Integration with the IAB TCF v2.0

Google supports the IAB Transparency & Consent Framework (TCF) v2.0 in Campaign Manager 360, Search Ads 360, and Display & Video 360 for Floodlight as well as Placement and Tracking tags. This allows Campaign Manager 360, Search Ads 360, and Display and Video 360 to receive and pass on TCF v2.0 user permissions, which are encoded into a “Transparency and Consent string” or “TC string”. Click trackers aren't covered by IAB TCF v2.0.

Note that Campaign Manager 360 and Search Ads 360 share the same set of Floodlight tags. User permissions received in Campaign Manager 360 are inherited by Search Ads 360.

Using the TCF v2.0 is optional, and is not required to continue using Campaign Manager 360, Search Ads 360, or Display & Video 360.

General guidance

The TCF v2.0 string can be passed by consent management platforms (CMPs) to Google tags. CMPs may be deployed on both publisher and advertiser sites. For advertisers who have deployed an IAB TCF v2.0-registered CMP on their own site, follow instructions from your CMP vendor to ensure that Google receives the TC string.

Google can receive or send the TC string through the following:

TCF JavaScript API:

The CMP stores the TC string in a JavaScript variable, which gTag then accesses and retrieves user permission details.

TCF macros:

The IAB TCF v2.0 supports the use of macros in creative tags to indicate where in the URL the TC string should be inserted and sent onwards, as well as to identify which vendors are present. Advertisers who wish to integrate with the IAB TCF v2.0 should work with their pixel vendors to ensure they properly support the following macros:

  • Macro to receive the consent parameter:
    • gdpr_consent=${GDPR_CONSENT_xxxxx} where xxxxx is the global vendor list ID (GVL ID) of the vendor that is receiving the TC string’s.
  • Macro to receive the gdpr status:
    • gdpr=${GDPR} where 1 indicates that GDPR applies and 0 indicates that it does not.
  • Macro to support vendors not on IAB GVL, but on Google’s Ad Tech Provider controls:
    • addtl_consent=${ADDTL_CONSENT} where ADDTL_CONSENT is a dot-separated list of user-consented Google Ad Tech Provider (ATP) IDs. Learn more

The TCF v2.0 signals may also be passed to other vendors that may be included in your creatives or event tags. These signals may control which creatives are eligible to serve based on permissions the user has provided for vendors who are present in the creative and the application of Google’s policies. The TC string also allows users to opt out of being served personalized ads and from being added to audience lists.

Each vendor receiving the TC string has a unique global vendor list ID. For third-party ad tags and tracking pixels, advertisers will need to manually add their vendors’ GVL ID along with the new macro to their tags if they choose to adopt TCF v2.0. Campaign Manager 360, Search Ads 360, and Display & Video 360 will then replace the macro with the TC string so the vendor complies with the user’s preference and continues to pass the TCF user permission details.

Example:

http://vendor-a.com/?key1=val1&key2=val2&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_xxxxx}

Vendor macros are supported in the following:

  • Campaign Manager 360
    • Event tags
    • Floodlight dynamic tags
    • Creative redirects 
    • Custom creatives
    • Online behavioral advertising (OBA) links
    • INS Tags
  • Display & Video 360
    • All creative types and fields where macros are generally supported
Macros implemented within raw creative assets such as HTML5 files and rich media creatives are not supported. If advertisers use these formats and would like to pass the TC string into their third-party calls made from the creative, they should include their own JavaScript code to check for a CMP and access the TCF API themselves.

Tag integration

Campaign Manager 360, Search Ads 360, and Display & Video 360 tags will support the passing of user permissions for advertisers who have implemented an IAB TCF v2.0 registered Consent Management Platforms (CMPs) on their site.

