Microsoft/ Bing UET Consent Mode: What You Need to Know and How to Implement It

If you've recently received an email from Microsoft regarding “Action required: Update your site to respect user consent,” you're not alone. Microsoft has begun enforcing stricter privacy standards for its Universal Event Tracker (UET), particularly for users from the European Economic Area (EEA), UK, and Switzerland.

In this comprehensive guide, I'll break down what this means for your website, why it's happening, and exactly what steps you need to take to ensure compliance.

What's Happening: Microsoft's UET Consent Requirements

Microsoft is now restricting UET tag functionality for websites that place device identifiers (such as cookies) without proper user consent. This enforcement applies specifically to users visiting from EEA countries, the UK, and Switzerland, where privacy regulations like GDPR are strictly enforced.

If you don't take action, you'll face:

• Restrictions on retargeting capabilities
• Limited or no conversion measurement for visitors from affected regions
• Reduced advertising performance overall
• Revenue and conversion data will not be available for smart bidding

The Official Microsoft Email

Here's the full text of the notification email marketers and website owners have been receiving:

Urgent: Action required: Update your site to respect user consent

Dear Valued Customer,

We are writing to inform you that your usage of Universal Event Tracker (UET) has been partially restricted.

This restriction has been imposed because Microsoft device identifiers, such as cookies, were placed on user devices without obtaining proper consent, which violates the applicable terms and the Microsoft Advertising policies. These terms apply when a user visits one of your web domains from the EEA, UK, or Switzerland.

To resolve this issue, you need to send us user consent signals using one of these methods:

1. Implement UET Consent mode to adjust how Microsoft tags behave based on the consent status of users
2. Use Transparency and Consent Framework v2.0 (TCF 2.0) to pass consent signals directly via a TCF 2.0 string, or via a consent management platform (CMP) to Microsoft Advertising.a. If you are using one of the following CMPs, you can set it up directly on your CMP by using these links: Google Tag Manager, Cookiebot, UserCentrics, Didomi (note: OneTrust to be integrated soon).

For further information, please use the documentation and FAQs accessible here.

Please address this issue immediately to avoid further impact, as this will affect your advertising performance by limiting/preventing retargeting and conversion measurement for visits coming from the EEA, UK, and Switzerland.

If you have questions or need assistance, contact your account team or email advertising@microsoftsupport.com to create a support ticket.

Thank you for your attention to this important matter.

Your Microsoft Privacy Compliance Team

How to Implement Microsoft UET Consent Mode

You have two primary options for compliance. Let's look at each in detail:

Option 1: Implement UET Consent Mode

UET Consent Mode allows Microsoft's tags to adjust their behavior based on the consent status of each user. This is the most direct approach if you're primarily using Microsoft's advertising tools.

Basic Implementation Steps:

1. Add Consent Mode to Your UET Tag: Modify your UET tag implementation to include consent parameters.

Here's a basic example of UET tag with Consent Mode:

window.uetq = window.uetq || [];
window.uetq.push('consent', {
    ad_storage: 'denied',
    ad_user_data: 'denied',
    ad_personalization: 'denied'
});

// Your existing UET tag code follows
window.uetq.push('event', {event_category: 'button', event_label: 'click', event_value: 1});

2. Update Consent When User Makes Choices: When a user provides consent through your consent mechanism, update the UET consent settings.

// When user grants full consent
window.uetq.push('consent', {
    ad_storage: 'granted',
    ad_user_data: 'granted',
    ad_personalization: 'granted'
});

3. Default to Denied in EEA, UK, and Switzerland: For users from these regions, you must default to denied consent until explicit permission is granted.

Option 2: Use Transparency and Consent Framework v2.0 (TCF 2.0)

If you're already using a Consent Management Platform (CMP) that supports TCF 2.0, this might be the easier path for implementation.

