[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"blog-slug_blog_3_1":3,"blog-slug_blog_google-analytics-identifiers_1000_1":40},{"article":4,"articles":15,"meta":33,"languages":39},{"id":5,"title":6,"excerpt":7,"locale":8,"slug":9,"authorSlug":10,"automaticTranslated":11,"publishedAt":12,"updatedAt":13,"doFollowLinks":11,"showIndex":11,"showCallToActions":11,"articleType":14},3060,"The EU wants to kill cookie banners","The EU wants to end annoying cookie pop-ups by letting users set their consent once in their browser. If passed, websites will have to respect those choices.","en","the-eu-wants-to-kill-cookie-banners-by-moving-consent-to-your-browser","iron-brands",false,"2025-11-20T05:40:14.356Z","2025-11-20T06:13:15.812Z","blog",[4,16,26],{"id":17,"title":18,"excerpt":19,"locale":8,"slug":20,"authorSlug":10,"automaticTranslated":11,"publishedAt":21,"updatedAt":22,"ctaTitle":23,"ctaDescription":24,"doFollowLinks":11,"showIndex":25,"showCallToActions":11,"articleType":14},3019,"Google is tracking you (even when you use DuckDuckGo)","Google tracks users even on DuckDuckGo via Analytics and embeds. A new study shows how deep Google’s web tracking really goes.","google-is-tracking-you-even-when-you-use-duck-duck-go","2025-07-14T08:56:41.709Z","2025-07-14T11:26:01.386Z","If you care about privacy, you don't use Google Analytics","Ditch the tracking, keep the insights. Try Simple Analytics.",true,{"id":27,"title":28,"excerpt":29,"locale":8,"slug":30,"authorSlug":10,"automaticTranslated":11,"publishedAt":31,"updatedAt":32,"doFollowLinks":11,"showIndex":11,"showCallToActions":11,"articleType":14},3018," German court rules Meta’s tracking tech violates GDPR","German court rules Meta’s tracking tech violates GDPR, allowing lawsuits without proof of harm. Big risks ahead for sites using Meta pixels.","german-court-rules-meta-s-tracking-tech-violates-gdpr","2025-07-10T08:20:51.111Z","2025-07-10T12:16:26.327Z",{"pagination":34},{"page":35,"pageSize":36,"pageCount":37,"total":38},1,3,362,1084,{},{"article":41},{"contentHtml":42,"content":43,"inlineMedia":44,"id":46,"title":47,"excerpt":48,"locale":8,"slug":49,"authorSlug":10,"automaticTranslated":11,"publishedAt":50,"updatedAt":51,"doFollowLinks":11,"showIndex":25,"showCallToActions":25,"articleType":14,"languages":52},"\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Confused by Google Analytics’ identifiers? You are not the only one! \u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Google Analytics 4 uses a broad range of personal identifiers that look the same but work differently and perform different functions. It can get a little confusion, so let’s see what those identifiers are and what they are for.\u003C/ContentEditable>\n\u003Col class=\"counters\">\u003Cli>\u003CNuxtLink to=\"#what-are-google-analytics-identifiers\">What are Google Analytics’ identifiers?\u003C/NuxtLink>\u003C/li>\u003Cli>\u003CNuxtLink to=\"#what-are-identifiers-for\">What are identifiers for?\u003C/NuxtLink>\u003Col>\u003Cli>\u003CNuxtLink to=\"#cookies\">Cookies\u003C/NuxtLink>\u003C/li>\u003Cli>\u003CNuxtLink to=\"#app-instance-identifiers\">App-instance identifiers\u003C/NuxtLink>\u003C/li>\u003Cli>\u003CNuxtLink to=\"#user-ids\">User-IDs\u003C/NuxtLink>\u003C/li>\u003Cli>\u003CNuxtLink to=\"#advertising-identifiers\">Advertising identifiers\u003C/NuxtLink>\u003C/li>\u003C/ol>\u003C/li>\u003Cli>\u003CNuxtLink to=\"#are-there-other-identifiers-in-google-analytics\">Are there other identifiers in Google Analytics?\u003C/NuxtLink>\u003C/li>\u003Cli>\u003CNuxtLink to=\"#are-identifiers-personal-datapersonal-information\">Are identifiers personal data/personal information?\u003C/NuxtLink>\u003C/li>\u003Cli>\u003CNuxtLink to=\"#do-i-need-consent-for-identifiers\">Do I need consent for identifiers?\u003C/NuxtLink>\u003C/li>\u003Cli>\u003CNuxtLink to=\"#final-thoughts\">Final Thoughts\u003C/NuxtLink>\u003C/li>\u003C/ol>\u003CCtaTwo />\u003CContentEditable  id=\"what-are-google-analytics-identifiers\" parent=\"\" tag=\"h2\" :articleId=\"2222\">What are Google Analytics’ identifiers?\u003C/ContentEditable>\n\u003Cul>\n\u003Cli>\u003Cstrong>first-party\u003C/strong> cookies are one of the main tracking tools in Google Analytics 4. Each cookie contains a unique identifier called _ga cookie\u003C/li>\n\u003Cli>\u003Cstrong>app-instance identifiers\u003C/strong> are generated by certain apps when they are installed. They identify a unique installation for the app\u003C/li>\n\u003Cli>\u003Cstrong>advertising identifiers\u003C/strong> are tied to a specific device, typically a mobile phone\u003C/li>\n\u003Cli>\u003Cstrong>User-IDs\u003C/strong> are a custom identifier that help a Google Analytics customer track users across devices.\u003C/li>\n\u003Cli>\u003Cstrong>DoubleClick\u003C/strong> cookies are used by Google Analytics to understand whether a certain ad was displayed to the user.