www.it-connect.fr
Google Will Use Your IP Address for Ad Targeting Starting August 3, 2026
Using your IP address to deliver personalized ads is Google’s latest idea. Starting August 3, 2026, Google will roll it out in the European Economic Area, the United Kingdom, and Switzerland. Since the IP address is personal data under the GDPR, it will therefore be used for ad targeting.
Since June 17, 2026, Google has started sending notifications to its users to warn them about an upcoming change later this summer. I received this notification because I have a Google AdSense account, but I’m not sure it is being sent to all users. The message is clear: as of August 3, the IP address of users in Europe, the UK, and Switzerland may be used to measure and personalize ads. An IP address can reveal a user’s geographic location (unless they are using a VPN or a proxy), which makes it a useful tool for showing local ads.
If this data is being used, it is no accident: it is sent with every request, so Google is certain to have access to it. Besides, Google already uses IP addresses for certain purposes, including routing traffic to serve ads. In reality, we need to distinguish between owning a piece of data and how that data is used.
It is precisely that usage that is about to change. In a few weeks, IP addresses will be used to identify devices for ad measurement and personalization purposes. And that is exactly the kind of use that triggers the requirement to obtain consent under European and UK law.
To frame this mechanism, Google will register under Feature 3 of the Transparency and Consent Framework (TCF) from IAB Europe, defined as follows: identify devices from automatically transmitted information. That fits IP addresses well.
What about consent? Feature 3 of the TCF is tied to personalization purposes, which is not legitimate interest. In other words, Google will need to obtain the user’s consent to carry out this tracking based on IP addresses. In short, in the near future, if you accept all cookies on websites, you will likely be accepting this as well.
IP Addresses and the GDPR: What Does It Mean?
An IP address is personal data under the GDPR, and using it to identify a device is one of the basic building blocks of fingerprinting. As a reminder, this is a tracking technique that makes it possible to follow a device even when cookies are blocked or deleted.
The problem is that cookies and fingerprinting are two different methods. Cookies are deleted directly on the user’s device, whereas fingerprinting is not. In fact, one could even say that Google has changed its position. In 2019, Justin Schuh, then Chrome’s engineering director, wrote that fingerprinting circumvents user choice and is harmful precisely because it cannot be cleared the way cookies can.
In any case, using the IP address must necessarily require the user’s consent in order to comply with the GDPR.
From the user side, it remains to be seen what options will be available regarding IP-based personalization. For now, there is no specific setting for this upcoming change. I encourage you to review the ad personalization settings in your Google account at myadcenter.google.com.
