Google’s New CMP Requirements for Publishers Serving Ads in the EEA and UK

Effective January 16, 2024, publishers and developers utilizing Google publisher products such as AdSense, AdMob and Ad Manager are mandated to employ a Google-certified Consent Management Platform (CMP) seamlessly integrated with the IAB’s Transparency and Consent Framework (TCF) when delivering ads to users in the EEA 🇪🇺 and UK 🇬🇧.

A Consent Management Platform (CMP) serves as a vital solution for web publishers, prioritizing the safeguarding of users’ data privacy by actively identifying and managing all cookies and third-party trackers. These platforms are designed to align with the world’s most influential data privacy laws, including the EU’s General Data Protection Regulations (GDPR), California Consumer Privacy Act (CCPA), Brazilian General Data Protection Law (LGPD), and other global standards.

True to its nomenclature, a CMP takes charge of regulating user consent on websites through the following key functionalities:

  1. Handling Privacy Preferences for Users: CMPs empower users by providing a platform to articulate their privacy preferences. Users can distinctly accept or reject data sharing, ensuring that their consent aligns with their privacy expectations.
  2. Blocking Cookies: Before users agree to share their data, CMPs take a proactive approach by disabling all cookies and other tracking methods. This pre-consent measure guarantees that user data remains secure until explicit approval is granted.
  3. Providing Legally Required Consent Notices: CMPs play a crucial role in ensuring legal compliance by furnishing users with comprehensive consent notices. These notices inform the audience about the specifics of data processing, including details on which entities are involved in the process and the purposes for which their data is being processed.

In essence, Consent Management Platforms contribute significantly to the establishment of a transparent and user-centric online environment, where individuals retain control over their data and are well-informed about how their information is utilized.

Google’s New CMP Requirements

In 2020, Google integrated its ad systems with IAB Europe’s Transparency and Consent Framework (TCF), aiming to establish a standardized method for obtaining user consent regarding their personal data post-GDPR (General Data Protection Regulation) enforcement on May 25, 2018. According to GDPR, consent must be freely given, specific, informed, and unambiguous.

Three years later, TCF 2.2, the latest version of this framework, was finalized. Google mandated its publishers to adopt the updated TCF. On May 16, 2023, new CMP requirements were introduced for Google’s publishers and developers serving ads in the European Economic Area (EEA) and the United Kingdom (UK).

Starting January 16, 2024, publishers must work with a Google-certified CMP integrated with the TCF when serving ads to users in the EEA or UK. The Google-certified CMP list is regularly qualified by Google.

What does this mean for you?

This recent update implies that publishers who rely on basic methods such as popups displaying Terms of Service and Privacy Policies will no longer meet the latest CMP requirements. Instead, it is imperative to collect user consent using a CMP approved by Google when delivering ads to users. Utilizing a certified CMP enables the creation and display of a GDPR message to users, facilitating the gathering of consents mandated by the General Data Protection Regulation (GDPR).

As explicitly communicated in Google’s announcement, failure to adopt a Google-certified CMP will result in only limited ads being eligible to serve on traffic from the European Economic Area (EEA) and the United Kingdom (UK).

To ensure compliance with the latest Google CMP requirements and mitigate the risk of potential revenue loss, publishers should take the following steps:

1. For Publishers Already Using a CMP:

For publishers already employing a Consent Management Platform (CMP), it is crucial to proactively verify whether their CMP provider is included in the Google-certified CMP list. If the CMP partner is found on the verified list, publishers can initiate the process of establishing GDPR user messages within their CMP platform. Additionally, it is essential to declare Google as an ad partner within the CMP platform. This declaration enables Google to access the consent data collected by the CMP, empowering informed decisions about ad serving.

It’s important to note that each CMP platform features a distinct GDPR setup guide. Therefore, publishers are advised to reach out to their CMP partner for support if needed during the implementation process.

Furthermore, publishers should conduct a thorough check with their Mobile Mediation platforms (such as AppLovin MAX, Unity LevelPlay, etc.) to ensure that their current CMP is fully compatible with mediation. This compatibility is essential for reading the Transparency and Consent Framework (TCF) String via the IAB TCF API and sending the granted data string to Google.

Regular reviews of CMP integration and configuration are paramount to ensuring ongoing compliance with GDPR requirements and staying abreast of any updates to Google Ad Manager (GAM). This proactive approach helps publishers maintain a robust and compliant advertising infrastructure in line with the evolving digital advertising landscape.

2. Publishers wishing to use the Google CMP Platform:

To support publishers, Google has suggested a free Google consent management platform available for anyone using Google publishing products, including AdSense, AdMob, and Ad Manager.

Publishers who are working with ProfitSence and have access to Google Ad Exchange should have a Google Ad Manager account. So, they can use Google’s free CMP platform also.

For website publishers, you can integrate Google’s CMP platform simply by opening the Privacy & Messaging tab in your Google AdSense or Google AdManager and creating the European Regulations message. Just you need to add a code to your website.

For app publishers, you can get started effortlessly with Google CMP solutions in 2 main steps:

  1. Implement and Deploy Google User Messaging Platform (UMP) SDK to your app (Android l iOS)
  2. Configure GDPR messaging on your Google Ad Manager account.

Please check this guide provided by Google on how to set up the Google CMP platform on your GAM.

3. Publishers who haven’t integrated with a CMP platform yet:

If you are in search of a new CMP partner, it is recommended to explore the array of Google-certified CMPs or opt for the Google CMP solution for your app. With the deadline for new CMP requirements looming, it is imperative to act promptly and commence the integration process with a certified CMP partner. Time is of the essence, so don’t delay in ensuring compliance with the upcoming requirements by aligning with a certified CMP.

Let ProfitSence guide you through the evolving landscape

As ProfitSence consistently leads the way in embracing transformative shifts within the online advertising sphere, we stand fully prepared to navigate Google’s latest CMP requirements. If you find yourself grappling with the intricacies of these new CMP standards, rest assured that the ProfitSence team is here to provide unwavering support. We are well-equipped to assist you.

Count on us to keep you informed of the latest developments in Google Ads and how publishers can seamlessly embrace these changes without disrupting the performance of your ads. Stay connected for timely updates!

Sheby Ahamed has a keen eye for detail and a deep understanding of the ad tech landscape. Whether it’s through in-depth articles, thought-provoking insights, or compelling storytelling, he’s dedicated to helping people navigate the complex world of ad tech with the simplicity of his words. Also, he is the founder and CEO of ProfitSence.

Leave a Reply

Your email address will not be published. Required fields are marked *

ProfitSence (Pvt) Ltd,
No.289/1, Main Street, Maruthamunai – 06, Sri Lanka 32314

ProfitSence LLC,
30N, Gould St Ste R, Sheridan, WY, 82801 – USA

ProfitSence Ltd,
27, Old Gloucester Street, London, WC1N 3AX – UK


ProfitSence (Pvt) Ltd,
No.289/1, Main Street, Maruthamunai – 06, Sri Lanka 32314

ProfitSence LLC,
30N, Gould St Ste R, Sheridan, WY, 82801 – USA

ProfitSence Ltd,
27, Old Gloucester Street, London, WC1N 3AX – UK

© 2024 ProfitSence LLC. All rights reserved.

Do you agree to let us use cookies? On the ProfitSence website, we use cookies to deliver better user experience, manage authentication and provide relevant alerts. We are committed to protecting your privacy and ensuring your data is handled in compliance with the General Data Protection Regulation (GDPR).