate data before processing, and remove redundant or unnecessary data inserted by the browser or app. By having full control over the data, you can ensure its accuracy and reliability.
But that’s not all!
Server-side tagging reduces the client processing load, improving website and app performance. Overall, server-side tagging provides greater control, improved performance, and enhanced data privacy, making it a valuable addition to your analytics and advertising strategy.
CMP Tag Control – CMP tag control lets you restrict certain tags or tracking scripts until users give you the green light. In addition, you can integrate Google Consent Mode (see Consent Mode features here above) with your Consent Management Platform (CMP) to get more accurate user information while still respecting a user’s privacy choices. This gives you the best balance between data accuracy and user privacy.
There you have it! With GA4's privacy-focused features and technologies, you're all set to navigate the privacy landscape like a pro. You can respect user privacy, comply with the ever-changing legal frameworks, and still deliver on your data-driven strategies. All while setting up for a future where data and privacy go hand in hand.
Want to ensure you’re putting the right measures in place or need some more information? Reach out to your Merkle analytics expert.