gtag('consent','default','denied') and Google Ads conversions

Problem statement

If ad_storage or analytics_storage are set to "denied" by default, Google Ads may suppress conversions until consent is updated. This is expected behavior - but often misconfigured.

If you're seeing gtag('consent','default','denied') in your implementation and Google Ads conversions suddenly stopped reporting, your default denied configuration may be blocking measurement.

This command is required for Consent Mode v2 compliance. However, if it runs in the wrong order, never updates, or conflicts with your CMP, Google Ads conversion tracking can be suppressed entirely.

Understanding how default denied works — and how to verify it — is critical to restoring accurate conversion data. For a full breakdown of how consent, timing, and configuration interact, see why Google Ads conversions break.

How gtag('consent','default','denied') Works in Consent Mode v2

Consent Mode v2 uses default states to signal to Google's servers how to handle data before user consent is granted. When you set defaults to "denied," Google Ads and Google Analytics operate in a limited state. Google receives pings about page views and user behavior, but cannot store cookies or collect detailed analytics data.

This modeling approach allows Google to provide conversion estimates and maintain campaign optimization even when consent hasn't been granted. However, if the default denied states aren't implemented correctly, or if consent updates never fire, conversions will be suppressed entirely rather than modeled. This problem rarely exists in isolation. It usually appears alongside other consent or timing issues covered in the broader guide on Google Ads conversion failures.

The exact code

Here's the correct implementation of default denied states for Consent Mode v2:

gtag('consent', 'default', {
  ad_storage: 'denied',
  analytics_storage: 'denied',
  wait_for_update: 500
});

This code must execute before any Google tags (gtag.js, Google Analytics, Google Ads conversion tracking) load. The wait_for_update parameter tells Consent Mode to wait up to 500ms for a consent update before assuming the default state is permanent.

If a user grants consent, you update the states like this:

gtag('consent', 'update', {
  ad_storage: 'granted',
  analytics_storage: 'granted'
});

The trap: Common configuration mistakes

Even with the correct code, conversions can still break if one of these issues occurs:

1. Tracking scripts load too early

If Google Analytics, Google Ads conversion tracking, or any gtag-based script loads before the default consent call, those scripts will operate without Consent Mode context. They'll either fire incorrectly (tracking before consent) or fail entirely (blocked by browser settings).

The default consent command must be in the page <head>, and it must execute synchronously before any async script tags that load Google tracking.

2. Consent updates never fire

Setting default states to "denied" is only half the implementation. If users accept cookies but your consent update command never executes, Google will continue treating all data as denied. Conversions will be suppressed rather than modeled or recorded.

This commonly happens when Consent Management Platforms (CMPs) integrate incorrectly with Consent Mode, when JavaScript errors prevent the update command from running, or when consent state is stored but never synchronized with Google's tags.

3. CMP overrides Google defaults

Many Consent Management Platforms (OneTrust, Cookiebot, Osano, etc.) claim to support Consent Mode v2, but some override your default settings or inject their own consent commands at the wrong time. This can cause conflicts where your default denied states are replaced by the CMP's configuration.

If your CMP is handling Consent Mode, verify that it's not interfering with your explicit default denied setup. Some CMPs require specific configuration to work with manually set defaults.

4. wait_for_update timing issues

The wait_for_update parameter creates a window where Consent Mode waits for an update. If your consent banner takes longer than this window to initialize, or if there's a delay in detecting user choice, the default denied state becomes permanent for that page load.

Setting wait_for_update: 500 gives you 500ms. For SPAs or slow-loading consent banners, you may need to increase this, but longer waits can delay Google tag initialization and affect page performance.

5. Multiple default consent calls

If default consent is set multiple times on the same page (common when both manual code and CMP implementations exist), later calls can override earlier ones. This creates race conditions where the final default state might not be what you intended.

Ensure only one source sets default consent states. If using a CMP, disable manual default consent settings. If implementing manually, verify your CMP isn't also setting defaults.