Implementation via Popular CMPs:

1. Google Tag Manager (GTM):
   • Navigate to your GTM container
   • Set up consent templates using Microsoft's GTM consent integration guide
   • Configure triggers based on consent states
   • Test implementation using GTM's preview mode
2. Cookiebot:
   • Access your Cookiebot admin panel
   • Follow the steps in their Microsoft UET integration guide
   • Configure cookie categories to align with Microsoft's requirements
3. UserCentrics:
   • Log in to your UserCentrics dashboard
   • Configure service settings according to their Microsoft integration documentation
   • Implement the required code adjustments
4. Didomi:
   • Access your Didomi console
   • Follow the configuration steps in their Microsoft UET consent guide
   • Test implementation using their preview tools
5. OneTrust (Coming soon):
   • Microsoft has indicated that OneTrust integration is forthcoming
   • Check Microsoft's documentation for updates

Testing Your Implementation

After implementing either solution, it's crucial to verify that it's working correctly:

1. Use Microsoft's Verification Tools:
   • Check the Consent Verification documentation for current testing tools
2. Test from Different Regions:
   • Use a VPN to simulate traffic from EEA countries, UK, and Switzerland
   • Verify that consent is properly requested for these users
3. Monitor UET Tag Performance:
   • Check that conversions and tracking continue to function for users who provide consent
   • Verify that tracking is appropriately limited for users who deny consent

Chrome extension

The recommended Chrome extension is actually blocked, so you need to install it in Edge.

FAQ: Microsoft UET Consent Mode

Q: Will this affect my existing conversion data?
A: The restrictions only apply to users from the EEA, UK, and Switzerland who have not provided consent. Historical data should remain unaffected.

Q: What happens if I don't implement consent mode?
A: Microsoft will continue to restrict UET functionality for users from affected regions, leading to decreased retargeting capabilities and conversion tracking accuracy. Purchase revenue will not display

Q: Does this apply to all Microsoft Advertising products?
A: Yes, the consent requirements apply to all Microsoft Advertising products that utilize UET tags.

Q: I'm already using Google's Consent Mode. Is that sufficient?
A: No, Microsoft's UET Consent Mode is separate from Google's implementation. You need to specifically implement Microsoft's version as well.

Conclusion

Implementing Microsoft UET Consent Mode is now a requirement for advertisers targeting users in the EEA, UK, and Switzerland. While it does require some technical implementation, the steps outlined in this article should help you navigate the process smoothly.

By properly implementing consent mechanisms, you'll not only comply with Microsoft's requirements but also demonstrate respect for user privacy – a growing concern for consumers worldwide. I have also heard of people losing the revenue data and conversion data, which is essential for smart bidding.

For additional assistance, Microsoft recommends contacting your account team or emailing advertising@microsoftsupport.com. If you use the Click Tech Partnership Plan, you can get support from myself and Click Tech. Your mileage may vary, but this is what I got when I asked them about it.

The resources they have shared in that email are the ones we have and are referring partners to, I'm afraid other than that Microsoft are not able to check the set up for individual accounts.

Ben's Solution

Personally I fixed it by using example 5 on this page. You can use the Bing Ads Tag Manager template and just fire this tag after it's fired.

Example 5: For customers who have been managing consent and ad_storage correctly, but are facing challenges enabling consent with Microsoft Advertising, please use the solution below

We recommend this solution for customers who manage General Data Protection Regulation (GDPR) consent appropriately and load the UET JavaScript code only after users have provided their consent.

The most important part of this example is the custom trigger. Please use a trigger to ensure that the custom HTML tag below is fired only if consent is received.

<script>
  window.uetq = window.uetq || [];
  window.uetq.push('consent', 'update', {
    'ad_storage': 'granted'
  });
</script>

Instead of using granted, have the {{addStorageState}} state run immediately after the tag is fired.

eg,

<script>
window.uetq = window.uetq || [];
window.uetq.push('consent', 'update', {
    'ad_storage': '{{cjs- Targeting cookies ID C0004}}'
    });
</script>

Ben

Ben has a BEng (Hons) in Computer Science and 20 years of experience in online marketing, specialising in SEO, lead generation and affiliate marketing. After spending over a decade as an igaming affiliate, he has decided to concentrate on GA4 training and SEO Audits.