DMA: Google requires European advertisers to change their consent collection & sharing practices

Digital Market Act

Who is affected by the Digital Market Act?

Six “gatekeepers” are at the heart of this legislation: Alphabet (Google), Amazon, Apple, ByteDance (TikTok), Meta, and Microsoft. They all match three specific, cumulative conditions defined by the EU – economic, geographical, and temporal.
More precisely, gatekeeper services considered “Core Platform Services” will be affected by DMA requirements.

‍

‍

What is the DMA’s purpose?

Powerful online platforms currently behave as “gatekeepers” in the digital world. The DMA aims to guarantee equitable behavior from these platforms. By implementing this legislation, the EU means to reframe gatekeeper responsibilities; the DMA fits within a context where the Union attempts to establish its digital sovereignty and create healthier competition by unlocking innovative potential.

When will the DMA be enforced?

Gatekeepers were officially named in September 2023 and must comply with the DMA by March 6, 2023.

Where will the DMA be active?

The Digital Market Act will be applied within the European Economic Area (EEA), which includes all 27 EU countries as well as three additional nations: Norway, Iceland, and Lichtenstein.

Which obligations are included in the DMA?

To encourage the development of a competitive, innovative digital ecosystem, strong regulations are imposed upon gatekeepers relating to:

1. Targeting to self-promote their own services
2. Sharing user data between different services within an ecosystem for activation and measurement purposes
3. Preventing competition with businesses using their services
4. Authorizing other intermediaries and direct sales
5. Forbidding the pre-installation of software services by default
6. User data portability and access
7. Access for businesses to data generated by their activities
8. Providing information on gatekeepers’ buyout operations

Regulating user-related data-sharing practices between services within an ecosystem will predominantly impact gatekeepers’ advertising departments and, consequently, advertisers’ marketing teams. In effect, these sharing practices allow for media activation (targeting or excluding audiences, targeting lookalike audiences) and measurement (media attribution).

From March 6, 2024, gatekeepers must ensure that auditable, traceable consent signals are collected from users to allow data sharing between services within an ecosystem.

Google and advertisers: compliance and changes in collecting practices  

As several of its services were classified as “Core Platform Services” (CPS), Google has officially been identified as a gatekeeper. As such, the company must comply with the Digital Market Act. Notably, Google was the first gatekeeper to announce compliance measures related to this regulation.

What does this actually change for Google?

As a gatekeeper, Google must collect explicit consent from its users before sharing and cross-referring their data between its platforms for targeting purposes. This DMA regulation will have the strongest impact on advertisers, directly affecting audience sharing from Google Analytics 4 to Google’s media activation platforms (Google Ads and GMP suite), and the creation of audiences derived directly from these platforms’ tracking data, which represent widely deployed use cases.

Consent Mode and Consent Management Platform: major changes on the horizon

As Google now needs to collect auditable and traceable consent signals to activate cross-platform audiences, advertisers must undertake several actions:

• Set up a Consent Management Platform (CMP)
• Online Data Collection - Transmit analytics and media consent to Google tools via Consent Mode. While the latter is already available, its new version will allow for sharing consent signals with Google. Consent Mode’s primary function, collecting anonymized pings to model unconsented traffic, will therefore extend to sharing user consent in compliance with the DMA, widely formalizing the use of this function.

Choosing a Google-certified Consent Management Platform is recommended for implementing Consent Mode v2

• Offline Data Sharing - Update Google’s APIs and SDKs to share offline consent signals to Google media platforms

The DMA will primarily impact media targeting. Measurement (leveraging GA4 events for measuring purposes within media tools) could be impacted later in 2024.

Google will share more information on the matter by the end of 2023 – we will relay relevant news on fifty-five’s website, the Tea House blog, and on social media.

How will non-EEA countries be affected?

The sharing of consent signals depends on user location, which will be determined and measured through IP addresses. For instance, a Swiss brand must collect consent signals from French, Italian, or German visitors browsing from their respective countries and share them with Google through Consent Mode v2.

What about the other gatekeepers?

As of the publication of this article, the other gatekeepers have yet to announce compliance measures.

In a digital environment in constant flux, fifty-five helps brands define their data strategy and deploy collecting and activation technologies in a safe and compliant manner. If you’d like to know more about our offers or have any questions, don’t hesitate to contact us!

To learn more or if you have any questions: contact-fr@fifty-five.com

‍