Following the General Data Protection Regulations (GDPR) which regulate the gathering of personalized information, AdSense introduced a method to load non-personalized ads. You can make use of that ad delivery method if you don’t want to show personalized AdSense ads before a visitor gave her consent.
Once you implemented non-personalized ads you might want to check if they are really served. This is not possible just by looking at the ads since they will look the same. This tutorial explains how you can at least verify if the necessary npa parameter is added to the request.
About non-personalized AdSense ads
If you found this article searching for more information about non-personalized ads then use the following links. I am not giving all background information here, since I wanted to focus on the topic of verifying non-personalized ads.
- short definition of personalized vs. non-personalized ads
- disabling personalized ads for all EU-visitors in your AdSense account
- setting up non-personalized ads in your AdSense code
- show non-personalized AdSense ads until consent is given in WordPress
If your site is using WordPress and you don’t feel comfortable changing the AdSense code manually then use my Advanced Ads plugin and follow this tutorial.
How to check non-personalized AdSense ads in your browser
In order to check if non-personalized AdSense ads are displayed, you need to open the browser console. The exact naming of the options depends on your browser. I am using Chrome on Mac in my example, where these tools are called “DevTools”.
We need to go to the Network panel, which displays all requests your site is doing to load some resources.
If you opened that panel after your site was loaded it might not show all requests, so please reload the page while keeping the panel open.
Once reloaded, you should filter the list by searching for “ads”. Among the results should be a call that starts with ads?client=ca-pub. See the screenshot below.
Shortcut in Chrome: You can just search for “npa” in the Network panel and all calls to “ads?” should show up. That also confirms that the parameter is set. I am not sure if the search in other browsers also checks this parameter or if you’d need to follow the next steps to analyze the individual calls.
Each manually placed ad and the Auto ads code has its individual request, so you could see more than one result. You can check every one of them, but in the best case, they all behave the same regarding non-personalized ads.
The only difference between a request for non-personalized and personalized ads is an additional npa parameter.
Click on the request to see more details. You should be in the Headers tab by default and see the Request URL entry at the top. It is much more than in my example below.
Double click on that entry and copy it completely into a text editor.
Now, use the search functionality of your text editor to look for the string “npa”. The value doesn’t matter since it is either set if non-personalized ads are delivered or missing completely if AdSense delivers personalized ads.
I understand that this method is a bit complicated, but my friends at AdSense confirmed that it is the only way to check that the technical implementation of non-personalized ads is correct.
While implementing the consent check in Advanced Ads to show non-personalized AdSense ads until the user gives her consent, I met a couple of questions. I don’t have the answers but decided to raise them myself before it comes up in the comments.
Most important: none of this is legal advice since I am not a lawyer.
Does AdSense honor the request for non-personalized ads?
While AdSense introduced this feature on their end, there is no other way for publishers to reliably check if they also honor it and, in general, which personalized information they are still gathering. It is the same with all other external services on your site.
There is probably one way to at least verify that non-personalized ads are not working: if you see ads related to products that you looked at before. This means you are retargeted by personalized ads. In that case, you should double check the implementation of your settings.
Do non-personalized ads make my site GDPR-compliant?