Floodlight tags

Campaign Manager 360, Search Ads 360, and Display & Video 360 all use Floodlight tags for measuring conversions. Depending on how the advertiser’s Floodlight tags are implemented, they will need to do the following if they choose to adopt TCF v2.0:

  • Legacy Floodlight tags (not implemented using the global site tag): Advertisers should add the new macro to all existing Floodlight tags on their site. Alternatively, they can re-download the Floodlight tags which will automatically include the new macro.
  • Floodlight tags (implemented using the global site tag or Google Tag Manager): Advertisers can expect these tags to integrate with the TCF API and should follow the instructions of their CMP to ensure their tags are integrated correctly.  Advertisers using the Global Site Tag or Google Tag Manager can enable TCF support by adding the following line of JavaScript to the global header portion of the tag: window ['gtag_enable_tcf_support'] = true;

    Example:

     <script>

        window ['gtag_enable_tcf_support'] = true;

      </script>

     

    <!-- Global site tag (gtag.js) -->

      <script async src="https://www.googletagmanager.com/gtag/js?id=FL-CONFIG_ID"></script>

      <script>

        window.dataLayer = window.dataLayer || [];

        function gtag(){dataLayer.push(arguments);}

        gtag('js', new Date());

     

        gtag('config','FL-CONFIG_ID');

      </script>

Placement and tracking tags

Only Campaign Manager 360 and Display & Video 360 use placement and tracking tags.

For placement and tracking tags, the publisher’s CMP is responsible for sending the TCF v2.0 user permission details.

  • Display & Video 360: When a tag is executed (or, “fired”) on a publisher’s site, the CMP will first send the TCF user permission details to the ad exchange and then to Display & Video 360. Display & Video 360 then replaces the macro in the tag with the TC string while Campaign Manager 360 serves the creative on the publisher’s site.

  • Campaign Manager 360: The CMP will pass the TCF user permission details directly to Campaign Manager 360 placement tags if the TCF macro is present or automatically through the TCF API.

Depending on the tag, advertisers will need to do the following if they choose to adopt  TCF v2.0:

  • gTag (INS coming soon): No action is required, the TCF user permission details will be automatically passed from the CMP through the TCF API.
  • All other tags: Advertisers seeking to adopt TCF v 2.0 may add the new macro to all existing tags on their site. Alternatively, they can re-download these tags which will automatically include the new macro. Customers can add the TCF to their existing INS tags using the following example as a guide:

    <ins class='dcmads'

     style='display:inline-block;width:300px;height:250px'

     data-dcm-placement='N7480.1664088DOUBLECLICK.NETTEST/B8299600.114131924'

     data-dcm-rendering-mode='script' 

    data-dcm-gdpr-applies=’gdpr=${GDPR}’

    data-dcm-gdpr-consent='gdpr_consent=${GDPR_CONSENT_755}'

    data-dcm-addtl-consent=’addtl_consent=${ADDTL_CONSENT}’

     

     data-dcm-click-tracker='${CLICK_URL}'>

     <script src='https://www.googletagservices.com/dcm/dcmads.js'></script>

    </ins>

Product behavior with the TCF v2.0

Purposes

The TCF organizes data processing using "Purposes", each of which has a corresponding legal basis of Consent or Legitimate Interest. Campaign Manager 360, Display & Video 360, and Search Ads 360 tags will handle requests that contain the consent string in the following ways (where relevant):

Purpose Google's registered legal basis Description Impact if missing
1 Consent Store and/or access information on a device Cookies will not be created or used for measurement or personalization. Unconsented users will not be added to remarketing lists, and attribution reports may be more limited.
2 Flexible - default to Legitimate Interest* Select basic ads This purpose is required for all events that serve ads. If this purpose is not present, the ad may not be served.
3 and 4 Consent Create and use personalized ads profile Events are not eligible for ads personalization, and are not used for remarketing lists. Users already added to audience lists are unaffected.
5 Flexible - default to Legitimate Interest* Create a personalized content profile This purpose is required for all events. If this purpose is not present, the event may not be recorded.
6 Flexible - default to Legitimate Interest* Select personalized content This purpose is required for all events. If this purpose is not present, the event may not be recorded.
7 Flexible - default to Legitimate Interest* Measure ad performance This purpose is required for all events. If this purpose is not present, the event may not be recorded.
9 Flexible - default to Legitimate Interest* Apply market research to generate audience insights This purpose is required for all events. If this purpose is not present, the event may not be recorded.
10 Flexible - default to Legitimate Interest* Develop and improve products This purpose is required for all events. If this purpose is not present, the event may not be recorded.
SP1 Legitimate Interest Ensure security, prevent fraud, and debug This purpose is always present and available within the TCF.
SP2 Legitimate Interest Technically deliver ads or content This purpose is always present and available within the TCF.

