My Take: Compliance with Verified Data

A forensic approach to Google Analytics data quality and compliance.

Much has been said about GDPR compliance and data quality. Broadly speaking, there are three areas which need to be addressed:

  1. Cookie Solution: A method to ask for consent — cookie banner, prior blocking and asynchronous reactivation. CookiePro, by OneTrust, a leader in privacy management, nicely address this point and will scan your site and find all the tools currently in use, whether they use cookies or local storage. For one of my clients,, we used Cookie Consent, an open source solution which we customized.
  2. Ongoing Compliance: Monitoring things are the way they should and raising the flag if they aren’t. Only the most expensive solutions offer this type of service.

If you are going to make data-informed decisions, better be confident in your data! Verified Data addresses the complex task of making sure your configuration is actually right and you can have reasonable trust in your data.

The Unique Value Proposition of Verified Data

While other solutions will merely check the presence of tags, Verified Data will leverage its access to your Google Analytics data to look at the actual configuration.

Setting a First Audit

Setting the spider is straightforward: pick a Google Analytics view, and optionally set up crawl depth, URL filters and parameters to exclude or specifically keep.

Looking Under the Hood

Every account covers the Structure & Access of your Account/Property/Views, some Data Validity checks, Error Page tracking and Deployment & Coverage.

  1. Marketing & Ads checks Google Ads tracking, visitor segments and campaign tracking;
  2. The Bespoke module focuses on things such as Site Search, File Download, Outbound Links, Events and Goals;
  3. And finally, E-Commerce looks at transactions, product dimensions, and shopping stages.
  • By using AI they are also able to spot PII in different languages. What constitutes PII varies greatly by region and country. Imagine if you have to manage a large-scale localized brand!

Understanding the Results

Verified Data claims 60% of Google Analytics implementations are so poor you shouldn’t even trust the data. Let’s forget about being “data driven”…

Making decisions based on misleading data is worse than forgoing analytics completely and going with experience and guts.

After an audit you get a nice scorecard with a snapshot of all the checks which were done behind the scene. As you run new audits, you will get additional columns so you can easily see how things are improving.

  • Filters are being used
  • Account, Property or View filters are manageable (less than 20)
  • Subdirectory filters are avoided
  • Multiple includes are avoided
  • There’s a filter to exclude Internal/Staff visits
  • A Hostname include filter is present
  • Spiders & Bots are excluded
  • Spam Referrals are excluded
  • There are no “not set” Landing Pages
  • There are no self-referrals
  • The view doesn’t contain mixed case URLs
  • There are no intra-site campaign links

My Take

Things have come a long way since I created WASP a decade ago. At the time, the goal was to identify tags in situ to help debugging implementations. Then came things like ObservePoint and Hub’Scan cloud-based crawlers which checks the presence of tags and run scenarios, but they both fail at actually checking the validity of the implementation itself (beyond defining which metrics and dimensions you expect). ObservePoint being an American company, their offering doesn’t even address GDPR or privacy compliance in general and their price point is pretty high. Hub’Scan merely uses its scenario technology to record the expected steps and validate against those. Other tools I like, such as GTMetrix and DareBoost for website performance analysis, covers other aspects, but not GA implementation. Those solutions do not find trackable content within pages such as outbound links, file downloads, etc.

All the world is made of faith, and trust, and pixie dust. Digital marketer & analyst with a strong interest in privacy and the ethical use of data.