Cookies have enabled the growth and success of many marketing and sales efforts across the internet.
In the physical world, marketers rarely -- if ever -- knew exactly how many people actually looked at an advertisement. But internet cookies have enabled marketers to identify if a user has previously visited a site, along with other customer data points.
Cookies have also enabled marketers to deliver more targeted and relevant ads to users. Instead of a generic display ad, cookies can enable delivery of ads that are more attractive to specific users.
Advertisers have relied on third-party cookies since the 1990s. But third-party cookies in the marketing landscape may soon come to an end, due to security and privacy concerns.
What are third-party cookies?
A cookie is a small amount of data that is stored in a user's web browser. It can track if a user has visited a website before, login information or other user behavior attributes. Cookies can also improve user experience and collect a limited amount of customer data.
For web browsers, there are two foundational types of cookies: a first-party cookie and a third-party cookie.
A first-party cookie is set and accessed by the same website the user is visiting. It is also sometimes referred to as a SameSite cookie. First-party cookies help with personalization for the specific site a user is visiting.
A third-party cookie is set and accessed by a different entity than the local domain or website the user is browsing. A third-party cookie can help to track users across multiple sites to better understand user behavior beyond a single site. Marketers and social media platforms often use third-party cookies for advertising purposes.
Google postpones death of third-party cookies
While third-party cookies are a good thing for marketers, the same cannot be said for user privacy. Third-party cookies have long been viewed as a tracking mechanism that can potentially violate user privacy.
While generally safe, third-party cookies could potentially represent a security risk. For example, there could be user risk if the cookie is not properly secured, if data includes personally identifiable information or if the data is shared without authorization.
In August 2019, Google announced a plan to block and disable third-party cookies in its Chrome browser. Then in January 2020, Google's Privacy Sandbox project was unveiled. The intent was to bring in a more privacy-sensitive approach than third-party cookies. At that point, Google expected to declare third-party cookies dead by 2022.
On June 24, 2021, Google gave third-party cookies a stay of execution. The transition to a different technology wouldn't be complete until at least 2023. The delay was due, in part, to an ongoing investigation by the European Union into Google's advertising activities. The United Kingdom's Competition and Markets Authority is also investigating Google's Privacy Sandbox plans.
Why businesses need to create a new marketing strategy now
To comply with privacy regulations -- including General Data Protection Regulation and California Consumer Privacy Act -- website operators have had to identify when third-party cookies are used and ask users to allow them.
The need to allow cookies creates a friction point for some users when they don't allow cookies. Without cookies, marketers may not be able to accurately deliver targeted digital advertising. So, even in the absence of an outright ban on third-party cookies, users need to opt-in to allow them, which not all users will do.
There is also a growing use of ad blockers inside browsers, including Google Chrome. Ad blockers often rely on blocking third-party cookies to be effective.
It's no longer a good strategy for marketers to rely on third-party cookies, as they did during the early days of the internet. It is necessary for marketers to have an alternative online advertising and marketing strategy.
Alternatives to third-party cookies
There are alternatives to third-party cookies that can help with online marketing efforts.
One of the primary hurdles behind the death of third-party cookies is the delay in Google's suggested replacement, known as Federated Learning of Cohorts (FLoC). FLoC's premise is that privacy can be protected by clustering groups of users together by interests. It would hide individual users and enable advertisers to reach an appropriate audience. FLoC is positioned by Google as a potential industry standard.
However, FLoC isn't the only alternative to third-party cookies. Here are some others:
- First-party cookies. While third-party cookies may not be around for long, there is no indication that first-party cookies are going away. With a first-party cookie, the origin site can still collect and understand customer data that it can use to improve user experience.
- Zero-party data. The concept of zero-party data is one where users voluntarily provide information to a site or platform.
- Identification (ID) providers. With ID providers, users opt into a service, giving permission to provide information about themselves to marketers. There are also ongoing efforts to develop email address-based identity associations known as unified identifiers (UID 2.0). This would help users opt into an approach allowing marketers to identify some of their activities.
- Device fingerprinting. This method enables a site operator or marketer to collect information about a user's device or browser. device fingerprinting makes it possible to profile a device and its usage for more targeted marketing.
- Contextual targeting. Also known as contextual marketing, this approach relies on the context of the site the user is visiting. For example, if a user is on a site searching for a keyboard, they will be shown advertisements about keyboards.
Read more on tips for creating a personalized marketing strategy here.