WP Consent API Plugin is a tool that standardizes the communication of accepted consent categories between plugins. As a webmaster or website business owner, by default, you may notice that you’re using WPCode to add third-party scripts to your WordPress website. That’s great! But, there’s something that should be keeping you up at night… Many of these scripts use cookies.
On that note, without proper consent management, you could be unknowingly breaking privacy laws like GDPR and CCPA. Trust us, our Web Tech Experts Taskforce learned this the hard way. That’s why a few concerned developers created WP Consent API Plugin for users — a new plugin specifically designed to make compliance with privacy laws easy and set up cookie consent.
To give you an idea, if you have website visitors from the European Economic Area (EEA), Switzerland and the United Kingdom, you should obtain consent from these users if you’re using Google Ads or Google Analytics. This is due to the Digital Markets Act (DMA), where users in these regions must provide consent before they can be tracked. Ultimately, it’s up to the webmasters.
Your website administrators may help decide if consent mode is suitable for the website. They may consider factors such as where the visitors are coming from, and whether they wish to ensure that all users grant consent to be tracked. Sometimes, website visitors from other regions may require explicit consent before they are tracked. Let’s explore ways to help you stay compliant.
Data Management Consent Mode — Why It Matters So Much
Technically, consent mode is a systematic process that interacts with a Consent Management Platform (CMP) or custom implementation to obtain visitor consent via a cookie consent banner or similar approach. Consent mode receives users’ consent choices from a cookie banner or widget and dynamically adapts the behavior of Analytics and Ads tags that create or read cookies.
When consent mode is enabled, visitors to your site from countries in the European Economic Area (EEA), Switzerland and the United Kingdom will not be included in Analytics and Ads tracking by default as required by the Digital Markets Act (DMA). This means that only visitors who have explicitly given consent via a consent management plugin will have their data tracked.
Usually, when visitors deny consent, tags communicate this to Google and cookie data is not stored. If you are using Google Analytics 4, Google fills the subsequent data collection gaps with conversion modeling and behavioral modeling. When consent mode is enabled, only visitors who have explicitly given consent via a consent management plugin will have their data tracked.
If you didn’t provide an option for users to grant consent via a third-party consent management plugin, visitors from the European Economic Area (EEA), Switzerland and the United Kingdom will not be included in Analytics and Ads reporting. In addition, some users (not included in Analytics and Ads reporting) may be presented with the opportunity to grant consent but choose not to do so.
Adding Customizable Cookie Banners Plus Script Blocking Features
Regarding the WP Consent API Plugin, it’s worth noting that two indicators together tell if consent is given for a specific consent category, e.g., “marketing”: 1) the region based consent_type, which can be opt-in, opt-out, or other possible consent_types; 2) and the visitor’s choice: not set, allow, or deny. The consent_type is a function that wraps a filter, “wp_get_consent_type”.
If there’s no consent management plugin to set it, it will return false. This will cause all consent categories to return true, allowing cookies to be set on all categories. In this case, if opt-in is set using this filter, a category will only return true if the value of the visitor’s choice is “allow”. There are various consent requiring plugins where the consent management plugin may apply.
Including:
If the region-based consent_type is opt-out, it will return true if the visitor’s choice is not set or is “allow”. Clientside, a consent management plugin can dynamically manipulate the consent type and set several cookie categories. A plugin can use a hook to listen for changes or check the value of a given category. Categories and most other stuff can be extended with a filter.
Imagine never having to worry about cookie compliance again. Well, you can stay ahead of data regulation changes and secure your website with WP Consent API Plugin, Google Site Kit, and other related tools. Ready to make your website fully compliant in under 5 minutes? In the next section, we’ll help you learn and know how you can make your website comply with data/privacy policies.
The Simple Steps Enable Website Consent Mode Using Google Site Kit
By all means, as of version 1.122.0, Google Site Kit gives users the option to enable consent mode straight from their WordPress website dashboard. This was added based on changes to the Digital Markets Act (DMA) act regarding user consent. The Google EU User Consent Policy (EUUCP) requires website owners to implement consent mode for Ads and Analytics with target customers.
The consent mode applies to potential customers from the European Economic Area (EEA), Switzerland, and the United Kingdom. However, turning on consent mode through the Site Kit does not provide a method for asking users to provide their consent. Therefore, it’s essential to have a Third-Party Consent Management Plugin installed on the website to allow target visitors to provide consent.
Markedly, the potential users will receive a prompt to enable consent mode when Site Kit can detect that Ads are in use on the site. Click on the Enable consent mode button to enable consent mode for your website. Otherwise, without installing such a plugin on the website, user data will not be tracked in Google Ads and Google Analytics reporting as they are unable to grant consent.
