After years of planning to kill off third-party cookies, Google reversed its decision on July 22, 2024. Instead of a total phase-out, they let users make an "informed choice" about their tracking preferences across the web.
Google changes its direction at a moment's notice. More importantly, even if third-party cookies stay, user privacy habits haven't changed. People are still opting out, browsers like Safari already block them, and ad blockers are everywhere.
Relying on standard browser tracking is becoming a game of "missing data." GA4 was built for this privacy-first world, but to unlock its full potential, you need to move beyond the default settings. Implementing Google Analytics server-side tracking is the extraordinary way to reclaim your data, bypass browser limits, and stay ready for whatever Google decides to do next. Implementing GA4 cookieless tracking ensures your data remains accurate even in these restrictive environments.
Websites traditionally use cookies to track user actions, like saving cart items or recording ad clicks. But with growing privacy concerns, many are shifting to cookieless tracking. This raises a common question: does Google Analytics 4 use cookies? By default, the answer is yes, but you can configure it to function as Google Analytics without cookies.
Cookieless tracking Google Analytics relies on first-party data instead of browser-stored cookies. The most reliable way to implement this is through server-side tracking. This not only helps to get rid of cookies and make tracking more accurate but also makes it more compliant and has greater control over the user data.
Google Analytics 4 uses machine learning to model the behavior of users who did not consent to analytics cookies. They use the behavior of similar users who allowed consent to analytics cookies to model the behavior of those who did not agree to analytics cookies. This is a core component of how Google Analytics 4 cookieless features work today.
To be eligible for machine learning, GA4 property should meet specific criteria:
analytics_storage='denied' for at least 7 days.analytics_storage='granted' for at least 7 of the previous 28 days.If your GA4 property doesn't qualify for machine learning or if you discover that machine learning isn't providing accurate results, you have the option to rely on first-party data when a user opts out of analytics cookies and implements Google Analytics 4 without cookies.
To make GA4 work correctly and recognize users who come back, you have to provide GA4 with the following information:
cid)sid)sct)_fv)seg)To set up cookieless tracking in GA4 when a user hasn't given consent, we'll use these tools:
gsc parameter.GA4 is a complete rebuild designed for a privacy-first world. Let's try to discover how Google Analytics 4 can thrive without third-party cookies:
Focus on events. GA4 uses an event-based model to track every interaction as a unique event-like clicks, scrolls, and video plays. It focuses on what users do rather than who a third-party cookie says they are. It also merges web and app data into one view, giving you a seamless look at your audience. This approach is fundamental to Google Analytics cookieless tracking.
Track users across all devices. Unlike older versions, GA4 connects the dots across different platforms and devices. Even without third-party cookies, its cross-platform tracking helps you see the full customer journey. This provides a holistic view of how users move from a mobile app to a desktop site, filling in the blanks that cookieless environments often create.
Put privacy first. GA4 puts privacy at its core to meet strict global laws like GDPR and CCPA. It automatically anonymizes IP addresses and lets you adjust data collection based on user consent signals. That’s how your tracking stays compliant while building the audience's trust.
Fill data gaps with AI/ML. When cookies disappear, data gaps are crucial. GA4 solves this vulnerability by using advanced AI and machine learning. These algorithms predict user behavior and "model" missing data points. This means you still get accurate insights and conversion paths even when direct tracking isn't possible.
Double down on first-party data. GA4 cookieless strategies prioritize first-party data, allowing businesses to gain insights directly from their audience in a privacy-compliant manner. GA4 is optimized to squeeze every drop of value from the data users give you directly.
The move to GA4 is a major evolution. While the "cookieless" world brings new challenges, it also creates a chance for more honest and accurate data analysis. To maximize GA4's potential, you should learn how to implement cookieless tracking to strengthen your first-party data and implement Google Consent Mode.
To determine if consent was granted or not, we use the gcs parameter. If you want to know how to set up cookieless tracking in GA4, you must understand that the default configuration lacks some information, so all requests are written to Firestore for "memory."
To determine if a user without consent has an active session in GA4, we will use the difference in the timestamp of the previous visit vs the current visit. If the difference is more than 30 minutes, we will update the session parameters in Firestore.
Firestore will use the UserID as the document name and save details about the user session within these documents. While this is a straightforward way to organize Firestore, there are numerous other approaches to maintain data about the complete user experience in Firebase.
1.2 If needed, write data to Firestore. For this purpose, we use the Firestore Writer tag. Please check this detailed guide on how to use the Firestore Writer tag. We use the collection UserID. For each user ID, we create a new document that uses cid as a document name.
