GA4 before consent

Why this matters

GA4 is one of the most common consent failures because it is often installed early in templates or GTM and starts collecting before the banner state is enforced.

How to verify manually

1. Check the Network panel for GA4 `collect` requests before any consent action.
2. Inspect whether `_ga` and related cookies appear before analytics consent.
3. Verify whether GA4 config runs before Consent Initialization or CMP events.

Typical root causes

• GA4 config tag fires on page load without consent checks.
• A direct gtag snippet duplicates GTM-managed GA4.
• Consent defaults are granted or undefined during first load.

GTM fix

1. Attach analytics consent checks to all GA4 config and event tags.
2. Move denied defaults earlier than GA4 initialization.
3. Remove duplicate GA4 implementations outside GTM.

WordPress fix

1. Disable built-in GA4 loading in SEO or analytics plugins if GTM already handles it.
2. Use CMP integration to block GA4 until analytics consent is granted.
3. Retest from a clean browser profile after cache purge.

Generic fix

1. Initialize GA4 only after analytics consent is granted.
2. Avoid dual installs through theme snippets and GTM at the same time.
3. Treat page-view collection as optional analytics processing.

How to confirm the fix worked

• Confirm no GA4 requests are sent before consent.
• Confirm `_ga` cookies do not appear pre-consent.
• Run a fresh scan and confirm the GA4 finding disappears.