On 25th July 2025, the UK brought in age verifications for adult websites as part of the Online Safety Act. The move was designed to prevent people under 18 years old from viewing adult material online… that’s porn, to you and me. While admirable in intention, the security concerns created by the age verifications (submit your ID, or recording a video of yourself saying, “I’d like to watch some porn, please”) are problematic to say the least. And so the porn viewing world has turned to VPNs as a more secure way to bypass the age restrictions, which operate in the UK.
VPNs work by masking the IP address, so that it looks like you are in a different country.
VPNs have topped app store sales since the change came into place, and so this represents a massive change in the online viewing habits for the UK. It’s only been three weeks since the change, so the dust is still settling on the data, but the team at Dark Horse have been researching the effect this has had on PPC.
When asked if anyone had a VPN to experiment with, there were a surprising number of volunteers, but we assume they’d all been doing their own experiments on the data already. Specifically, we wanted to understand how Google will deal with user location data and targeting when someone is pretending to be somewhere they’re not. So, if we’re targeting the UK with our campaigns, does that mean we’ll not be able to capture people using a VPN?
We’re blessed at Dark Horse to have a client in the AI partner vertical, which we’d have expected to be rich in data as many of its users were expected to (and the results show they have) turn to VPNs.
If we first consider this from a traffic/user basis. Our first area to investigate was GA4 for this particular client. They have managed to whip up AI partners all over the world, so we can compare directly against other territories that weren’t affected. Our Canadian cousins can still get access to porn whether they’re at a hockey game or relaxing at the top of the CN Tower, so they make a good comparison:
The UK traffic falls limp almost as soon as the change came in, while Canada had no issue keeping things up. Over 90% of user traffic dropped from the UK instantly. This seems ominous, and while a problem in of itself for GA4 data, it would be nothing short of catastrophic if this was mirrored in Google Ads.
Luckily, there is no such drop in clicks, impressions, and cost in Google Ads:
While this is obviously a good thing, we wanted to understand why it worked for Google Ads, if it doesn’t for GA4. We ran a few tests using VPNs, and even with them switched on, the search results page, indicated it knew our location from the phone’s recent location, and was using that to show results instead of the VPN’s location:
We actually did manage to confuse it, but only when we went on incognito mode, in addition to a VPN. It isn’t aware of the device location in this case, and shows ads and results for the VPN’s chosen proxy country. (Big shout out to our Head of Business Development Luke for very quickly thinking of using incognito mode and a VPN. I don’t know where he comes up with these ideas so fast).
The clue is also in the phrasing of the location targeting setting:
The “regularly in” part means that it will use your most frequent non-VPN location, even if you are currently using a VPN. This means that you don’t have to worry about targeting not matching up – we even tested it for campaigns actively excluding the VPN’s location, and found no issue. Unless of course, your customers are Luke Burdon using his VPN and incognito mode together.
For conversion tracking, however, the picture is more mixed. We ran several tests on a different client that uses WhatConverts for conversion tracking, but also has a GA4 import tracked as a secondary conversion. For this client, the results were very interesting. We used a VPN set to place us in the Netherlands, and placed test conversions through the site after going through a PPC ad.
On GA4, the real-time view showed us as being in the Netherlands, as before. And the conversion also attributed to the Netherlands.
Naturally, we assumed that when this is imported into Google Ads, it would keep the Netherlands location data… Wrong. In Google Ads, both the WhatConverts, and somehow, the GA4 import were tracking into Google Ads with UK targeting. Even drilled down to Altrincham so it’s not like it just applied the same top-level location data as the campaign target.
It appears that Google Ads will override the location data attached from GA4 in the import, and use what it knows from the location data it has for the user who clicked. Very clever.
So at this point, it looks like GA4 gets it wrong, and Google Ads gets it so right it can even fix things when GA4 sends it through as wrong. Unfortunately, not quite.
When we consider this type of test for the AI partners client, the GA4 conversions clearly just aren’t carrying over, and they drop off in the UK at the same rate as the user data in GA4:
The reasons for why GA4 conversion imports for VPN users work for some clients but not others is still something the team are investigating. The most likely reason we believe at this stage is differing cookie policies. We are also investigating whether using website tags, or WhatConverts solutions will never experience a drop off in the same way GA4 imports sometimes do.
We would therefore recommend checking all GA4 conversion imports for drop offs in the UK market, ideally switching to more robust conversion tracking solutions.
While we appreciate that some people may be thinking, “well my customer base won’t be using a VPN”. This may be true now, but if the UK becomes accustomed to using VPNs more regularly with time, the chance of people just leaving them on will surely start to increase. It’s not unfathomable to think that after watching a bit of slap and tickle, your customers might suddenly remember that they need to buy a new ping pong paddle. Or that Great Aunt Alma’s birthday is coming up, and she’d surely love an equestrian whip for her horse riding.
We’ll bring you more results of these further tests as we uncover them. But until then, just remember that your customers may be wankers.