The growing concern about user privacy has led legislation bodies to regulate the use of third-party cookies.
The end of these cookies will reduce the amount of data collected by advertising platforms and may affect the precision of advertising campaigns.
Definition: What Are Third-Party Cookies?
A cookie is a small file that your web browser stores on your computer (or mobile) when you visit a website. It is associated with the domain name of that website (e.g. eskimoz.co.uk). It has a name, content, creation date, and expiration date.
When you return to the website, the server can query your cookie and read the information it contains, to recognise you. Cookies can be likened to ‘trackers’. They are generally used by websites to collect information about users, improve browsing experience, and offer personalised ads.
The specificity of a third-party cookie is that it can be read even if the browser opens a page with a different domain than the one that deposited the cookie.
What Are the Three Types of Cookies?
- Technical cookies ensure the proper functioning of the website, such as security and video display. Example: a cookie that remembers your preferred language on a website.
- Statistical cookies help understand how you use our website. They collect data on website usage to improve services. Examples: page viewing duration, pages visited.
- Advertising cookies identify the source of your arrival on the website to personalise ads. They include so-called personalisation cookies. Example: a cookie that tracks viewed products to display relevant ads.
What’s the Difference Between a First-Party Cookie and a Third-Party Cookie?
Unlike ‘first-party’ cookies created by the website you visit, third-party cookies are created by other domains. This often happens when websites integrate elements from other websites, like ads, videos, or analytics tools.
According to the ICO, the difference lies in the fact that ‘first-party’ cookies only track the user on the website that places them, while ‘third-party’ cookies can track the user’s behaviour across all websites that include them.
Example of Third-Party Cookies
Suppose you read a news article with an embedded YouTube video. YouTube will place a cookie on your computer, allowing it to know you’ve watched the video and use that information to suggest similar content later. In the image below, the visited website is Fnac, a well-known French store, and third-party cookies are deposited by different domains: ‘doubleclick,’ ‘criteo,’ ‘bing,’ ‘adsrvr,’ etc.
Why Do We Use Third-Party Cookies?
Cookies do not identify you personally but identify your device (e.g. computer, smartphone, tablet) via your IP address and other browsing information.
Personalised Ads
Third-party cookies allow advertisers to track users across different websites. By collecting data on visited pages, viewed products, and content interactions, these cookies help create detailed user profiles. The goal? To offer personalised ads.
For example, if you visit several travel websites, you will likely see travel offers.
Content Personalisation
Third-party cookies help website owners understand how visitors interact with third-party elements like YouTube videos, social media sharing buttons, or comment widgets.
For example, watching an embedded video on a news website can record this interaction, allowing YouTube to know you’ve watched the video and suggest similar content later.
A study by Adobe of over 2,500 marketing executives in 8 countries revealed that 75% still heavily rely on third-party cookies, and 45% allocate at least half of their marketing budget to cookie-based activations.
Why End Third-Party Cookies?
The end of third-party cookies is driven by growing privacy concerns and regulatory compliance requirements. Web browser developers like Google (Chrome), Mozilla (Firefox), Apple (Safari), and Microsoft (Edge) respond to increasing pressure from regulators, privacy advocates, and users.
However, Google has postponed the abolition of third-party cookies several times since the first announcement three years ago. In April 2024, Google announced that their removal would occur in early 2025.
User Data Protection
Third-party cookies allow advertisers to track users across many websites, raising significant privacy concerns. Users are often tracked without explicit consent and without being informed of the tracking extent.
The data collected by third-party cookies can be shared with other companies, increasing the risk of your personal data being disseminated to unwanted third parties.
GDPR: Regulation and Legislation
The General Data Protection Regulation (GDPR), effective since May 25, 2018, imposes strict restrictions on the collection and use of personal data. It requires explicit user consent before any data collection.
How to Respect User Consent?
In the UK, the Information Commissioner’s Office (ICO) is responsible for enforcing data protection laws and providing guidance on the use of cookies. Here are the key points from the ICO regarding cookie consent requirements:
- Explicit user consent is mandatory to place cookies on their computer or mobile; informing the user that ‘this website uses cookies’ is not enough: they must click ‘Accept’ for cookies to be generated
- Users must be able to withdraw or modify consent at any time
- On a consent banner, it should be as easy to refuse as to accept cookies
- Users must be informed of the purpose of the cookies and their origin, especially if from a third-party website (Google, Facebook, etc.)
What Are the Impacts of Third-Party Cookies’ Disappearance?