Why this matters for Google Ads

When default consent states are set to "denied" but not updated correctly, Google Ads receives incomplete conversion signals. The platform may:

Suppress conversion reporting entirely, making it appear that no conversions occurred
Rely on modeling for conversion estimates, which may be less accurate than direct measurement
Fail to optimize campaigns effectively, as machine learning algorithms work with partial or missing data
Create discrepancies between actual conversions and what appears in Google Ads reporting

This doesn't mean your ads stop running - they continue to serve. But optimization degrades, and you may see lower performance, higher costs per conversion, or campaigns that appear to be performing poorly when actual conversions are occurring.

How to verify your implementation

Verifying that default denied states are working correctly requires testing the site as a new visitor would experience it. You need to check:

Whether default consent commands execute before tracking scripts load
If consent updates fire correctly when users accept cookies
Whether tracking scripts respect consent states (don't fire before consent, do fire after)
If Google Ads conversion events are properly recorded after consent is granted

Browser developer tools can show network requests and cookie creation, but they won't tell you if Consent Mode is configured correctly or if Google is receiving the right signals. Testing requires simulating the exact user journey: page load as new visitor, viewing consent banner, accepting consent, and triggering conversion events.

Common integration patterns

The correct implementation varies depending on how you manage consent. Here are the most common patterns:

Manual implementation

If you're setting consent states manually (not using a CMP), place the default consent command in your HTML <head> before any Google tag scripts:

<script>
  window.dataLayer = window.dataLayer || [];
  function gtag(){dataLayer.push(arguments);}
  gtag('consent', 'default', {
    ad_storage: 'denied',
    analytics_storage: 'denied',
    wait_for_update: 500
  });
</script>
<script async src="https://www.googletagmanager.com/gtag/js?id=G-XXXXXXXXXX"></script>

With a Consent Management Platform

Most CMPs handle Consent Mode automatically, but you may need to configure them to use default denied states. Check your CMP's documentation for Consent Mode v2 support. Some platforms require enabling "Consent Mode" as a feature, while others implement it by default.

If your CMP supports Consent Mode, verify that it sets defaults to "denied" and updates them when users consent. You can test this by inspecting network requests or using browser developer tools to check for consent update calls.

Testing and validation

After implementing default denied states, validate the configuration by:

Loading your site in an incognito window or clearing cookies
Opening browser developer tools and checking the Network tab
Verifying that no tracking cookies are set before consent banner appears
Accepting consent and confirming that consent update commands fire
Checking that tracking requests include consent parameters
Triggering a conversion event and verifying it's recorded in Google Ads

This manual testing process is time-consuming and error-prone. It requires technical knowledge to interpret network requests, understand Consent Mode parameters, and verify that Google is receiving the correct signals.

If you use server-side GTM (Stape or a custom tagging domain), do not stop at the browser setup. You also need to pass consent to sGTM so server-side tags can enforce it. Read this guide: For server-side tracking, pass consent to sGTM like this.

What Happens If You Remove Default Denied?

You might wonder: can I remove default denied? Is it required? Do I need wait_for_update? Here's what happens if you skip or remove the default denied configuration:

Tracking may fire before consent: Without default denied, Google tags may initialize and send data before users make a consent choice. This violates Consent Mode v2 requirements and can lead to tracking users who rejected cookies.
You violate Consent Mode v2 requirements: Google requires default denied before any tags load. Removing it means your implementation does not comply with Consent Mode v2.
Google may not model correctly: When default denied is missing, Google cannot properly distinguish between "user hasn't consented yet" and "user rejected." Conversion modeling and attribution become unreliable.
Risk of compliance issues: Firing tracking before consent is granted can create GDPR and privacy compliance problems, especially in regions with strict consent requirements.

Is gtag consent default denied required for Consent Mode v2? Yes. Google requires default denied before any tags load. This is non-negotiable for proper Consent Mode v2 implementation.

Want to verify this is actually working on your site?

Run a free scan as a new visitor. We'll check if default denied states are set correctly, whether consent updates fire properly, and if Google Ads conversions are being recorded after consent is granted.

Related guides:

Part of the Google Ads conversion tracking series:

← Back to: Why Google Ads Conversions Break