Skip to main content
Back to Guides
Integration6 min read

LinkedIn Insight Tag & Consent: Gate It Right

The LinkedIn Insight Tag has no consent switch of its own, so B2B teams lean on legitimate interest and skip the banner. That's the wrong call. Here's how to load the tag only after consent, browser side and via the Conversions API.

"It's B2B, We Have Legitimate Interest" Doesn't Cover the Cookie

This is the most common mistake B2B marketers make with the LinkedIn Insight Tag. They reason that professional targeting is a legitimate business interest, so they fire the tag on every page without a consent gate. The reasoning confuses two separate legal questions. Legitimate interest can, in some cases, be a lawful basis for processing data under the GDPR. It does nothing for the ePrivacy question, which is separate and comes first: Article 5(3) requires prior consent before you store or read any non-essential cookie on a device, and it lists no legitimate-interest exemption. The Insight Tag writes advertising and analytics cookies. So it needs consent before it loads, full stop, regardless of how good your business case for the data is.

What the Insight Tag Actually Drops

The base code sets window._linkedin_partner_id, pushes it into window._linkedin_data_partner_ids, and loads insight.min.js from LinkedIn's CDN. Once it runs, it sets a handful of cookies for measurement and audience matching. None of them are strictly necessary, so all of them sit behind consent.

Cookies the LinkedIn Insight Tag sets
CookiePurposeConsent needed?
li_fat_idLinks a visit to a LinkedIn member for conversion and retargetingYes, advertising
li_sugrBrowser-derived identifier for measurement when the member ID is unavailableYes
bcookie / bscookieLinkedIn browser ID cookies used across LinkedIn servicesYes
UserMatchHistory / AnalyticsSyncHistoryAd ID syncing and audience match historyYes, advertising
lidc / li_gcRouting and consent-storage cookies for LinkedIn's own domainDepends on role; treat as non-essential on your site

No Native Consent Switch, So Gate the Load

Meta gives you fbq('consent', 'revoke'). TikTok gives you ttq.holdConsent(). Microsoft gives you a uetq consent signal. The LinkedIn Insight Tag gives you none of these. There is no JavaScript call that puts the tag into a cookieless holding state. That leaves one reliable approach: don't put the tag on the page until consent is granted, then load it.

Two patterns do this cleanly. If you deploy through Google Tag Manager, fire the Insight Tag on a trigger that checks your consent state, so the tag simply doesn't run until the marketing category is accepted. If you deploy the raw snippet, a consent management platform blocks the script and injects it only after acceptance. The GTM approach looks like this once your CMP writes the consent state into the data layer:

// Your CMP pushes the decision to the dataLayer:
window.dataLayer.push({
  event: 'consent_update',
  marketing_consent: 'granted'   // or 'denied'
});

// In GTM, the LinkedIn Insight Tag tag fires on a
// Custom Event trigger 'consent_update' with a condition:
//   marketing_consent  equals  granted
//
// Result: insight.min.js is never requested, and no
// li_fat_id / li_sugr cookie is written, until consent exists.
Copy code to clipboard

A Blocked Tag, Not a Hidden Banner

Putting the banner in front of a tag that already loaded is not consent, it's theater. If insight.min.js runs and sets li_fat_id while the banner is still on screen, you collected the identifier before the visitor agreed. Test it: clear cookies, load the page, leave the banner alone, and check the Application tab for li_fat_id, li_sugr, or bcookie. If any appear, your tag is firing early and your legitimate-interest argument won't save you, because the violation is the cookie write, not the data use.

The Conversions API Doesn't Change the Question

LinkedIn offers a Conversions API, a server-to-server endpoint that sends conversion events from your backend without the browser script. It's useful for recovering events the Insight Tag loses to ad blockers and browser restrictions. It carries the same consent obligation. If your backend forwards a conversion with a hashed email or a LinkedIn click identifier for a visitor who declined advertising, you've processed personal data for advertising without a basis, and you've done it somewhere a client-side scanner can't see. Read the consent decision on the server and skip the forward when marketing consent is missing. For the wider pattern of enforcing consent at the server, see server-side consent enforcement.

You're the Controller, and LinkedIn Says So

There's a contractual layer on top of the legal one. When you place the Insight Tag on your site, you're the party deciding to collect the data, which makes you the controller for that processing. LinkedIn's advertising terms put the obligation on you to obtain any consent the law requires before the tag runs, and to give visitors the notice they need to make the choice an informed one. So gating the tag isn't only about avoiding a regulator. It's a term of using LinkedIn's ad products at all. Practically, that means your consent record has to show what the visitor agreed to and when, because if a complaint lands, "the tag fired" is your fact to explain, not LinkedIn's. Keep the tag out of the page until consent, log the decision, and you've satisfied both the ePrivacy rule and the contract in one move.

LinkedIn Insight Tag Consent Checklist

  • The Insight Tag script is not requested until marketing consent is granted

    Load-on-consent, since LinkedIn ships no cookieless holding mode.

  • No li_fat_id or li_sugr cookie exists before acceptance

    The auditor's test: cookies cleared, banner untouched, Application tab checked.

  • The tag sits under the marketing (advertising) category, not analytics

    Categorize it by what it does. It builds audiences and tracks conversions.

  • Conversions API forwards are skipped for non-consenting visitors

    Server-to-server is the same lawful-basis question in a less visible place.

  • Your privacy policy names LinkedIn and the US data transfer

    Consent has to be informed, which means the visitor knows who receives the data.

Doing It With CookieBeam

CookieBeam holds the LinkedIn Insight Tag in a blocked state and injects it only when the visitor accepts marketing, which is exactly what a tag with no native consent mode needs. Its scanner flags the tag and its cookies during an audit, so you can confirm the tag is genuinely gated rather than just visually behind a banner. If you run the Conversions API through a server container, CookieBeam's consent signal reaches the server so the forward can be gated on the real decision. Categorize the tag as advertising, wire it to your marketing toggle, and verify with the scanner.

Related Guides and Sources

Continue with TikTok Pixel and Events API Consent, Meta Pixel and Conversions API Consent Gating, and Google Tag Manager Consent Setup. Primary sources: LinkedIn's Insight Tag overview, the LinkedIn Conversions API documentation, and the ePrivacy Directive Article 5(3) on prior consent for cookies.

LinkedIn Insight Tag Consent Gating Guide | CookieBeam | CookieBeam