1.3 The GA4 server-side tag has a standard configuration and triggers every time the GA4 client is claimed, and the user consents to analytics cookies.
2.1.1 If consent to analytics cookies was not granted, we used Stape User ID power-up to add user ID in sGTM request headers.
2.1.2 With the help of the Firestore Writer tag, we write data to Firestore and use Stape User ID as a document name.
2.1.3 To check that the session is active, we use the Firestore Reader variable to extract the timestamp that is associated with the last visit of this user in the Firebase. Then, check the difference between the user's previous session timestamp and the current timestamp. If the timestamp is less than 30 minutes, the user has an existing session.
2.1.4 Parameters are updated like below:
cid and client_id is the value of Stape UserIDga_session_number - a value of the ga_session_number in the Firestorega_session_id - a value of the ga_session_id in the Firestorex-ga-mp2-seg (engaged session) is set to 1x-ga-system_properties.fv (first visit), x-ga-system_properties.ss (session start), x-ga-system_properties.nsi (new session ID) are removed.2.1.5 Send modified data to GA4. To update data before sending it to GA4, we use transformation.
2.2.1 If consent to analytics cookies was not granted, we used Stape User ID power-up to add user ID in sGTM request headers.
2.2.2 Write user data based on Stape User ID in Firestore again with the help of the Firestore Writer tag.
2.2.3 To check that the session is active, we use the Firestore Reader variable to extract the timestamp associated with this user in the Firebase. Then, check the difference between the user’s last session timestamp and the current timestamp. If the timestamp is more than 30 minutes, a new session has started.
2.2.4 Parameters are updated like below:
cid and client_id is the value of Stape UserID.ga_session_id is a ga_session_id value from Firestore, previously set to timestamp in seconds.ga_session_number is the ga_session_number number you have in Firestore plus 1.x-ga-system_properties.ss (session start) is set to 1.X-ga-mp2-seg (Engaged Session) is set to 1.x-ga-system_properties.fv is removed.2.2.5 Send modified data to GA4. To update data before sending it to GA4, we use transformation. Tag triggers when a GA4 client is claimed, consent is not granted, and the time difference between sessions is more than 30 minutes.
2.3.1. When analytics cookies are not allowed, use Stape's User ID power-up to generate a user ID for Google Analytics 4 without cookies.
2.3.2. Check if a user with the same UserID already exists in Firestore. If no user with the same user ID is found, use a Firestore Writer tag to create a user with session details in the database.
2.3.3 Parameters are updated like below:
cid and client_id is the value of Stape UserID.ga_session_id is ga_session_id from Firebase.ga_session_number is the ga_session_number number you have in Firestore.x-ga-system_properties.ss (session start) is set to 1.x-ga-mp2-seg (engaged session) is set to 1.x-ga-system_properties.fv (first visit) is set to 1.2.3.4 Send modified data to GA4.
So, you've built your cookieless server-side pipeline. Now, we have to prove it works. Since we aren't relying on the usual _ga cookies, we need to look under the hood of your network requests.
1. Inspect the GCS parameter. Open your website and use the browser's Inspect tool (F12) to watch the Network tab. Look for the Google Analytics requests (collect?v=2…).
gcs=G100 or gcs=G101.It tells GA4 to ignore cookies. If you see this and the data still reaches your server, you're on the right track. This confirms the browser is running Google Analytics without cookies.
2. Watch the sGTM Preview Console. Enter the Preview Mode in your Server GTM container. Trigger an event without giving consent.
cid) and Session ID (sid) being sent. If these values are present even without a cookie, your Firestore logic is doing its job.3. Verify Firestore records. Head over to your Firebase Console.
last_visit timestamp, session_id, and session_number. If the data is there, "memory" is also working.4. Check GA4 Realtime Reports. Finally, open your GA4 Realtime report.
cid and sid, GA4 will see you as a single, consistent user rather than a series of disconnected "pings."Implementing GA4 cookieless tracking through server Google Tag Manager represents a significant step forward in adapting to the changing landscape of online data privacy and user preferences. As we navigate the future, knowing how to implement cookieless tracking will help businesses stay competitive and relevant digitally.
By using the power of server-side tracking and Google Tag Manager, businesses can maintain their commitment to data privacy while still harnessing the crucial data-driven insights provided by GA4. This approach not only ensures compliance with emerging regulations but also fosters trust with users concerned about their online privacy. As we navigate the cookieless future, embracing innovative solutions like server-side tracking and GA4 can help businesses stay competitive and relevant digitally.
We are happy to hear that! Click on Try for free to register and check all the possibilities.
Comments