If you select Maybe later, the banner will appear at a later date if you haven’t enabled consent mode. The banner gives you the option to Enable consent mode or Don’t show again, which will stop consent mode banners from being displayed on your dashboard. You can also enable consent mode by going to Site Kit > Settings > Admin Settings.
Consent mode should be enabled on a website if;
- The Analytics module is connected in Site Kit
- Google Ads is in use
If you don’t enable consent mode and you have Analytics or Ads connected, tracking for users in the European Economic Area (EEA), Switzerland and the United Kingdom will be blocked. Once you have enabled consent mode, Site Kit will add the necessary tag to your site with the default consent preferences. You can verify that your Google consent mode tag has been placed.
To verify, check your website’s source code and search for “Google Tag (gtag.js) Consent Mode Snippet that is added by Site Kit onto the website. For consent mode to work properly, the WP Consent API Plugin and a consent management plugin must also be installed and configured. If not already installed, you’ll be prompted to install them below the consent mode toggle.
When consent mode is enabled, Site Kit will check if you have the WP Consent API plugin active on your website. You will be prompted to install the WP Consent API plugin if it is not detected. Click on the Install button and Site Kit will automatically install and activate the WP Consent API Plugin for you. Once this has been done, it’ll detect that WP Consent API is active on the website.
In other words, it’s a generic API where plugins adhere to each other and can greatly facilitate a webmaster in getting a website compliant. Its primary purpose is aimed at compliant first-party cookies or tracking by WordPress plugins. If such a plugin triggers, for example, Facebook, usage of this API will be of help. Similarly, what if a user embeds a Facebook iframe on their website?
On that note, a blocking tool is needed that initially disables the iframe and or scripts. Third-party scripts have to be blocked by blocking functionality in a consent management plugin. To do this in core would be too intrusive, and is also not applicable to all users: only users with visitors from opt-in regions such as the European Union require such a feature.
The Simple Steps To Install And Activate The WP Consent API Plugin
The WP Consent API Plugin is a tool that helps standardize the communication of accepted consent categories between plugins. It requires a cookie banner plugin and at least one other plugin that supports the WP Consent API. With the help of the WP Consent API Plugin, all supporting WordPress Plugins can use the same set of methods to read and register the current consent category.
As a result, it allows consent management plugins and other plugins to work together, improving privacy laws compliance. But the plugin role is even far-fetched. Currently, a consent management plugin can block third-party services like Facebook, Google Maps, Twitter, etc. On the one hand, if a WordPress Plugin places a PHP cookie, a consent management plugin cannot prevent this.
Check Related Plugin: WPConsent: WordPress Privacy Compliance Made Easy
On the other hand, some plugins integrate the tracking code on the client-side in Javascript files that, when blocked, break the website. Or, if such a plugin’s JavaScript is minified, causing the URL to be unrecognizable and won’t get detected by an automatic blocking script. At the same time, the blocking approach requires a list of all types of URLs that tracks data.
Unfortunately, it’s worth noting that the WP Consent API Plugin itself will not handle consent. It will show you how many plugins you have without Consent API support and will improve compliance on your site by ensuring smooth communication between cookie banner plugins and plugins that set cookies or track user data. But there are many notable plugin installation benefits.
Other Benefits:
- One-click integration with your existing WPCode scripts
- Automatic script scanning and blocking until consent is given
- Zero impact on site speed (we’re obsessed with performance)
- Improve Compliance with GDPR, CCPA, and other privacy laws
- Fully customizable cookie banner
- Fully self-hosted user consent records
- Display cookie banner based on user’s location
For your information, it’s worth noting that a blocking feature may risk breaking things. Usually, blocking these and showing a nice placeholder requires even more sophisticated code, all of which should in our opinion not be part of WordPress Core, for the same reasons. Besides integrating the Site Kit with the WP Consent API Plugin, there are other native consent management plugins.
Topmost Plugins:
- Complianz | GDPR/CCPA Cookie Consent
- WordPress Cookie Banner – Cookiebot CMP
- CookieYes – Cookie Banner For Cookie Consent (Easy To Setup GDPR/CCPA Compliant Cookie Notice)
- CookieHub WordPress Plugin
- GDPR Cookie Compliance
- GDPR Cookie Consent Plugin – CCPA Ready
For each action that places cookies or tracks user data, you should consider what type of tracking takes place. The 5 consent categories are functional, statistics-anonymous, statistics, preferences, and marketing. Your code should check if consent has been given for the applicable category. If no cookie banner plugin is active, the Consent API will always return with consent (true).
Summary:
- Statistics: Cookies or any other form of local storage that are used exclusively for statistical purposes (Analytics Cookies).
