Third-Party Cookies are Crumbling: What Marketers Can Expect

For years, marketers have been relying on third-party cookies to track users across the web, discover their interests, and increase conversions. Starting in mid-2023, Google will begin to slowly phase out the use of third-party cookies and by late 2023 it will no longer be supported by Google Chrome web browsers. This announcement has left marketers and advertisers wondering what they can expect and how this update will impact their businesses in the future. 

According to a report by Statcounter, Google Chrome holds 63.59 percent of the browser market share worldwide. As Google prepares to join other web browsers such as Safari and Firefox in the ban on third-party tracking cookies, this marks a major turning point in how we will be able to collect user data, leading us to embark into the uncharted territory of a whole new digital advertising landscape.

What are cookies and how do they work?

Cookes, also known as HTTP cookies, are small files saved to your computer that contain data collected by the websites visited in your web browser. They store information about your session, such as your login credentials, preferences, and other valuable information collected during your journey across different websites for cross-site tracking purposes. 

Did you know that an average website has about 23 cookies, with 60 percent of them being third-party cookies? Marketers and advertisers use a majority of these cookies to gain information on user behavior—frequently visited websites, interests, purchases and other relevant information such as their age and gender. This data helps them create user profiles that can be used for retargeting, campaign optimization, and more.   

Types of Cookies 

Third-party cookies are created by a third-party server from a site that the user is not currently visiting and it can be accessible to any website that loads its code. These types of cookies enable marketing strategies such as tracking and retargeting to take place, but they have become highly controversial under data protection law. As a result, the collection of third-party cookies often causes online users to mistrust your website. 

Second-party cookies are pre-existing cookies that are transferred from one company to another. This occurs when a company moves first-party cookies to another company that is considered a “trusted partner,” as a result of a data partnership.

First-party cookies are created by the site that the user is currently visiting and they are only accessible through that site. Website owners can use these first-party cookies to auto populate login credentials, save content preferences, collect data, etc. In terms of data usage, these cookies are considered relatively harmless. 

How web browsers handle third-party cookies

• Safari became one of the first popular web browsers to block the use of third-party cookies using Intelligent Tracking Prevention (ITP), which restricts an advertisers ability to track users across domains. Even though ITP has proven to be successful in limiting third-party cookie tracking, a combination of ITP’s robust cookie-blocking power and Safari’s inability to support most plug-ins works to obstruct alternative methods that marketers and advertisers have been using to identify their users.     
• Firefox developed Total Cookie Protection (TCP), its latest cookie-blocking feature that has been built into the enhanced tracking protection (ETP) strict mode. TCP operates by maintaining a separate “cookie jar” for every website a user may visit. So instead of being saved to one file, third-party content is compartmentalized into the “cookie jar” of each respective website.
• Chrome’s dominance in search and advertising markets have delayed its ability to block third-party cookies by default. Instead, it is providing users with the option to block them on their own until they phase out completely by late 2023. This will make Chrome one of the last web browsers to fully ban third-party cookies.  

A privacy-first future for all    

It’s no secret that third-party cookies have been a godsend for marketers and advertisers. All it takes is the creation of a cookie and a website visit to start tracking a user, then you can gain access to all of the websites they have visited. Unfortunately, consumers haven’t been as enthusiastic about having their online activities tracked and monitored for advertising purposes. 

According to the Pew Research Center, 79 percent of Americans have expressed concern over how companies are using the data that is being collected from them. To eliminate these feelings of intrusiveness, Google plans to phase out the use of third-party cookies in an effort to adhere to tighter cookie privacy policies, win back the trust of its online audience, and cultivate a digital environment that puts privacy first for its Chrome users.  

Fully Enforced Data Privacy Regulations 

According to a study by Cisco, 84 percent of global consumers said they value their privacy and would like more control over how their data is being used by companies. Stronger controls over how personal data should be used calls for stronger laws, which will leave major web browser companies such as Google with no choice but to comply. 

The following regulations have influenced Google’s decision to ban third-party cookies as it continues to buckle down on its third-party usage and move towards a new, more privacy-centric digital landscape:   

General Data Protection Regulation (GDPR) is a European law which states that it is the legal responsibility of website owners and operators to ensure that all personal data is collected and processed in a lawful manner. According to GDPR, a website can only collect personal information after it has been provided with consent from the user to utilize it for a specific purpose. 

ePrivacy Directive, also referred to as the EU law, works to enforce and secure the right to privacy through data protection. It is a European law that aims to provide users with “the right to private life, the confidentiality of communications and the protection of personal data in the electronic communications sector.”

