In the ever-evolving digital landscape, the approach towards user tracking and data privacy is undergoing significant shifts. With web browsers phasing out third-party cookies and stringent data privacy laws coming into play, traditional user tracking methods are rapidly becoming irrelevant.
Adapting to these changes is not just necessary for businesses and marketers relying on data-driven insights; it's an absolute must-have.
One of the ways to adapt to the newest tracking challenges is switching to cookieless tracking. Though there are multiple cons and dislikes about the latest version of Google Analytics, it remains the most popular analytics platform. That is why this article will discuss how to set cookieless Google Analytics 4 tracking using the server Google Tag Manager. We will use sGTM, consent mode, Firestore, and stape User-ID power-up.
There are debates about whether cookieless tracking is compliant with GDPR. In this blog post, we share an example of how cookieless tracking can be implemented using Google Tag Manager. Before configuring it, consult with your DPA to check countries' regulations.
When websites want to remember something about you (like what's in your shopping cart or what ad you clicked before you landed on the website), they often use little pieces of data called "cookies."
But now, many websites are moving away from using these cookies to track users' activities. Instead, they're using new methods that don't rely on storing that data on users' browsers. This new way of keeping track without cookies is called "cookieless tracking."
When tracking does not rely on cookies, it uses first-party user data. The best way to gather and safely handle this information is by using server-side tracking. This method lets you track, store, enrich, transform, and strictly control first-party user data flow.
This not only helps to get rid of cookies and make tracking more accurate but also makes it more compliant and has greater control over the user data.
Cookieless tracking helps to adapt to recent changes in tracking privacy and restrictions. Here are a few examples:
Google Analytics 4 uses machine learning to model the behavior of users who did not consent to analytics cookies. They use the behavior of similar users who allowed consent to analytics cookies to model the behavior of those who did not agree to analytics cookies.
To be eligible for machine learning, GA4 property should meet specific:
If your GA4 property doesn't qualify for machine learning or if you discover that machine learning isn't providing accurate results, you have the option to rely on first-party data when a user opts out of analytics cookies and implement cookieless GA4 tracking.
To make GA4 work correctly and recognize users who come back, you have to provide GA4 with the following information:
To set up cookieless GA4 tracking when a user hasn't given consent, we'll use these tools:
To determine if consent was granted or not, I use the gcs parameter. The default GA4 consent configuration sends requests to sGTM, but the request lacks some information. All GA4 requests are written to the Firestore.
To determine if a user without consent has an active session in GA4, we will use the difference in the timestamp of the previous visit vs the current visit. If the difference is more than 30 minutes, we will update the session parameters in Firestore.
Firestore will use the UserID as the document name and save details about the user session within these documents. While this is a straightforward way to organize Firestore, there are numerous other approaches to maintain data about the complete user experience in Firebase.
1.2 If needed, write data to Firestore. For this purpose, I use the Firestore Writer tag. Please check this detailed guide on how to use the Firestore Writer tag. I use the collection UserID. For each user ID, I create a new document that uses cid as a document name.
1.3 The GA4 server-side tag has a standard configuration and triggers every time the GA4 client is claimed, and the user consents to analytics cookies.
2.1.1 If consent to analytics cookies was not granted, I used Stape User ID power-up to add user ID in sGTM request headers.
2.1.2 With the help of the Firestore Writer tag, I write data to Firestore and use Stape User ID as a document name.
2.1.3 To check that the session is active, I use the Firestore Reader variable to extract the timestamp that is associated with the last visit of this user in the Firebase. Then, check the difference between the user's previous session timestamp and the current timestamp. If the timestamp is less than 30 minutes, the user has an existing session.
2.1.4 Parameters are updated like below:
2.1.5 Send modified data to GA4. To update data before sending it to GA4, I use transformation.
2.2.1 If consent to analytics cookies was not granted, I used Stape User ID power-up to add user ID in sGTM request headers.
2.2.2 Write user data based on Stape User ID in Firestore again with the help of the Firestore writer tag.
2.2.3 To check that the session is active, I use the Firestore Reader variable to extract the timestamp associated with this user in the Firebase. Then, check the difference between the user’s last session timestamp and the current timestamp. If the timestamp is more than 30 minutes, a new session has started.
2.2.4 Parameters are updated like below:
2.2.5 Send modified data to GA4. To update data before sending it to GA4, I use transformation. Tag triggers when a GA4 client is claimed, consent is not granted, and the time difference between sessions is more than 30 minutes.
2.3.1. When analytics cookies are not allowed, use Stape’s User ID power-up to generate a user ID.
2.3.2. Check if a user with the same UserID already exists in Firestore. If no user with the same user ID is found, use a Firestore Writer tag to create a user with session details in the database.
2.3.3 Parameters are updated like below:
2.3.4 Send modified data to GA4.
Implementing cookieless Google Analytics 4 tracking through server Google Tag Manager represents a significant step forward in adapting to the changing landscape of online data privacy and user preferences. As the digital world evolves, gathering valuable insights without relying on cookies becomes essential.
By harnessing the power of server-side tracking and Google Tag Manager, businesses can maintain their commitment to data privacy while still harnessing the crucial data-driven insights provided by GA4. This approach not only ensures compliance with emerging regulations but also fosters trust with users concerned about their online privacy. As we navigate the cookieless future, embracing innovative solutions like server-side tracking and GA4 can help businesses stay competitive and relevant digitally.
Find out the details of Google Chrome 3rd party cookies phaseout and how to prepare for these changes.Apr 13, 2023
Learn how you can use Stape's Cookie Keeper to increase first-party cookie lifetime set by third-party IPs in Safari 16.4 and other browsers using ITP.