\u003C/li>\n\u003C/ul>\n\u003CContentEditable  id=\"what-are-identifiers-for\" parent=\"\" tag=\"h2\" :articleId=\"2222\">What are identifiers for?\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Let&#39;s dive in the identifiers Google Analytics 4 uses and whether they are bad for privacy.\u003C/ContentEditable>\n\u003CContentEditable  id=\"cookies\" parent=\"\" tag=\"h3\" :articleId=\"2222\">Cookies\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">First-party cookies are the main tracking tool in Google Analytics 4. Google Analytics can work without them but performs quite poorly.\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Google Analytics’ first-party cookies are the same for each website, which means that \u003Cstrong>Google can effectively track users around the web but websites cannot\u003C/strong>. Privacy-wise, first-party cookies are a step up from the highly invasive third-party cookies that powered Universal Analytics, but \u003CNuxtLink to=\"/blog/is-google-analytics-4-gdpr-compliant\"  >they are still not ideal\u003C/NuxtLink>.\u003C/ContentEditable>\n\u003CContentEditable  id=\"app-instance-identifiers\" parent=\"\" tag=\"h3\" :articleId=\"2222\">App-instance identifiers\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">App-instance identifiers mostly come from SDKs. SDKs are bundles of code from which apps are built.\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">App-instance identifiers are crucial for \u003Cstrong>tracking mobile traffic\u003C/strong> through Google Analytics for apps and for Firebase. They also play an important role in cross-device tracking.\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">App-instance identifiers are a privacy nightmare since SDKs are often shady and may elude user control. But the iOS environment does better than Android in this regard because of tracking controls.\u003C/ContentEditable>\n\u003CContentEditable  id=\"user-ids\" parent=\"\" tag=\"h3\" :articleId=\"2222\">User-IDs\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">User-IDs are custom identifiers that Google Analytics users can link to a different identifier in order to \u003Cstrong>track users cross-device\u003C/strong>. For instance, User-IDs can be linked to user credentials in order to track users of an app or website across different devices.\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Privacy-wise, User-IDs are not problematic in and of themselves but \u003Cstrong>encourage invasive tracking techniques\u003C/strong> such as device fingerprinting and probabilistic tracking.\u003C/ContentEditable>\n\u003CContentEditable  id=\"advertising-identifiers\" parent=\"\" tag=\"h3\" :articleId=\"2222\">Advertising identifiers\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Advertising identifiers are built-in trackers on devices. In practice, the most important are AAID and IDFA:\u003C/ContentEditable>\n\u003Cul>\n\u003Cli>\u003Ca referrerpolicy=\"strict-origin-when-cross-origin\" href=\"https://support.google.com/googleplay/android-developer/answer/6048248?hl=en&utm_source=simpleanalytics.com\" target=\"_blank\" rel=\"noopener nofollow\">Android’s Advertising ID\u003C/a> (\u003Cstrong>AAID\u003C/strong>) is found in Android devices such as Android phones and Chromebooks\u003C/li>\n\u003Cli>\u003Ca referrerpolicy=\"strict-origin-when-cross-origin\" href=\"https://developer.apple.com/documentation/adsupport/asidentifiermanager/advertisingidentifier?utm_source=simpleanalytics.com\" target=\"_blank\" rel=\"noopener nofollow\">Apple’s Identifier for Advertisers\u003C/a> (\u003Cstrong>IDFA\u003C/strong>) are found in iPhones.\u003C/li>\n\u003C/ul>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Advertising identifiers raise privacy issues, especially AAID. AAID trackers are set \u003Cstrong>without user consent\u003C/strong> and the option to turn off tracking is buried deep in the device’s privacy option. This opt-out system is a glaring violation of the GDPR and the \u003Ca referrerpolicy=\"strict-origin-when-cross-origin\" href=\"https://www.edps.europa.eu/data-protection/our-work/subjects/eprivacy-directive_en?utm_source=simpleanalytics.com\" target=\"_blank\" rel=\"noopener nofollow\">ePrivacy Directive\u003C/a> of the EU, and we are quite surprised that regulators haven’t cracked down on AAID yet.\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Apple is a little more privacy-friendly here because IDFA explicitly asks for \u003Cstrong>opt-in consent\u003C/strong> since 2020.\u003C/ContentEditable>\n\u003CContentEditable  id=\"are-there-other-identifiers-in-google-analytics\" parent=\"\" tag=\"h2\" :articleId=\"2222\">Are there other identifiers in Google Analytics?