Google Analytics GDPR: Detailed Explanation of The Background of GA4
Google Analytics GDPR
In recent years, an increasing number of countries around the world have enacted laws and regulations similar to GDPR and ITP. First, we will introduce four regulations regarding personal information that are currently a hot topic.
- GDPR
- ITP
- Personal Information Protection Act
- CCPA
Let's take a closer look.
What is GDPR?
GDPR is a regulation for the protection of personal information that was implemented in the EU in 2018. The official name is "General Data Protection Regulation."
Due to this rule, "information that was not previously considered personal information" such as IP addresses and cookies is now considered personal information.
GDPR also led to the widespread adoption of rules that require companies to obtain user consent when acquiring personal information.
These rules apply not only to companies located in or providing services to the EU, but also to "processing carried out within the EU" by a controller or processor.
In other words, even if you are collecting web behavior data from users located in the EU, it will still fall within the scope of GDPR.
Furthermore, the GDPR also applies to the cookies of Japanese people who have stayed in the EU for a short period, such as on a trip. As you can see, GDPR has a wide scope of applications and has had a major impact on those engaged in digital marketing.
What is ITP?
Due to ITP, some restrictions have been placed on Safari's ability to collect cookie data such as ``what sites you visit on the web and how long you visit'' and ``what you purchase.'' The collection of user behavior data for advertising purposes is regulated.
Since the first version of ITP, "ITP1.0", was released in 2017, it has been continuously updated. With each update, the scope of regulation increases.
What is the revised Personal Information Protection Act?
In Japan, the revised Personal Information Protection Act has been enforced since April 2022. Until now, there were no regulations regarding cookies. However, under this law, information obtained through cookies is now treated as "personally related information."
Personal information is information that does not identify individuals, such as IP addresses, device-specific IDs, advertising IDs, and other identifiers, location information, browsing history, and purchasing history.
Currently, there are no restrictions on the collection or handling of personal information. However, if it becomes possible to identify an individual by providing personal information to another company, it is mandatory to obtain the consent of the individual. Companies that link information obtained through cookies, etc. with external data must obtain consent from users in advance.
What is CCPA?
This law requires companies to notify users when they collect personal information from users. It is unique in that it broadly defines personal information and applies not only to businesses within California but also to cases where the personal information of residents is handled.
What are the cookie regulations (GDPR/ITP)?
GDPR, ITP, and other relevant laws and regulations around the world also impact how Google Analytics measures. This is because Universal Analytics (UA), the traditional Google Analytics, uses cookies to measure data. We will provide an easy-to-understand explanation of cookies that are closely related to GDPR and ITP.
What are cookies?
Cookies are a mechanism for temporarily storing user information and saved information when a user visits a website with a browser.
There is a variety of information stored by cookies, and examples include attribute information such as IDs, passwords, and email addresses, and access information such as the number of website visits. There are two types of cookies:
- 1st Party Cookie
- 3rd Party Cookie
First-party cookies are cookies that are issued by the domain of the site you visit and function only within that site. Third-party cookies are cookies that work across multiple sites.
The cookie system allows you to use functions based on your previous actions, such as being able to automatically log in to a site you have already logged into.
What is Cookie Regulation?
Cookie regulation is a movement to restrict the use of user information stored in cookies. Currently, the main regulations are regarding third-party cookies that collect information across sites.
However, there is a non-zero possibility that regulations regarding first-party cookies will be introduced in the future. Even now, many browsers have already changed their specifications to comply with cookie regulations.
- Safari's ITP feature (blocking third-party cookies)
- Chrome privacy protection features (phasing out third-party cookies)
- Comprehensive cookie protection in Firefox (default privacy features)
In this way, cookie regulation has many impacts on the web industry. Of course, the impact on the advertising industry cannot be ignored.
Impact of cookie regulations (GDPR/ITP) on the advertising industry
The web advertising industry has been greatly affected by the enforcement of GDPR and the introduction of ITP. This is because "measures that were possible in the past" are no longer possible. We will explain two impacts that GDPR and ITP have had on the advertising industry.
- Measurement tools become less accurate
- Retargeting ads are limited
Let's take a closer look.
Measurement tools become less accurate
Many companies have probably introduced tools that measure the number of page views, length of stay, number of conversions, etc. of websites and advertisements. Measurement tools usually use cookies to obtain data. Therefore, if the collection of information using cookies is restricted by GDPR or ITP, it is inevitable that measurement accuracy will decline.
The conventional Google Analytics "UA" that many people use uses first-party cookies to measure data. Therefore, the impact is not as great compared to tools that use third-party cookies.
