How The Cookie Crumbles: What You Need To Know About Google Removing Third-Party Cookies
In June of 2021, Google announced that by late 2023, they will no longer support third-party cookies on their Chrome web browser. The move that was originally scheduled for January 2022 has been pushed due to growing concerns about the advertising industry’s ability to make the necessary adjustments for this shift.
For many reasons, this is huge. The removal of third-party cookies changes the way businesses and advertisers all over the world target and engage with their audiences as well as how the data from billions of Google users (you and I included) are used by businesses.
With that said, there are a number of moving parts within this story. So here is a rundown of what you need to know about Google’s removal of third-party cookies. We’ll quickly go over:
- What are Cookies?
- What’s the difference between third-party cookies and first-party cookies?
- Why is Google doing this?
- What is Google going to do in place of third-party cookies?
- How can advertisers prepare?
First Off, What’s A Tracking Cookie?
Cookies, the tiny bits of code left on your devices by website, are what advertisers and businesses used to record user data to then be used for an array of applications.
There are three main types of tracking cookies, each with very specific goals: Session, Persistent (First Party), and Third Party. While there are other kinds of cookies, these are the most common.
Session Cookies
Session cookies are placed on your computer by the websites you visit to remember the short-term actions you take so the sire can function properly. Kind of like RAM memory for a computer, these cookies are deleted as soon as you leave the website.
Session cookies are what allow e-commerce sites the ability to remember what all is in their cart after hours of browsing different products. Without these kinds of cookies, your cart would be emptied every time you went to a different page within the site.
Persistent Cookies (AKA First Party Cookies)
Persistent Cookies, commonly referred to as permanent cookies, stored cookies, and first-party cookies, are lines of code placed by websites you visit to remember previous actions and settings for when you leave and return to a site. You can think of them as a website’s long-term memory.
Persistent cookies are built with expiration dates of a couple of years and are what allow users to return to a site without having to log in or change settings made on the first visit, such as language, theme, and other settings.
Third-Party Cookies
Third-party cookies, often referred to as tracking cookies, are lines of code left on your devices by parties not directly affiliated with the website the user is visiting. The primary goal of these cookies is to track your activity and behavior as you travel from the site. Information gathered by third-party cookies includes your name, age, location, search habits, and more.
Third-party tracking cookies are what allow advertisers to show you ads from sites you’ve previously visited. The companies who use these kinds of tracking tools are also able to sell the information they scrape to other buyers often without the consent of the users themselves.
What’s Wrong With Third-Party Cookies
Not only are they intrusive on their own, data from third-party cookies are pooled together by large advertising companies to create very detailed profiles on every individual on the internet. By knowing what sites you visit, how often, and what you do on them, Google and other companies are able to make a pretty good guess on what you’re into and what you do to show you highly targeted ads.
And while tailored ads may sound like a good thing to some, that information used to make is incredibly valuable, private, and sensitive. The lack of ownership and control internet users have on this information has prompted much criticism and legislation from governments around the world, which is most likely a huge factor determining Google’s decision to finally pull the plug.
The End Of Third-Party Cookies
In part as a response to the growing criticism of third-party cookies, Google launched a privacy initiative known as The Privacy Sandbox.
As part of this initiative, Google has announced that by the end of 2023, their Chrome web browser will no longer support third-party cookies, meaning companies who use them to track and store user data will no longer be able to do so. (Although, do keep in mind this is by no means the end of tracking all together. There is a handful of other tracking tools available to the public.)
It’s important to note that a web browser pulling the plug on third-party cookies is not unheard of. Firefox did this very thing back in 2019, as did Safari in 2017, and recently beefed up its cookie blocking power this year.
Why it’s such a big deal now that it’s Chrome’s turn to terminate third-party cookies is due to the fact that the browser accounts for 65.27% of internet users worldwide. This also creates huge waves in the greater advertising industry as Alphabet’s Google advertising arm is expected to account for 29% of digital ad spend globally.
What The FLoC? Google’s Third Party Cookie Solution
So if that means no more tracking? No more targeted ads?
Not quite.
Google has what they say is a solution to the privacy problem brought on by the precision of third-party cookies known as a Federated Learning of Cohorts (FLoC).
Basically, instead of tracking data from individual users, Google FLoC will target groups of users, called cohorts. The identity of individual users will be hidden under a shared cohort ID. These pools of users are assumed to share similar data points such as interest, activities, and location. (Google hasn’t confirmed the exact list of identifiers that determine cohort members.)
With beta testing still underway, there are still many questions as to what the rollout of Google FLoC will mean for the advertising industry and user privacy as a whole. We won’t know how it goes until after they’re live in 2022.
What’s a FLEDGE?
FLoC isn’t the only Privacy Sandbox solution shaking things up in the digital ad world, First Locally-Executed Decision over Groups Experiment (or FLEDGE) is another privacy initiative being rolled out by Google.
What FLEDGE aims to do is limit the amount of user data being transferred from server to server when conducting ad bids. Google will instead conduct the bidding process within the browser within the user’s device by utilizing a “trusted server” designed to store data on a campaign’s bids and budget.
Google has yet to reveal any critical details as to what this “trusted server” will look like or what makes it safe, but plan to make a beta available for testing sometime this year.
What Does The End of Third-Party Mean For Advertisers and How Should They Prepare?
While the FLoC and FLEDGE system works great for Google, it’s not perfect, since no other web browser has confirmed that they will support Google’s FLoC solution and will continue to block third-party cookies.
Without being able to lean on third-party data, advertisers will need to rely on leveraging their first-party cookie data to continue creating personalized experiences and messages to their target audiences. If your business hasn’t already begun to maximize first-party data collection, now is the time to get started.
With comprehensive first-party data collection from your own sites, companies can make the most of Google’s new targeting tools, as both FLoC and FLEDGE rely on first-party data for cohort creation. They can also use their own first-party data to be compared with Google’s first-party data collected from Youtube and Google Search to help target the right audience.
With other browsers doing away with third-party cookies years ago, there have been a number of non-Google shared identity and first-party-based solutions in the works for some time from companies such as Segment and Hubspot, among others.
More Privacy For The People, Or More Power For Google?
With many questions left unanswered as to what this shift will actually look like, most agree that this will not be the end of the internet advertising industry. But perhaps one of the biggest concerns is whether or not this is a true push for consumer privacy or another power grab from Google, since their solutions keep them behind the wheel and allow them access to more data than any other party.
What’s more, removing cookies is not a silver bullet for preventing data abuse. There are many workarounds to tracking users from site to site without using any kind of cookies such as fingerprinting and or use of super and flash cookies.
Whatever The Case Is, We’ll Be Alright.
No matter what stance you take on Google’s intentions, the removal of third-party cookies is undoubtedly a step in the right direction on a privacy front. With some proper proactive planning, (and perhaps a little help) advertisers and businesses can adapt to this ever-changing advertising ecosystem.