- Statistics-Anonymous: Cookies or any other form of local storage that are used exclusively for anonymous statistical purposes (Anonymous Analytics Cookies), that are placed on a first party domain, and that do not allow identification of particular individuals.
- Marketing: Cookies or any other form of local storage required to create user profiles to send advertising or to track the user on a website or across websites for similar marketing purposes.
- Functional: The cookie or any other form of local storage is used for the sole purpose of carrying out the transmission of a communication over an electronic communications network. If cookies are disabled, the requested functionality will not be available. This makes them essential functional cookies.
- Preferences: Cookies or any other form of local storage that can not be seen as statistics, statistics-anonymous, marketing, or functional, and where the technical storage or access is necessary for the legitimate purpose of storing preferences.
The WP Consent API includes a set of “consent categories” for the types of data collection that users consent to. By default, Site Kit will update consent for the statistics and marketing categories. When setting up your plugin, be sure to turn on settings. Otherwise, indicate that you wish to collect statistics and marketing data so these options are properly accounted for in the cookie banner.
The Process For Site Kit Integration With WP Consent API Plugin
Note that the WP Consent API Plugin does not handle the actual process of getting user consent; that is done via the consent management plugin. However, it will show you how many plugins you have without Consent API support and will improve compliance on your site by ensuring smooth communication between cookie banner plugins and plugins that set cookies or track user data.
Once consent mode is enabled and the WP Consent API Plugin has been installed and detected, the final step is to install a consent management plugin to prompt users to accept or decline cookies. When using Site Kit, website owners are responsible for managing notice and consent requirements – including EUUCP requirements – as described in Google’s User Consent Policy.
While Site Kit cannot verify compatibility of all WordPress Plugins with the Consent Mode API, several third-party plugins allow you to block Google Analytics or Google Ads from capturing data until a visitor to the website consents through Google’s Consent Mode API. These plugins allow you to create a banner to allow users to approve or deny tracking.
These plugins do provide Google’s Consent Mode API integration. If you’ve enabled consent mode in Site Kit, you do not need to use any of their consent mode features — Site Kit already manages this for you. Using other consent mode features could cause possible conflicts with Site Kit. You’ll only add a cookie/consent banner using these plugins if you’ve enabled consent mode in Site Kit.
How To Disable The Consent Mode Features From Google Site Kit
You can disable consent mode from Site Kit > Settings > Admin Settings. When choosing to disable consent mode, you will be presented with the following message.
The message explains that by disabling consent mode, the consent tag will be removed from your website. You will no longer be able to track the performance of your Ad campaigns and how visitors interact with your site via Analytics in the European Economic Area (EEA), Switzerland, and the United Kingdom.
After disabling consent mode, the WP Consent API plugin and your Consent Management Platform (CMP) plugin will remain active — they must be disabled separately. You can choose to Cancel at this stage or Disable consent mode.
In Summary;
It’s clear to say that WP Consent API Plugin is a tool that standardizes the communication of accepted consent categories between plugins. It requires a cookie banner plugin and, at least, one other plugin that supports the WP Consent API. With this plugin, all the other supporting WordPress plugins can use the same set of methods to read and register the current consent category.
This allows consent management plugins and other plugins to work together, improving compliance with privacy laws. This plugin provides a framework through which plugins can know if they are allowed to place cookies or track user data. It requires both a consent management plugin for consent management and a plugin that follows the consent level as can be read from this API.
When consent mode is enabled, only visitors who have explicitly given consent through a consent management plugin will have their data tracked. If you didn’t provide an option for users to grant consent via a third-party consent management plugin, visitors from the European Economic Area (EEA), Switzerland and the United Kingdom will not be included in Analytics and Ads reporting.
In addition, some users may be presented with the opportunity to grant consent but choose not to do so — these users will not be included in Analytics and Ads reporting.
Related Resources:
- How To Set Up Google Consent Mode In Analytics
- Working With The Consent Mode And Google Ads
- About Consent Mode On Websites And Mobile Apps
- Digital Markets Act: Ensuring Fair and Open Digital Markets
- Glossary: European Economic Area (EEA)
Remember, the aim of using a WP Consent API Plugin is because turning on consent mode using the Google Site Kit does not provide a method for asking users to provide their consent. Without a third-party consent management plugin that allows visitors to provide consent, user data will not be tracked in Google Ads and Google Analytics reporting as they are unable to grant consent.
Get Free Updates
Notice: All content on this website including text, graphics, images, and other material is intended for general information only. Thus, this content does not apply to any specific context or condition. It is not a substitute for any licensed professional work. Be that as it may, please feel free to collaborate with us through blog posting or link placement partnership to showcase brand, business, or product.
