What Does the Death of Third-Party Cookies Mean for Online Advertising?

Brock Munro
January 27, 2021
March 26, 2024
What Does the Death of Third-Party Cookies Mean for Online Advertising?

Google's phased approach to discontinuing third-party cookies in Google Chrome has been a topic of intense discussion in the ad tech industry. Initially, third-party cookies were slated for deprecation due to increasing privacy concerns and the complexities introduced by mobile web browsing.

 However, Google's response has been more measured compared to other browsers like Safari and Firefox, which have already eliminated third-party cookies. In a significant development, Google has begun restricting third-party cookies by default for 1% of Chrome users as part of its testing phase. 

This move is a precursor to a broader plan, subject to the UK's Competition and Markets Authority's approval, to extend these restrictions to all Chrome users by Q3 2024. This gradual approach reflects the complexities of balancing user privacy with the needs of the digital advertising ecosystem. 

As the industry navigates this transition, reliance on third-party cookies remains a contentious issue, despite their impending obsolescence. Advertisers are now urged to consider alternative, privacy-preserving solutions sooner rather than later in anticipation of the changing digital landscape

Table of contents:

What Are Cookies?

Why Do Cookies Matter?

What Are the Different Types of Cookies?

How Do Third-Party Cookies Work?

Why Are Third-Party Cookies Bad?

Why Has Google Delayed Phasing Out Third-Party Cookies?

How Does Phasing Out Third-Party Cookies Affect Google?

How Can Publishers Prepare For the Third-party Cookie Phaseout?

Third-Party Cookie Alternatives: Retargeting Without Third-Party Cookies

Final Thoughts

What Are Cookies? 

A cookie is a small bit of data stored as a text file in a browser that allows websites to both track users and customize their browsing experience.

Why Do Cookies Matter?

Website cookies are used for core website functions such as shopping carts, remembering login details, and preferred language and location settings, etc. They are also used for tracking users across websites and devices.

‍What Are the Different Types of Cookies?

There are two types of cookies—first-party and third-party—and both collect personal data. The difference lies in how they are created and used. 

Let's take a closer look.

What Are First-Party Cookies?

A first-party cookie is generated by the website the user is currently visiting. It collects personal data for use within that website.

First-party cookies are used to help websites track your visits and activity, which isn't a bad thing. This data is used and shared internally, and not with other sites. Unlike third-party cookies, first-party cookies will not be phased out.

Many eCommerce stores can use first-party cookies to keep track of your login details, what's in your shopping cart, or store language preferences.

For example, airline companies use first-party cookies to show your last flight searches and dates. These cookies help with improving the user experience and make your internet browsing more seamless.

What Are Third-Party Cookies?

Third-party cookies, which are created by other websites and platforms, are used for ad retargeting and behavioral advertising.

By adding tags to a page, advertisers can track a user across the web as they visit different websites. This allows advertisers to build user profiles based on search habits so they can serve more relevant ad content.

Advertisers use cookies to ensure their ad campaigns reach their target audience. Third-party cookies have long been seen by many as an invasion of people's privacy. Because of this, browser extensions that block both ads and third-party cookies have grown in popularity.

It's now common to see some websites not enable third-party cookies by default, while Chrome allows users to delete cookies stored on the user's browser.

The choice between first vs third-party cookies, therefore, boils down to what type of data needs to be collected.

‍How Do Third-Party Cookies Work?

Third-party cookies track and share user information between multiple websites and are most commonly used by the digital advertising industry to help serve more relevant ads to users.

The cookie syncing process helps to streamline data sharing between websites that may use different ad tech solutions

At a basic level, cookie syncing involves multiple ad tech platforms—including supply-side platform (SSPs), demand-side platform (DSPs), and data-management platform (DMPs)—sharing and matching their data to build a unified profile for each user.

All these platforms use cookies during the real-time bidding (RTB) process. 

How Are Third-Party Cookies Created?

Third-party cookies are generally created by a website or platform that has received a request to provide a third-party service—such as ad serving or live chat—for another website.

Let's say you've visited a publisher that focuses on pets. That publisher may submit a display ad request for the pages you've visited. These ads can then install a cookie on your browser to track which websites you visit.

‍Why Are Third-Party Cookies Bad?

Third-party cookies enable brands and vendors to create user profiles based on their online behavior and activities. Even third-party cookies set by companies the user hasn't even heard of or interacted with are capable of this. Some websites even sell user data to third party data management platforms. Internet users have, over the years, become more sensitive to such unauthorized collection and use of their personal data.

Other than public perception around user privacy, third-party cookies are also becoming increasingly inefficient and ineffective for advertisers to target users and track performance.

Users are now spread across multiple connected devices and use them interchangeably. Third-party cookies find it difficult to bridge the gap between devices and apps, meaning it is very hard to track the full customer journey.

This causes issues with correctly attributing conversions and budgeting to the right channels, ultimately causing resource wastage. It also means users don't enjoy a seamless experience with incorrect or out-of-date cookie data being fed to advertisers. 

Advertisers guided exclusively by third-party cookies receive an incorrect view of performance, with users being counted multiple times.

Why Has Google Delayed Phasing Out Third-Party Cookies?

Google's Privacy Sandbox product director, Vinay Goel, said in a blog post that the phase-out of third-party cookies had been in response to “consistent feedback” from its partners.

Goel said: “While there's considerable progress with this initiative, it's become clear that more time is needed across the ecosystem to get this right.

