What are third-party scripts?
Third-party scripts are commonly JavaScript code used to add features to a website, such as tracking analytics, displaying ads, or providing social media integration.
To include third-party JavaScript on a website, a script tag is placed in the HTML code. The browser will then load and execute the script when the webpage is loaded.
Good example of third-party scripts are Google Analytics, Google Ads, Meta pixel, Bing tracking tool and so on.
Why should I block third-party scripts?
There are a couple of reasons you should be asking for explicit consent (if required by regulation) before placing third-party script tags on your website. The two main ones are:
Third-party scripts may collect and share user data with third parties.
Third-party scripts may use third-party cookies. Third-party cookies (A.K.A. those that are stored under a domain that is not yours) cannot be reached/blocked by a Consent Management solution placed on your website.
So once the third-party script loaded on your website, these two mechanisms might kick in and you just breached a Data Privacy Regulation like GDPR.
So, how do I block third-party scripts?
Fortunately, the BigID Consent Management tool is already integrated with Google Consent Mode V2 and Facebook Consent, which means you only need to tweak a bit the way you setup those tags. Learn more at:
But what if you use other third-party scripts apart from Google and Facebook ones? Don't worry, we got you covered.
Blocking third-party scripts with Google Tag Manager
First, install Google Tag Manager on your website, if you don't have it already.
Now, you have two ways of blocking third-party tools:
Leveraging Google Consent Mode V2 to block other scripts (recommended). To implement this option you need to add BigID using our GTM Tag Template.
Using BigID's GTM Custom Events. This is a great alternative when you added BigID without the GTM Tag Template OR when you don't see a direct match between Google Consent Mode V2 Consent Types and the purposes you use your third-party tools.
Leveraging Google Consent Mode V2 to block other scripts (recommended)
Go to the script tag you want to block in Google Tag Manager.
Click on the tag itself and open the Advanced Settings.
Go to Consent Settings and click on "Require additional consent for tag to fire".
Then add the Consent Types you need for your tag. Here we have a small explanation on what does each of them mean:
Consent Type
Description
ad_storage
Enables storage (such as cookies) related to advertising
analytics_storage
Enables storage (such as cookies) related to analytics e.g. visit duration
functionality_storage
Enables storage that supports the functionality of the website or app e.g. language settings
personalization_storage
Enables storage related to personalization e.g. video recommendations
security_storage
Enables storage related to security such as authentication functionality, fraud prevention, and other user protection
ad_user_data
It controls whether user data related to advertising can be sent to Google.
ad_personalization
It controls whether personalized advertising is allowed.
That's it! Save and publish. BIGID integrates automatically with these Consent Types based on your user's choices.
Using BigID’s GTM Custom Events
In Google Tag Manager, go to the Triggers section and click on "New".
Then click on the Trigger configuration box and pick Custom Event as trigger type.
As Event name add "bigidcmp_consent_opt_in", then click "Save".
Repeat steps 1, 2, and 3 but with the following Event names:
bigidcmp_consent_marketing
bigidcmp_consent_statistics
bigidcmp_consent_preferences
bigid_consent_opt_in
You should have four triggers now. Note that Event names must be as described but Trigger names can be anything more semantic.
What do these triggers mean?
BigID’s widget will push these Custom Events to Google Tag Manager upon user's consent. By linking these events as GTM Triggers, GTM will then fire the tags you’re going to associate them with in Step 3 (below).
Custom Event definitions:
bigid_consent_marketing: User gave consent to share data for Marketing purposes
bigid_consent_statistics: User gave consent to share data for Statistics purposes
bigid_consent_preferences: User gave consent to share data for Preferences purposes
bigid_consent_opt_in: User gave consent to share/sell data under US regulations.
5. Create a new Custom HTML tag for each third-party script needed using one of the triggers you just set. For example, if you are using a third-party script for Marketing purposes, you should use the Marketing trigger.
Important
If you have European and American visitors, you should use two triggers: the Marketing/Statistics/Preferences one AND the US Opt-in one. When setting a tag with two triggers on GTM, it will fire when either of those is detected.
The following image shows how to configure a bat.bing.com script tag for a site with US visitors only:
6. Hit that Submit button on the upper-right part of the screen to publish changes!
Blocking third-party scripts with Adobe Launch
Install Adobe Client Data Layer
The banner will fire the following custom events whenever the user sets a new privacy choice (granting or denying the consent):
bigidcmp_consent_marketing
bigidcmp_consent_statistics
bigidcmp_consent_preferences
bigid_consent_opt_in
Each event will carry a “value” property of type boolean signaling the user’s choice. True means granted, false means denied. You can hook any tag when you see any of these events with a positive value (true).
You’re all set!
Now none of your third-party scripts will be present on your website until the user gives the proper consent. Remember that if a user visits your website a second time, the scripts will be added on page load following user's previous choices.