The End of Third-Party Cookies

We’ve all heard a lot about cookies (and not the kind you can eat that everyone is baking from home these days). There has also been a lot of talk about the upcoming death of cookie use in advertising. This harkens the questions – What are cookies, what are they used for, and why does it matter if they go away? 

Cookies were originally designed by website developers to help them collect information on users to enhance the user experience on a website. In simple terms, a user visits a website and this website installs a cookie in their web browser. The next time they visit that site, the web server checks to see if a cookie is present and if it is, it passes the information it contains back, allowing the server to “personalize” the delivery or user experience to what the user had on their last visit. In essence, it gives a website the ability to extend a user’s session to multiple visits. This type of cookie is known as a first-party cookie.

Along the way, developers also realized that cookies would be a great way to collect information on users that could be used to personalize advertising and target users according to their preferences and online behaviours.

What Are First-Party Cookies Used For?

As outlined above, first-party cookies are created by a host domain or the website a user is visiting. They are generally helpful and make the user experience better on a website. For example:

• Remembering a user has added something to a cart so it will still be there when they come back to the site
• Remembering a user’s language preference
• Remembering the geolocation of a user to serve up content relevant to their location on a return visit
• Remembering a users login and password details

First party cookies can collect information on users that can be combined with other “owned data” from things like CRM systems to create very detailed user profiles of customers that can be used by a host domain for marketing – think persona development, behaviour targeting etc.

What Are Third-party Cookies Used For?

Third-party cookies are created by domains other than one that a user is visiting at the time. They are mainly used for collecting tracking information for online marketing and they are also used by website owners to integrate third-party tools like online chat or CRM forms.

AdTech platforms leverage third-party cookies by running code on millions of sites on the web, making up an ad network. When a user visits a site running the Adtech platforms code, it installs a third-party cookie into a users browser which is used to collect information on that user.

If a user already has a third party cookie for that network installed, it will then collect information and append it to the Adtech platform’s database as a user browses the web, compiling a detailed profile on a user. This information is then used by marketers on ad-serving platforms to run targeted advertising to consumers based on their profiles.

The use of third party cookies allow advertisers to deliver personalized, targeted and relevant ads to web users. It is a bit of a double-edged sword. On the positive side of things, people tend to prefer seeing ads for products and services that are relevant to their interest and on the negative side people also feel as though their privacy may be compromised.

Over time, the number of Adtech companies and third-party cookie providers has increased exponentially. There have also been very few laws or regulations in regards to the type of data third-party cookie providers can collect, store and ultimately what they could use them for. This has led to a marketplace where user data has often been sold by third-party cookie providers to data brokers who in turn sell or “rent” the data to other providers that can use the data in any way they want to. From a privacy perspective, this is not a good thing as website users are often not aware of what information is being collected about them and what it is being used for.

This all came to a head with the introduction of the GDPR in Europe in 2016. The GDPR requires website owners to declare when cookies are being used on a website and provide a mechanism for users to opt-out of using the cookies.

Other incidents like the targeted “fake news” posts of the 2016 presidential election and the subsequent Cambridge Analytica scandal highlighted the amount of user information being collected online and the lack of regulation surrounding it.

The ability for third-party cookies to exist and thrive ultimately rests with web browsers like Chrome, Safari, and Firefox allowing third-party cookies to be used on their browsers. With user privacy being in the news, it was only a matter of time before third-party cookies would become obsolete.

When Will Third-Party Cookies Go Away?

As a result of privacy concerns, beginning in 2017, Apple’s Safari browser began blocking third-party cookies by default. It was joined in 2019 by Mozilla’s Firefox web browser, leaving Google’s Chrome browser with around 65% worldwide market share, as the only major browser to allow third-party cookies.

In January of 2020, Google announced that by 2022 Chrome will also drop support for third-party cookies.

What Does This Mean For Marketers?

It is honestly too early to tell what companies like DSP’s (Demand Side Platforms), which require third-party cookies to run display advertising, are going to do. Nothing is changing today and the 2022 date given by Google is not a hard date. Google’s own “Google Display Network” (GDN) relies very heavily on third-party cookies for targeting display ads. Google owns DoubleClick, which is one of the worlds’ largest Adtech platforms, and it also relies heavily on third-party cookies, so while Google knows that the change is inevitable, it is in no rush to get there.

For its part, Google is working on a feature for Chrome called the “Privacy Sandbox” that will allow users to provide certain anonymized data that Adtech companies could access through an API to allow them to leverage for targeting. This may mean that targeting would be more general than what we have available now as users will be in control of it and there will be guidelines in place as to what can be collected.

What Can Advertisers Do?

One of the primary things organizations can do to minimize the impact of losing access to third-party cookies is to leverage their own first-party or “owned” data from sources like CRM’s, point of sale systems (POS), Content Marketing Platforms etc. to build robust marketing tech stack. By integrating your Martech stack with tools like Customer Data Platforms (CDP), you can provide your own audience targeting information to trusted third-party providers.

Advertisers can continue to leverage platforms like Google Search and social media platforms like Facebook, LinkedIn, Twitter, Pinterest, Youtube etc. as they are not affected by this change. These platforms rely on first-person data that they collect on their users to provide targeting on their networks.

You can also look for opportunities to work with third-party partners like Pelmorex (owners of The Weather Network) who use data collected from their smartphone app in combination with first-party data collected on their websites to provide targeting options to marketers and partners on their own DSP, meaning that they will be largely unaffected by the removal of third-party cookies.

While the changes in allowing third-party cookie use are still a ways away and the full impact of banning them is still unknown, it is important to be aware of the changes so you can make informed decisions when planning in the future. How is your organization starting to plan for a cookieless world? Let me know in the comments!