* Google is flexibly registered for TCF purposes 2, 5, 6, 7, 9, and 10 and defaults to legitimate interest. Unless a publisher configures their CMP to restrict Google to consent for these purposes, Google will rely on legitimate interest where the CMP has established it with the user. Google is not flexibly registered for purposes 1, 3, and 4 and always requires consent for these purposes.

The remaining TCF purposes are not used by Campaign Manager 360, Display and Video 360, and Search Ads 360 tags, but may be used by other Google products.

Considerations

  • Google interprets gdpr=1 as signaling that TCFv2 applies to an event. When the gdpr= parameter is set to 1 and the gdpr_consent= parameter is present in a Campaign Manager 360 placement tag, gdpr_consent= must contain a valid TC string. If it does not, an ad may not be served or measured. 
  • Unlike the above, Invalid addtl_consent values currently do not prevent ad serving.
  • Google's policies also apply to TCF macros embedded in creatives that link to other vendors. If these macros are invalid, the creative will not be served if Google believes the TCF applies (i.e. the impression is called with gdpr=1). In this case, other eligible creative or the default creative will be served.
     

Note: Google Tag Manager and the global site tag only accept TCF strings that are correctly implemented according to the TCF policies and technical specifications, and adhere to Google’s EU User Consent Policy. If your CMP doesn’t respond within 500 milliseconds or you see “error”, “stub”, or “loading” status, the tag will proceed in a restricted mode: 

  • Writing and reading of Ads first party and third party conversion cookies will be restricted
  • Google Analytics advertising features are integrated with IAB TCF v2 and will treat those requests as if they came in with all Purposes denied, the effects of which are outlined in the table above. 
  • Remarketing features will be disabled.

Troubleshooting error messages

If your CMP doesn’t respond within 500 milliseconds or you see “error”, “stub”, or “loading” status, the tag will proceed in a restricted mode. To fix that:

If you are manually invoking the function to fire a conversion tag:

  • Make sure the response to getTCData TCData.eventStatus = 'tcloaded' OR 'cmpuishown' + 'useractioncomplete' is sent within 500 milliseconds. These indicate the CMP is ready to provide the user with a choice regarding consent.

If you are not manually invoking the function to submit a conversion tag:

  • Work with your CMP to ensure they implement support for getTCData and return TCData.eventStatus = 'tcloaded' OR 'cmpuishown' + 'useractioncomplete' to indicate the user consent is ready for use through the API within 500 milliseconds.

 

Frequently asked questions

What do I do if a publisher won't accept a tag with the TCF parameters included?

Some publishers may have validation checks that may reject DCM tags with the new TCF parameters. If a publisher is outside of the European Economic Area or not participating in the TCF v2.0, you can safely remove the macros from your tags before re-uploading them to publishers. For most Campaign Manager 360 tags, you can remove the following:
gdpr=;gdpr_consent=${gdpr_consent_755}
For INS tags, you can remove the following:
data-dcm-gdpr-consent='gdpr_consent=${gdpr_consent_755}'
data-dcm-gdpr-applies='gdpr=${gdpr}'

I'm a publisher who is not participating with the TCF v2.0. What should I do with the TCF macros in Campaign Manager 360 tags?

You can safely ignore the parameters or remove them from the tags before pushing the tags to your clients.
Was this helpful?
How can we improve it?

Need more help?

Sign in for additional support options to quickly solve your issue