How to prepare for the ongoing data privacy changes

The quality of the data we’re used to is failing, and the ongoing data privacy changes are inevitable.

Browsers and operating systems are restricting or ending support for third-party identifiers, and major platforms, like Firefox and Safari, have targeted third-party tracking technology. Google announced at the start of last year that it will phase out third-party cookies on Chrome by 2022.

Legal regulations require advertisers to make a meaningful request for tracking consent, in the form of cookie notices and banners as you open a website. We expect to see increasingly strict enforcement of these regulations.

Data privacy is ever more crucial for building trust with customers. Users demand greater transparency and control over how their data is used when they’re online, and organisations must adapt to meet these demands and remain compliant. 

The problem is that users not opting-in or not expressing consent will have an increasing impact on how marketers and advertisers collect data. So what knock-on effect will these data privacy changes have?

How will this impact the advertising industry?

Data collection helps to create a complete view of the customer journey and helps with analysing how people interact with your business. Without third-party tracking, three primary areas of our industry are affected, namely targeting, bidding and effectiveness.


  • An inaccurate impression of consumer interests
  • Stale cookie pools, as new cookies are not being processed


  • Bid strategies are stunted by incomplete conversion data
  • Poorly targeted bid modification


  • Incomplete conversion data from ads
  • Limited attribution to ad impressions

What are the responses and implications?

With the cookie crackdown, there is an opportunity for marketers and advertisers to reinvent their approach to data, privacy and measurement.

First-party customer data will be more important than ever. Platforms like Facebook and Amazon will take advantage, of course, but there are other ways to compensate.

Privacy ready performance blog 1

How can marketers adapt to these data privacy changes?

There are alternatives to hyper-targeted third-party data and ways you can continue to track your audiences without it. The roadmap to ‘privacy-readiness’ below outlines some of the ways this can be achieved.

Privacy ready performance blog 2

Advertisers and marketers with these solutions in place will achieve significantly more complete, more accurate tracking. Here are the features and benefits of the technologies in this roadmap.

Consent mode 

Consent modes allow you to adjust how your Google tags behave based on the consent status of your users, so you can comply with their choices. The tags will adapt dynamically, only utilising measurement tools for the specified purposes when consent has been given. 

Additionally, modelled conversions use data that does not identify individual users to estimate conversions that aren’t observed directly. This feature offers a more complete report of your conversions if limitations are in the way.

Google Analytics 4

Google Analytics 4 (GA4) is the newest version of Google’s popular data collection and web traffic analysis software. New features include data modelling that uses artificial intelligence, and most importantly, a privacy-first approach. Flexible data collection methods in GA4 make it the best choice for sending data to server-side Google Tag Manager (GTM). You can find out more about GA4 in the recording of our recent Croud Academy Live session.

Enhanced conversions for Google Ads & Facebook conversions API

The personally identifiable information (PII) – like name, email address and phone number – that describes a converting user is encrypted and delivered to the ad platform as a second way of counting conversions. Google Ads and the Facebook conversions application programming interface (API) use the hashed PII to match conversions to the corresponding cookie ID via the user’s account details.

Server-side GTM

Server-side GTM allows a site-owner to do more to protect users’ personal data and privacy choices, because as the data passes through the server-side container, you can modify it to adhere more specifically to your data privacy approach. Server-side tracking uses your own domain to serve a first-party tracking library and cookies, which helps to protect data collection operation from overzealous browser privacy technologies.

Traditional website configuration without server-side Tag Manager
Website configuration with server-side Tag Manager

Server-side tracking allows site owners to move tracking tags off their website or app and into a server-side tag container, which will normally be hosted on a cloud platform, like Google Cloud Platform. Server-side tracking offers a few advantages over using client-side tags.

  • Improved performance: Fewer tags on the website or in the app means less code to download and run client-side. It means that the tracking you’re doing is less visible, but site- and app-owners are no less accountable to the law. 
  • Better privacy: User data is better protected by collecting, managing and distributing data through a server-side environment. Data is sent to e.g. Google Cloud Platform, where it is then processed and validated, before being routed to third parties vendors.
  • Better security: Fewer third-party technologies on your website makes for a tighter, more secure Content Security Policy.
  • Better data collection: Taking Google Tag Manager as an example, the JavaScript libraries for both GTM and the GA4 client-side tag are served from your own domain. They’re first-party, and so are the cookies they set. This protects your data collection from overzealous browser privacy technologies.

How can you use the Facebook conversions API?

Conversions API is the Facebook Business Tool that enables sharing of key web and offline events, or customer actions, directly from your server to Facebook’s. You can use it to measure customer actions, help improve the accuracy of information and control the data you share – ideal for ad and conversion optimisation.

There are a few ways you can use this tool. 

  • Platform integration: If your ecommerce site runs on Shopify, for example, you can configure the link between Shopify and Facebook to send sales data directly to the Facebook Conversions API. This is an easy configuration to set up.
  • Stand-alone Facebook server-side solution: Build your own integration on your web, ecommerce, fulfilment or CRM platform.
  • Send conversion and PII data to server-side GTM container: Collect conversion data with PII from a site tag (e.g. GA4), send it to e.g. server-side GTM, and use tags in the container for the Facebook Conversions API, Google’s Enhanced Conversions, and other solutions in the future. Be sure to strip the PII before passing it anywhere else.
  • Send conversion and PII data from a back-end system to your server-side GTM container: Build your own integration on your web, ecommerce, fulfilment or CRM platform, and use it to send conversion data with PII to your server-side tracking container. Use that data for the Facebook Conversions API, Google’s Enhanced Conversions, and other solutions in the future.

What’s next?

When it comes to data quality and privacy, there isn’t a single fix — we’re flexing with a developing trend, and designing bespoke solutions based on how the landscape is evolving. Multiple platforms are affected by these ongoing data privacy changes, so we’re working with clients to implement lasting, scalable technology that will work across the board.

We’re working to protect data quality, but it’s not enough on its own. Keeping up means also activating first-party data and diversifying methods for judging effectiveness. To find out more about our data solutions, or if you have any queries on getting ‘privacy-ready’, get in touch.

by Kevin Joyner
24 March 2021



Related posts