Checking if Consent Mode is properly implemented

Consent Mode is a reliable and easy way to ensure no cookies are set by Google scripts when they are implemented using Google Tag Manager or gtag. While implementation is very simple, it can be difficult to tell if you got it right and things are as they should be.

First off, it's important to note that only the following tags in Google Tag Manager have Built-In Consent Checks:

To determine if Consent Mode is doing what it's supposed to, you need to check three things:

1. Tags with built-in consent are fired regardless of consent.
2. The Consent Mode default settings are registered in Google Tag Manager, and updated settings are pushed to the dataLayer when consent choices are known.
3. No cookies are set prior consent or after an opt-out.

We will go through these checks which help you determine if Consent Mode is implemented correctly and is working as intended.

We assume you've added the Consent Mode script before the Google Tag Manager script as instructed in our guide.

1. Checking if tags fire

For this you can either use Google Tag Manager's preview mode, or if you don't have access to Google Tag Manager use the Google Tag Assistant browser extension.
You can download the latter, which we will be using in this guide, here: https://get.google.com/tagassistant/

First, make sure you haven't submitted consent previously. You can ensure this by executing this code in your browser's console (F12 in most browsers):

"Cookiebot" in window
  ? Cookiebot.consented && (Cookiebot.deleteConsentCookie(), location.reload())
  : console.warn("Cookiebot methods unavailable!");

Next we're going to check if the tags fired prior consent, using Google Tag Assistant.
This should indicate that the supported tags have been fired. In this example, we can confirm that both Google Tag Manager and Google Analytics have loaded:

Note: there shouldn't be added other supported tags to this list after consent submission.

2. Checking the Consent Mode settings

When a page loads prior consent, the consent mode settings should be correctly registered in Google Tag Manager.

If you've implemented Cookiebot using the Cookiebot CMP tag, the default settings won't be pushed tot the dataLayer.
Here is a script that allows you to check what consent settings are registered in Google Tag Manager:

(() => {
  l = s => s == undefined ? "" : s ? "granted" : "denied";
  c = s => s == "granted" ? "color: #0C0": "color: #C00"; 
  if (!"google_tag_data" in window) {
    console.log("No Consent Mode data found");
    return;
  }
  var g = google_tag_data.ics.entries, 
      i = "",
      t = "", 
      u = "";
  for (var a in g) {
    i = l(g[a]['initial']);
    u = l(g[a]['update']);
    if (i == "" && u == "") continue;
    t = ("\t" + a + ":" +
      (i != "" ? "\n\t\tDefault: %c" + i : "%c")
      + "%c" +
      (u != "" ? "\n\t\tUpdate: %c" + u : "%c"));
    console.log(t, i != "" ? c(i) : "",
    "", u != "" ? c(u) : "", "");
  }
  if (i == "") console.log("No default Consent settings found");
})()

If you've added the Consent Mode script inline, you should see these settings in the dataLayer, before anything else.

Checking the contents of the dataLayer can be done by simply executing the command dataLayer in the console, or using this script to make it a bit easier to read:

(function(w, d, t) {
  for (i of w[d])
    t += JSON.stringify(i).replaceAll(/\"\d{1,}\":/g, "") + "\n";
  console.log(t);
})(window, "dataLayer", "")

The output should look similar to this (Consent Mode settings in bold):

{"consent","default",{"ad_storage":"denied","analytics_storage":"denied","wait_for_update":500}}    ← Initial Consent Mode settings
{"set","ads_data_redaction",true}​                                                                   ←
{"gtm.start":1608107133821,"event":"gtm.js","gtm.uniqueEventId":2}
{"event":"gtm.dom","gtm.uniqueEventId":3}
{"event":"gtm.load","gtm.uniqueEventId":5}

After consent has been given for all types of cookies, the dataLayer will contain both the initial, and updated Consent Mode settings (again in bold):

{"consent","default",{"ad_storage":"denied","analytics_storage":"denied","wait_for_update":500}}    ← Initial Consent Mode settings
{"set","ads_data_redaction",true}​                                                                   ←
{"gtm.start":1608106162221,"event":"gtm.js","gtm.uniqueEventId":2}
{"event":"cookie_consent_preferences","gtm.uniqueEventId":3}                                        ← Cookiebot consent events
{"event":"cookie_consent_statistics","gtm.uniqueEventId":4}                                         ←
{"event":"cookie_consent_marketing","gtm.uniqueEventId":5}                                          ←
{"gtm.start":1608106162636,"event":"gtm.js","gtm.uniqueEventId":7}
{"event":"gtm.dom","gtm.uniqueEventId":9}
{"event":"gtm.load","gtm.uniqueEventId":11}
{"set","developer_id.dMWZhNz",true}
{"consent","update",{"ad_storage":"granted","analytics_storage":"granted"}}                         ← Updated Consent Mode settings
{"set","ads_data_redaction",false}​                                                                  ←

3. Checking if cookies were set

This is the trickiest part. To make sure there aren't already any cookies set, or dragged along from a different domain, we need to make sure that no cookies were set previously.

You can ensure this by browsing in incognito mode, or by manually clearing cookies on the Application → Cookies tab in the Developer tools (F12 or Ctrl + Shift + i).

Without submitting consent, browse around a bit. Visit some pages, and click some links. Before accepting cookies, you shouldn't be seeing the _ga, _gid, or _gat cookies getting set.

If the last two checks were in order, it will be highly unlikely that you will see these cookies getting set prior consent. If they are, then you are likely adding them through an inline script, like analytics.js (which doesn't support Consent Mode).

"That's great, but my data doesn't look right"

So you've taken the steps above, and everything seems to be doing what it should, but you're not seeing the data you'd expect.
We get quite a few questions regarding this issue and unfortunately we can't help you in this regard.
Google Consent Mode is essentially an API which Cookiebot uses to pass consent data to Google Tag Manager. How a tag is supposed to respond to this data is beyond our purview. 
We can, and will be happy to check if you've correctly set things up in regards to Cookiebot sending, and Google Tag Manager receiving consent settings. However, we have no insight in what tags do with these settings.

We can't comment on how Google Analytics should behave when it receives the Consent Mode instructions, or speak on Google's behalf in regards to what data should be logged.
This may seem dismissive, but there's nothing we can do on our end to improve the data logging in Google Analytics. The Cookiebot and Consent Mode scripts merely respectively set and update the consent state to Google Tag Manager. For more information on Consent Mode and the behavior of tags, you can check Google's own documentation on Consent Mode.

If you would like to disable Google Consent Mode all together you can find instructions one doing so in Disabling Google Consent Mode.