\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Yes, there are. But the ones we listed are the main identifiers and the ones marketers work with all the time.\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">For instance, Google Analytics uses IP addresses, which are also identifiers. But Google Analytics 4 only uses IPs for communication. Unlike Universal Analytics, Google Analytics 4 does not store IP addresses or use them for analytics. Bottom line, marketers can ignore them.\u003C/ContentEditable>\n\u003CContentEditable  id=\"are-identifiers-personal-datapersonal-information\" parent=\"\" tag=\"h2\" :articleId=\"2222\">Are identifiers personal data/personal information?\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">There is no general answer because different laws have different definitions of personal data.\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Under EU law, the situation is pretty clear: \u003Cstrong>identifiers are always personal data\u003C/strong>. This is true by definition: any data that can identify or single out an individual, satisfies the GDPR’s definition of personal data.\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Specifically, Google Analytics’ identifiers are considered to be \u003Cstrong>pseudonymous data\u003C/strong>, which is a subtype of personal data and NOT to be confused with anonymous data. As a type of personal data, pseudonymous data are subject to all the rules and protections of the GDPR.\u003C/ContentEditable>\n\u003CContentEditable  id=\"do-i-need-consent-for-identifiers\" parent=\"\" tag=\"h2\" :articleId=\"2222\">Do I need consent for identifiers?\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">It depends on the legal framework. \u003CNuxtLink to=\"/blog/cookies-101#how-are-cookies-regulated\"  >You definitely need consent in the EU\u003C/NuxtLink>, but not every company is careful about compliance. For instance, many devs play fast and loose with trackers in their SDKs, and many websites write Google Analytics before consent is given by the users. Additionally, Google is breaching the law on a massive scale by not collecting opt-in consent for AAID.\u003C/ContentEditable>\n\u003CContentEditable  id=\"final-thoughts\" parent=\"\" tag=\"h2\" :articleId=\"2222\">Final Thoughts\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">We at \u003CNuxtLink to=\"https://simpleanalytics.com/\"  referrerpolicy=\"unsafe-url\" rel=\"\">Simple Analytics\u003C/NuxtLink> don’t like cookies at all, whether they are first-party of third party. We believe in an open Web that is user and privacy-friendly. This is why we developed a web analytics service that does not collect personal data, at all.\u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">Simple Analytics is privacy-friendly, compliant out-of-the-box, and easy to set up and learn. New users get up to speed with no time thanks to its handy AI assistand and its clean, intuitive interface. \u003C/ContentEditable>\n\u003CContentEditable  parent=\"\" tag=\"p\" :articleId=\"2222\">If this sounds good to you, feel free to \u003CNuxtLink to=\"/signup\"  >give us a try\u003C/NuxtLink>!\u003C/ContentEditable>\n","Confused by Google Analytics’ identifiers? You are not the only one! \n\nGoogle Analytics 4 uses a broad range of personal identifiers that look the same but work differently and perform different functions. It can get a little confusion, so let’s see what those identifiers are and what they are for.\n\n## What are Google Analytics’ identifiers?\n\n- **first-party** cookies are one of the main tracking tools in Google Analytics 4. Each cookie contains a unique identifier called _ga cookie\n- **app-instance identifiers** are generated by certain apps when they are installed. They identify a unique installation for the app\n- **advertising identifiers** are tied to a specific device, typically a mobile phone\n- **User-IDs** are a custom identifier that help a Google Analytics customer track users across devices.\n- **DoubleClick** cookies are used by Google Analytics to understand whether a certain ad was displayed to the user.\n\n## What are identifiers for? \n\nLet's dive in the identifiers Google Analytics 4 uses and whether they are bad for privacy.\n\n### Cookies\n\nFirst-party cookies are the main tracking tool in Google Analytics 4. Google Analytics can work without them but performs quite poorly.\n\nGoogle Analytics’ first-party cookies are the same for each website, which means that **Google can effectively track users around the web but websites cannot**. Privacy-wise, first-party cookies are a step up from the highly invasive third-party cookies that powered Universal Analytics, but [they are still not ideal](https://www.simpleanalytics.com/blog/is-google-analytics-4-gdpr-compliant).