3 mins read

GA4 introduces new option for redacting personal data

Google has released new documentation for the GA4 data redaction feature, which prevents personally identifiable information (PII) from being accidentally sent to Google. This makes it easier to comply with data protection laws and Google’s own policies.

What’s notable about this feature is that it is enabled by default for new properties added to GA4, but existing properties must be enabled manually.

Google’s GA 4 policies require that no personal information be sent via GA4 that Google could use to identify individuals.

Examples of personal data include:

  • Email address
  • Personal cell phone numbers
  • Social Security Numbers

Remove PII from URLs

One way personal data could be unintentionally sent to Google is through URL paths and parameters that contain personal data.

The Data Redaction feature in GA4 is a setting that is enabled by default for new properties added to GA4.

Existing properties must configure the data redaction feature in the web data stream settings.

GA4’s data redaction feature analyzes events before they are sent to Google and removes any personal information that may be contained in the data.

New feature available on GA4

Below is a screenshot of the new feature now available on GA4:

GA4 introduces new option for redacting personal data

This is a screenshot of the next window that opens, allowing users to redact data:

GA4 introduces new option for redacting personal data

By clicking the two buttons, users can black out personal information so that it is not sent to Google.

It is enabled by default for new properties, but must be manually toggled for existing properties.

According to the new documentation:

“The data redaction feature helps prevent the accidental collection of personal information in the form of email addresses and URL query parameters.

Data redaction uses text patterns to identify likely email addresses across all event parameters and the URL query parameters included as part of the page_location, page_referrer, page_path, link_url, video_url, and form_destination event parameters.”

It should be noted that Google’s documentation states that users should not contract out their personal data removal responsibilities with this solution.

The resolution cannot be considered complete as GA4 users remain obligated to ensure that no PII is otherwise sent to Google that the data redaction feature may not be able to identify and remove.

The new documentation states:

“It is important to remember that while data redaction is an effective remedy against the inadvertent collection of personal data, the ultimate responsibility for complying with legal requirements still lies with the company collecting data.”

To help you better meet this responsibility, this feature allows you to test your configuration to understand whether the text patterns you identify are redacted as expected (more information).”

You can also use the Debug View to monitor in real time how Analytics is collecting events from your website.”

Now it’s just a setting within GA4.

Read Google’s newly released documentation on the data redaction feature:

[GA4] Data editing