Developers, publishers, marketers, and regulators have all apparently told Google that more time was needed “to evaluate and test the new Privacy Sandbox technologies before deprecating third-party cookies in Chrome”. 

Google announced its Privacy Sandbox in 2019, with a focus on developing the Federated Learnings of Cohorts (FLoC). FLoC was designed to group people that shared the same browsing interest into cohorts, which could then be shared with advertisers, anonymizing the user in the process.

However, the implementation of FLoC was imperfect and there are ways to exploit FLoC (such as reverse engineering the algorithm) that could still lead to trackers building a unique digital fingerprint of the user.

Google has evolved FLoC into Google Topics, which involves the individual's Chrome browser monitoring their weekly usage before determining a handful of topics that represent their top interests for three weeks. 

While Google's delay is beneficial for both publishers and advertisers still looking for an alternative to third-party cookies, it also benefits the search giant's own bottomline. 

Publift's head of sales and marketing, Ben Morrisoe, said: “The setback in dates gives publishers some welcomed time to find an alternative to third-party tracking. It also shows Google will be looking to make sure they can find something suitable and comparable in performance before ditching the technology.”

He added: “Google has a lot of revenue attached to online publishing, both directly from display advertising and indirectly through their main money printer, search ads. Moving away from cookies before there is a viable alternative would be detrimental to them and the publishing industry as a whole.

How Does Phasing Out Third-Party Cookies Affect Google?

While Google's decision to block third-party cookies has undoubtedly been driven by growing regulatory scrutiny over data privacy issues, this is only one part of the puzzle.

The search giant could strengthen its dominance in the segment, dealing a blow to other digital marketing companies that will have less access to tracking data. Website cookies allow for increased competition in the advertising space, allowing digital firms to collect their own data and sell premium ads based on it.

Though Google will also be losing out on website cookie data, it will still have its troves of user data on individuals that it collects through its several widely used products. 

Without third-party cookies, a good chunk of advertisers will turn to first-party data available in Google's tools, which the search giant could profit from immensely.

How Can Publishers Prepare For the Third-party Cookie Phaseout?

As the digital advertising landscape evolves with the phasing out of third-party cookies, publishers need to prepare for these changes to maintain their online presence and effectiveness. Here are the steps publishers should follow:

Understand the Phase Out Timeline: Stay informed about the schedule and necessary actions to preserve site functionalities.

Audit Cookie Usage: Review and list all cookies on your site, identifying those that require modifications or replacements.

Conduct Breakage Tests: Simulate a third-party cookie-free environment in Chrome to identify and address potential issues.

Transition to Alternative Solutions: Explore and implement privacy-preserving solutions like Cookies Having Independent Partitioned State (CHIPS), Storage Access API, Related Website Sets, and Federated Credential Management API.

Engage in Deprecation Trials: Participate in trials for continued access to third-party cookies for specific non-advertising purposes during the transition period.

Report and Resolve Issues: Use available tools to report any breakages or issues and seek assistance for a smoother transition.

‍Third-Party Cookie Alternatives: Retargeting Without‍ Third-Party Cookies

Third-party cookies are far from the only way to serve ads, which is good news for both publishers and advertisers. Let's take a look at each of the most widely used cookie alternatives.

1. Device Fingerprinting

Device fingerprinting is a technique marketers use to follow potential customers around the internet.

Device fingerprinting will look at the device you use and several other related data points such as your location, time zone settings, plugins, apps, and operating system version. All this allows marketers to track users in a very similar way as when using third-party cookies.

However, Google intends for device fingerprinting to be phased out alongside third-party cookies as part of their Privacy Sandbox initiative. Considering the search giant's intentions, it might be best to look for a different alternative.

2. Universal IDs 

Universal IDs are created by merging multiple sources of a user's identification—for example, email addresses, phone numbers, or even third-party cookies—into a single user identifier. That identifier is then assigned to users to allow for cross-device tracking. 

This results in better available user data and higher ad prices without risking the anonymity of individual users. Universal IDs also allow websites to skip the cookie syncing process, speeding up the user experience of websites and preventing bugs.

There are different types of universal IDs that are being tested in the market, including some that still use third-party cookies as part of their ID.

However, universal IDs such as LiveRamp's RampID are driven primarily by first-party data for their ID. So when cookies are dropped from Google in 2024, universal IDs like RampID will be safe.

Final Thoughts

Various privacy updates, including blocking third-party cookies, will hurt the ability to programmatically retarget users.

However you view it, these new updates will lead to some volatility within the digital advertising industry, with online publishers likely to feel the pinch as advertisers develop new strategies to accurately target website visitors. Reduced targeting means decreased cost per thousand (CPM) rates, resulting in a drop in revenue.

With third-party cookies gone, publishers may be inspired to adapt and launch their own ad solutions. With rich databases of first-party data, publishers and media organizations are well positioned to survive in the cookie-free world.

Publift has helped its clients realize an average 55% uplift in ad revenue since 2015, through the use of cutting-edge programmatic advertising technology paired with impartial and ethical guidance.

If you're making more than $2,000 in monthly ad revenue, contact us today to learn more about how Publift can help increase your ad revenue and best optimize the ad space available on your website or app.

Grow with us

Grow your business with a sustainable, long term partnership. If you're making more than $2,000 in monthly ad revenue, contact us today to boost your revenue with our all-in-one solution.
Laptop screen with web page open

Success Stories