\n\n### App-instance identifiers\n\nApp-instance identifiers mostly come from SDKs. SDKs are bundles of code from which apps are built.\n\nApp-instance identifiers are crucial for **tracking mobile traffic** through Google Analytics for apps and for Firebase. They also play an important role in cross-device tracking.\n\nApp-instance identifiers are a privacy nightmare since SDKs are often shady and may elude user control. But the iOS environment does better than Android in this regard because of tracking controls.\n\n### User-IDs\n\nUser-IDs are custom identifiers that Google Analytics users can link to a different identifier in order to **track users cross-device**. For instance, User-IDs can be linked to user credentials in order to track users of an app or website across different devices.\n\nPrivacy-wise, User-IDs are not problematic in and of themselves but **encourage invasive tracking techniques** such as device fingerprinting and probabilistic tracking.\n\n### Advertising identifiers\n\nAdvertising identifiers are built-in trackers on devices. In practice, the most important are AAID and IDFA:\n- [Android’s Advertising ID](https://support.google.com/googleplay/android-developer/answer/6048248?hl=en) (**AAID**) is found in Android devices such as Android phones and Chromebooks\n- [Apple’s Identifier for Advertisers](https://developer.apple.com/documentation/adsupport/asidentifiermanager/advertisingidentifier) (**IDFA**) are found in iPhones.\n\nAdvertising identifiers raise privacy issues, especially AAID. AAID trackers are set **without user consent** and the option to turn off tracking is buried deep in the device’s privacy option. This opt-out system is a glaring violation of the GDPR and the [ePrivacy Directive](https://www.edps.europa.eu/data-protection/our-work/subjects/eprivacy-directive_en) of the EU, and we are quite surprised that regulators haven’t cracked down on AAID yet.\n\nApple is a little more privacy-friendly here because IDFA explicitly asks for **opt-in consent** since 2020.\n\n## Are there other identifiers in Google Analytics?\n\nYes, there are. But the ones we listed are the main identifiers and the ones marketers work with all the time.\n\nFor instance, Google Analytics uses IP addresses, which are also identifiers. But Google Analytics 4 only uses IPs for communication. Unlike Universal Analytics, Google Analytics 4 does not store IP addresses or use them for analytics. Bottom line, marketers can ignore them.\n\n## Are identifiers personal data/personal information?\n\nThere is no general answer because different laws have different definitions of personal data.\n\nUnder EU law, the situation is pretty clear: **identifiers are always personal data**. This is true by definition: any data that can identify or single out an individual, satisfies the GDPR’s definition of personal data.\n\nSpecifically, Google Analytics’ identifiers are considered to be **pseudonymous data**, which is a subtype of personal data and NOT to be confused with anonymous data. As a type of personal data, pseudonymous data are subject to all the rules and protections of the GDPR.\n\n## Do I need consent for identifiers?\n\nIt depends on the legal framework. [You definitely need consent in the EU](https://www.simpleanalytics.com/blog/cookies-101#how-are-cookies-regulated), but not every company is careful about compliance. For instance, many devs play fast and loose with trackers in their SDKs, and many websites write Google Analytics before consent is given by the users. Additionally, Google is breaching the law on a massive scale by not collecting opt-in consent for AAID.\n\n## Final Thoughts\n\nWe at [Simple Analytics](https://simpleanalytics.com/) don’t like cookies at all, whether they are first-party of third party. We believe in an open Web that is user and privacy-friendly. This is why we developed a web analytics service that does not collect personal data, at all.\n\nSimple Analytics is privacy-friendly, compliant out-of-the-box, and easy to set up and learn. New users get up to speed with no time thanks to its handy AI assistand and its clean, intuitive interface. \n\nIf this sounds good to you, feel free to [give us a try](https://www.simpleanalytics.com/signup)!\n",{"data":45},null,2222,"What are Google Analytics' identifiers?","What identifiers does Google Analytics use, and what do they do?","google-analytics-identifiers","2024-02-12T15:34:04.646Z","2024-04-16T12:08:09.867Z",{"en":53,"de":54,"fr":56,"it":58,"es":60,"nl":62},{"slug":49},{"slug":55},"was-sind-die-bezeichner-von-google-analytics",{"slug":57},"quels-sont-les-identifiants-de-google-analytics",{"slug":59},"quali-sono-gli-identificatori-di-google-analytics",{"slug":61},"que-son-los-identificadores-de-google-analytics",{"slug":63},"wat-zijn-de-identificatiecodes-van-google-analytics"]