California Consumer Privacy Act (CCPA) is a law enacted in 2018 that provides any California state resident browsing the web the right to know about the personal information a business collects about them, the right to delete personal information collected, the right to opt out, and the right to non-discrimination for exercising their rights. 

How it will impact your advertising

When Google first announced its plan to phase out third-party cookies, fear of the unknown came rushing in for many companies that relied heavily on them to reach their audiences. But as more Google updates continue to be made, marketers and advertisers are beginning to get a better idea of how these changes may impact their advertising efforts once they are in full effect.  

Retargeting/remarketing

As we mentioned earlier, about 60 percent of a website’s cookies are third-party cookies used for targeting and advertising. This can only mean that without the use of third-party cookies, retargeting and remarketing ads may not be as effective as they once were. Retargeting tracks users who have visited a website by placing a targeting pixel into the site that is triggered when the page loads. In turn, it serves the user with advertisements that are relevant to their search and web browsing history. 

According to the “Rule of 7,” a prospect has to see your advertisement at least seven times before they make a decision. For years, marketers have been achieving this with programmatic advertising, cookie-driven technology that allows marketers and advertisers to place a bid on ad space. But once the third-party cookie becomes completely obsolete, the success rate of programmatic may change dramatically.   

Increase in contextual ads

Naturally, the rise of a privacy-first digital environment means the advertising industry will face a decrease in programmatic ad revenue. According to research by Google, a publisher’s digital ad revenue can be reduced by 52 percent on impressions without cookies.  

As a solution, many marketers and advertisers plan to wind down their use of programmatic advertising and ramp up their marketing efforts using contextual advertising. These ads are less intrusive and highly effective as they only serve advertisements that match the current content on the page the consumer shows an interest in. 

Changes you can expect to see 

Migration to the Privacy Sandbox

In August 2019, Google announced the creation of the “Privacy Sandbox,” which aims to “create a thriving web ecosystem that is respectful of users and private by default.” It introduces a new functionality that is a less-invasive alternative to cross-site tracking where third-party cookies are replaced by five application programming interfaces. 

Below are a few that you can expect to see: 

Flocking to FLoC

Federated Learning of Cohorts (FLoC) is a form of interest-based advertising that Google believes can replace third-party cookies and the individual identifiers they create to track and monitor a user’s browsing history. With FLoC, every user’s web browser  will be assigned a cohort ID, which will designate them to a group and, instead of sharing an individual’s personal information, the information collected from that group will be shared with marketers and advertisers instead. 

According to Google, FLoC aims to “hide individuals within large crowds of people with common interests.” This will offer an alternative for Google to keep its users’ web history private and avoid privacy risks, while still granting marketers and advertisers the sufficient data they need to effectively target its consumers. 

Introducing Project Rearc

Project Rearc, a global coalition developed by the International Advertising Bureau (IAB), was created with the hopes of bringing together everyone in the digital advertising and media supply-chain space to help make our digital environment a safe and trusted environment for consumers. It is centered around the concept of using emails or phone numbers that are hashed or encrypted as safe forms of user identification that can be used for advertising purposes.  

Learning the Value of “Trust Tokens”

Trust tokens are new browser APIs that can authenticate a user without ever knowing their identity. Trust cookies are stored by the user’s browser and, unlike third-party cookies, they are unable to track users across websites. 

Our Take

At DAGMAR Marketing, we’re looking forward to seeing what will become of our advertising space once third-party cookies have officially phased out. While we are aware that we will be losing our retargeting abilities, we see a silver lining that will allow us to gain something greater in return—a better understanding of our audience and an improved relationship that will be built on trust.  

“We fully support the privacy-first movement and we applaud this move, but we do recognize that it may be good for users and bad for marketers,” says Chris Gregory, Founder and Chief Strategist of DAGMAR Marketing.

As individuals who also happen to be marketers, we understand that a safer, less intrusive online experience will be better for the user, even if it comes at the expense of highly targeted advertising. As a result, we plan to embrace the changes to our digital advertising landscape, be flexible, and be fearless as we prepare to take on the unknown. 

If you like “Third-Party Cookies are Crumbling: What Marketers Can Expect,” subscribe to our blog below.