Skip to content

Google's June 2026 Consent Mode Change: What to Check on Your WordPress Site

On June 15, 2026, Google changed how data flows from Google Analytics to Google Ads. It didn't get much attention, but it affects almost every site running both tools. The short version: the Google Signals setting in GA4 no longer stops advertising data from reaching Google Ads. Your Consent Mode setup is now the only thing that does.

First, the good news: if you're using Conversion Bridge with your cookie banner connected, you're already covered and there's nothing you need to do. The plugin has always treated the consent signal as the source of truth, defaulting everything to denied until the visitor consents. This is exactly the kind of change it quietly handles for you.

For everyone else, this is worth five minutes of attention. If your consent setup isn't wired correctly, visitor data may now flow to Google Ads even when the visitor said no. Research published a week after the change found that's exactly what's happening on almost half of the top websites tested.

Here's what changed, why it matters, and how to check your own site.

What Changed on June 15

Before this change, two settings shared control over whether data collected by your Google Analytics tag could be used in a linked Google Ads account:

  1. The Google Signals toggle in your GA4 property settings
  2. The ad_storage signal in Google Consent Mode

Turning off Google Signals was a blunt way to keep GA4 data out of advertising features, even if your Consent Mode setup was wrong or missing.

Since June 15, 2026, those two settings do different jobs. Google Signals now only controls how GA4 associates data with signed-in Google users for behavioral reporting inside Analytics. The Consent Mode ad_storage signal is now the single control over whether advertising data from your Analytics tag reaches Google Ads.

That means turning off Google Signals no longer stops ad data from flowing to Google Ads. If ad_storage is granted, the data flows.

Why This Matters for Your Site

The accidental safety net is gone. Plenty of sites had a broken or missing Consent Mode setup but were protected anyway, because Google Signals was turned off in GA4. Those sites are now exposed. Their consent banner may collect a "no" from the visitor, but if that "no" never becomes an ad_storage: denied signal, Google Ads receives the data anyway.

This isn't a theoretical problem. Privado AI scanned 250 of the most-visited websites across California, France, and the UK the morning after the change. The results, picked up widely in the trade press, found:

  • 48% of sites had at least one Google Consent Mode misconfiguration
  • 40% of sites tested in California kept consent granted after a Global Privacy Control opt-out, which violates the CCPA
  • 28% of sites tested in Europe started in a granted state by default, which violates the GDPR

These are major websites with dedicated teams. If nearly half of them got it wrong, there's a good chance plenty of WordPress sites have the same gaps.

I've seen this pattern in my own client work. A site owner installs a consent banner, sees it pop up, and assumes the job is done. But the banner was never actually wired to the tracking tools on the site. It records the visitor's choice, and then nothing enforces it. The banner is a light switch connected to nothing.

Site owners in Europe have mostly learned this lesson already. In the US, it's arriving the hard way. California businesses are getting demand letters citing the California Invasion of Privacy Act because tracking pixels sent visitor data to third parties without consent, with demands starting around $5,000 per violation. Some of my own US clients only started taking consent setup seriously after a legal threat showed up. A banner that isn't connected to your tags offers no protection from any of that.

The risk runs in both directions, too. A setup that sends granted signals when it shouldn't creates compliance exposure. A setup that never sends granted signals at all (a common misconfiguration when a banner and a tracking plugin fight over who's in charge) quietly starves your Google Ads account of conversion data.

Conversion Bridge integrates with the major WordPress cookie banner plugins and translates each visitor's choice into the right consent signals automatically. See the supported cookie banners.

You can test this yourself in a few minutes. No special tools needed beyond your browser. My full walkthrough is in How to Confirm Conversions are Tracking, which includes a section on testing the consent flow specifically. Here's the short version:

  1. Open your site in a private/incognito window so you start with no stored consent choice.
  2. Open Google's Tag Assistant and connect it to your site, or open your browser's developer console.
  3. Before clicking anything in your cookie banner, check the consent state. In Tag Assistant, look at the Consent tab for your Google tag. ad_storage, ad_user_data, and ad_personalization should all show denied as the default (assuming you have visitors in regions that require consent).
  4. Decline cookies in your banner, then check again. Everything should stay denied, and no Google Ads cookies should be set.
  5. Repeat the test and accept cookies. Now you should see a consent update where those signals flip to granted.

The two failure patterns to look for match what Privado found: consent starting as granted before the visitor chooses anything, and consent staying granted after the visitor declines. Either one means your banner and your Google tags aren't actually talking to each other.

If you'd rather watch the events themselves instead of the raw consent signals, add ?cb_console=1 to any page URL and open your browser console. Conversion Bridge logs each event and shows you which platforms it reached, and after you grant consent you'll see the events start firing. The debug logging guide covers this in more detail.

How Conversion Bridge Handles This

This is the type of thing where a plugin like Conversion Bridge pays for itself. Most online tutorials tell you to copy and paste the basic tracking tag into your WordPress site and call it done. That works right up until Google changes how consent works, and then every site set up that way needs a manual fix. If you're an agency, that could mean deploying a change to dozens or hundreds of custom client setups. With Conversion Bridge, changes like this are handled in the plugin, so it's not something you have to stress about or even track.

Conversion Bridge was built around the model Google now enforces: the consent signal is the source of truth, so the signal has to be right.

When you select your cookie banner plugin in Settings → Conversion Bridge → Cookie Consent, Conversion Bridge handles Google Consent Mode for you:

  • Denied by default. On page load, ad_storage, ad_user_data, and ad_personalization start as denied. Nothing flows to Google Ads until the visitor actually consents.
  • Real-time updates. When the visitor accepts or declines, Conversion Bridge converts that choice into consent updates immediately, without a page reload.
  • One owner for the signals. Conflicting consent signals from a banner and a tracking plugin are a common cause of the misconfigurations described above. The Consent Signal Ownership setting makes it explicit which tool is in charge for each platform, so there's no overlap.

And it goes beyond Google. The same visitor choice gets translated into the native consent signals for the other platforms you use, like Meta, TikTok, and Microsoft Ads, across the 8 ad platforms and 21 analytics platforms Conversion Bridge supports.

Consent Mode only helps if your conversion events fire with it. Conversion Bridge adds no-code conversion tracking that respects the visitor's consent choice on every event.

There's one more benefit worth knowing about. Correct Consent Mode signals aren't just about compliance. When visitors decline, Google uses the denied-consent pings to model conversions, which fills some of the reporting gap in your Google Ads account. A site with no Consent Mode setup at all doesn't get that modeling. So doing this right protects your data quality, not just your legal standing.

What I'd Do This Week

If you run Google Analytics and Google Ads together, run the five-minute test above. That's the whole action item. You'll either confirm you're fine or find a real problem while it's still cheap to fix.

If you find a problem and you're on WordPress, the fix is usually not complicated: one tool should own the consent signals, and it should default to denied. Conversion Bridge does this automatically once your cookie banner is connected. The Google Analytics, Google Ads, and Consent Signal Ownership docs cover the details.

Happy tracking!

Derek Ashauer
Derek Ashauer is the lead developer of the Conversion Bridge WordPress plugin. He has been involved with WordPress since 2005 and has worked with hundreds of clients to build custom websites. He now uses that experience to build highly-rated and helpful WordPress plugins.