The end of third-party cookies will not stop advertising but will affect programmatic advertising solutions, known as advertising technologies (‘Adtech’), which profile/target users, personalise ads, and measure campaign performance.
Increased Acquisition Costs
The end of third-party cookies on Google Chrome will decrease the volume of information collected by advertising platforms. Advertisers will have more difficulty targeting users with personalised ads. This can reduce advertising campaign effectiveness and increase customer acquisition costs.
Website publishers relying heavily on third-party cookie-based advertising revenue may see a decline in revenue, as targeted ads generally generate higher revenue than untargeted ones.
Improved User Privacy
Users will benefit from greater online privacy but may also see less personalised ads.
Imagine visiting multiple e-commerce websites. With third-party cookies, an ad company could track your browsing across these websites and show you ads for similar products on each website you visit. After third-party cookies end, this company can no longer track your movements the same way, limiting their ability to target you based on multi-site behaviour.
23% of Marketers Foresee Significant Damage
Adobe’s study revealed that over three-quarters of marketing executives expect the end of third-party cookies to harm their business: 16% said it would ‘devastate’ their business, 23% expect significant damage, and 37% expect moderate negative impact.
The end of third-party cookies marks a major shift in how user data is collected and used. While this transition presents challenges for advertisers and publishers, it also offers an opportunity to develop more privacy-friendly tracking and advertising methods.
How to Replace Third-Party Cookies?
First-Party Data
Third-party cookies can be replaced by using first-party data (collected directly by the websites you visit). They fall into 4 categories that can be easily collected from website users:
- Name
- First name
- Phone
These first-party data can then be sent through properly implemented tracking to relevant advertising platforms when users perform specific actions on the website such as:
- A transaction
- Survey response
- Newsletter subscription
- Resource download
- Account creation
- Form submission
- Loyalty program participation
The advantage is that the data is more precise and reliable.
If you need help adapting your use of third-party cookies, do not hesitate to contact our Data team.
Google’s Privacy Sandbox
In August 2019, Google announced the launch of its ‘Privacy Sandbox’ project, a kind of safe aiming to offer a series of technical solutions to retain advertising functionalities that currently require cookies.
Instead of tracking individuals, this technology groups users into aggregated audience segments (cohorts of users with similar profiles, the FLOCs – Federated Learning of Cohorts). For example sports fans; tech enthusiasts, etc.
’Google decided to abandon FLoC, its alternative to third-party cookies. This method, intended to replace individual targeting with group targeting, raised many data privacy concerns, especially in Europe’ notes Etienne Besème, Head of Analytics at Eskimoz.
‘Google’s “Topics” alternative with its Privacy Sandbox also faces a poor reception from the Analytics community regarding its effectiveness and GDPR and ePrivacy compliance,’ adds the expert.
Contextual Advertising
Contextual advertising involves displaying ads based on the content of the page the user is viewing, rather than their browsing history. Algorithms analyse the page content to determine the type of ad to display.
For example, a page about sports might show ads for sports equipment.
Server-Side Tracking
Reminder: server-side tracking is a web analytics approach where data collected from a website (on the user’s browser) can be processed on an intermediate server before being sent to relevant third-party platforms (analytics tools, ad networks, CRM, etc.).
You can use a third-party platform like the one offered by Addingwell.
Unique Identifiers
‘Unique identifiers’ allow tracking a user through a hashed deterministic data collected during their website navigation. This technique can use the email address or an identifier provided to log into various online services to link these accounts and track the user’s service usage.
Targeting and measurement are extremely precise, with user-level granularity and initial consent ensuring privacy respect and maximum content relevance.
Data Clean Rooms
These ‘data clean rooms’ are secure environments where multiple parties can share and analyse data without compromising individual privacy. First-party data collected by each party (e.g. a website publisher and an advertiser) are anonymised before being introduced into the Data Clean Room as audience segments.
Parties can conduct joint analyses, such as ad targeting or campaign attribution, using cryptography and anonymisation algorithms to extract insights without exposing raw data.
Conclusion
As shown by an eMarketer survey in 2023, industry professionals are divided on how to replace third-party cookies. However, there is a predominant trend towards first-party data and unique identifiers.
Ending third-party cookies aims to limit advertisers’ tracking ability and protect user information. This transition is driven by growing privacy concerns, strict regulatory requirements like the GDPR, and increased user demand for better data protection. En adoptant des méthodes de suivi alternatives et respectueuses de la vie privée, les entreprises peuvent continuer à offrir des expériences personnalisées tout en respectant les attentes et les droits des utilisateurs.