However, due to ITP, cookies are deleted within one day when accessing Safari, so it is inevitable that the accuracy of the measurement results will decrease.
Additionally, if third-party cookies are no longer available, it will no longer be possible to measure "view-through conversions," where a user clicks on an ad once, accesses the site via a different route later, and converts to a CV.
Even if the impact is small, if cookie regulations become stricter in the future, even tools that use first-party cookies may no longer be able to measure.
Therefore, Google Analytics users need to migrate to GA4 (google Analytics 4 property), which supports cookie regulations.
Retargeting ads are limited
Retargeting advertising is an Internet advertising method that targets users who have previously visited your website and delivers your company's advertisements.
For example, let's say you look at a product on an e-commerce site and then move to another site. In this case, if an advertisement for an e-commerce site appears on the destination site, it means that a retargeting advertisement is being displayed.
Retargeting ads use the functionality of third-party cookies. Therefore, it may become difficult to display advertisements in the future due to regulations such as GDPR and ITP.
Nowadays, it is no longer possible to obtain conversions by simply running remarketing ads. ``How to build a system that does not rely on remarketing and run the PDCA cycle'' is a major issue in the industry.
GA4 is a tool that complies with cookie regulations (GDPR/ITP)
The access analysis tool "GA4" is essential for implementing digital marketing while keeping up with the GDPR and ITP cookie regulations.
According to Google's announcement, GA4 is measured using a tracking mechanism that does not rely on cookies. *1
Furthermore, GA4 is constantly being updated to comply with cookie regulations and legal changes around the world. For example, to comply with cookie regulations, we have included the following features: *2
- EU data is processed within the EU
- Enabling user data collection to be controlled on a country-by-country basis
- Do not save IP address
GA4 allows data measurement that does not depend on cookies. In the future, it will become an essential tool in digital marketing.
Besides GA4! Measures against Cookie regulations (GDPR/ITP)
What is GDPR?
What points should I pay attention to when marketing to comply with the GDPR and ITP cookie regulations?
Here, we will introduce the following four countermeasures.
- Implement consent management tools
- Does not rely on third-party cookies
- Doesn't rely on retargeting
- Take advantage of alternatives
Let's take a closer look at the four solutions.
Implement consent management tools
A consent management tool is a tool that allows website visitors to confirm and manage their consent to obtain cookies. Consent management tools allow you to collect user information while complying with cookie regulations.
In recent years, an increasing number of websites are displayed a pop-up message on the screen asking, "Do you agree to the acquisition of cookies?"
This is one of the features of consent management tools. There are a variety of consent management tools, including free and paid ones, and ones that comply with overseas regulations. It is important to choose the most suitable one according to your company and cookie regulation situation.
Does not rely on third-party cookies
In order to comply with GDPR and ITP cookie regulations, it is important to establish a system that does not rely on third-party cookies. Specifically, the use of first-party data is important. First-party data is information about your customers that your company collects. Examples include:
- Customer information registered on the EC site
- Data accumulated and analyzed using MA tools, CRM, and SFA
- User behavior data collected through first-party cookies
- Customer purchase history, etc.
First-party data is information directly obtained from users who are interested in your company, so it has the advantage of being highly reliable and useful.
In the coming era, it will be important to utilize first-party data to conduct "One to One Marketing" tailored to each individual's interests and needs.
Utilizing first-party data is also effective for "engagement marketing," which increases customer trust and intimacy (customer engagement).
Don't rely on retargeting
Cookie regulations will make it difficult to deliver retargeting advertisements using third-party cookies. Therefore, marketing activities that do not rely on retargeting ads are important. Examples of specific marketing measures include:
- SNS marketing
- video marketing
- Utilization of owned media
- Nurturing customers through email newsletters
- influencer marketing
Content marketing, as described above, where companies proactively disseminate information and attract the attention of users, is recommended in the cookie-less era.
Take advantage of alternatives
Companies that have relied on retargeting advertising should use "targeted advertising within the platform's domain" as an alternative.
This refers to advertisements that utilize information held by Google and Yahoo! to deliver advertisements tailored to users' interests and attributes. For example, let's take the case of distributing Yahoo! ads.
Yahoo! segments the users who click on Yahoo! ads, so based on that segment information, it is possible to deliver ads to the most appropriate audience. This is called "ad clicker targeting."
Additionally, platforms such as Google and Facebook allow you to deliver your own targeted ads using information collected by your company. Since the information held by the platformer is used within the platformer's domain, it is treated as a first party and is not subject to cookie regulations.
Post a Comment