Insights



Cookie 4245030 1920
Dec 25, 2021

What The Cookie!

Chocolate chip, oatmeal, ginger, and web cookies. 30 years ago, no one would have imagined there to be a digital non-edible version of the cookie, but now web cookies are as normal as digital clouds, online trolls, screen swipes, and tweets that do not originate from birds. Most people don’t even know there are multiple types of web cookies, but soon one type of cookie – the third-party cookie – will not be supported anymore on the major browsers. The third-party cookie has been every advertiser’s darling for the past 20 years and has allowed for a revolution in fine-grained ad targeting.

In the beginning of 2021 Google announced that it will phase out support for third party cookies in its Chrome browser. Although Firefox and Safari had already blocked third party cookies in its default settings, Google is taking its time and communicated that the phase out will only happen in a three-month period in 2023. This gives advertisers still some time to adjust strategies and allows consumers to be cautiously optimistic about increased data protection. However, what does all this really mean?

Not so much the delightful treats that bring a content smile on your face, web cookies are tiny text files that are stored on your hard drive or mobile browser whenever you visit a website. These text files only contain data and cannot read any information on your device. They are designed to remember information about your device and track and save information about your website visits. You can delete these cookies at any time; however, this results in losing existing personalized preferences such as login details.

Enhancing User Experience

One of the main advantages for consumers is that cookies enhance web user experience by for instance saving items in a shopping cart, saving login details, and – as for instance Amazon does – presenting you with related products to your searches. Another function of cookies is that they allows websites to recognize the country you are from and will send you directly to the relevant customized country version of the websites you are visiting. They also make filling out online forms quicker by remembering your name and address information.

Personalised Ads and Behavioural Targeting

On the flip side, web cookies are used by advertisers and social media companies to target you with personalised ads that seem to uncannily predict your current interests and wishes. The web cookies used by advertisers can track your journey on the internet and record not only the websites that you visit, but also the times you spent looking at certain pictures, your search enquiries and much more. All this information is compiled into a personalised profile and used to present you with specifically targeted ads.

Different Types of Cookies

There are multiple types of cookies, but the most common ones are first-party and third-party cookies. First-party cookies are directly set and stored by the website that you visit. These cookies are mostly used to enhance user experience as discussed above. Third-party cookies are not created by the website that you are visiting, but are set by a third-party server or loaded on the website via third-party code. These cookies track users between websites and enable personalised ads and behavioural targeting. Websites subscribe to these kinds of cookies in the hopes of increasing website visits and sales.

The Issues of Data Protection

The General Data Protection Regulation that came into force in 2018 ensures the protection of personal information. One of the immediate consequences of this regulation was the universal appearance of the cookie consent banner on every website. Websites are only allowed to collect personal data from users (including IP-addresses, Fingerprints, E-Tags) if the user has been properly informed about what happens with their data and has been given the possibility to refuse. This required consent applies to most first-party cookies and to all third-party cookies. Only strictly necessary cookies are exempt from the requirement for consent, even though what they do and why they are necessary must be explained in privacy policy of the website. The implementation of this regulation marked the beginning of the end for tracking cookies, as it became more widely known how invasive these cookies really were.

Same but Different

With third-party cookies soon being something of the past, many dystopian consumers fear and many advertisers hope that they will just be replaced by something else that will still allow for targeted advertising. Several of such possible replacements are described below.

First-Party Data

It should not be forgotten that first-party cookies will not be banned from browsers. This means that brands can optimize their costumer data platform (CDP) and better leverage the first-party data collected from their own websites, social media, and real customer contact. There are also many cloud-based CDPs available that do the collecting, unifying and analyzing of a brand’s first-party data, resulting in more complete individual profiles based on all the data that the brand collects.

Contextual Targeting

An old, but effective, way to ensure ads are viewed by the right target audience is to attach specific keywords to the ads and only have those ads placed where those specific keywords are abundant. If a brand sells sport socks, then with the right keywords the ads will only appear on websites that are sport related. This just requires the marketing professionals to know their target audience very well.

Walled gardens

Advertisers can optimize and expand their presence in closed ecosystems such as ecommerce and social media platforms (think of Google, Amazon, facebook). These walled gardens are personal data treasure troves and will continue to be used for targeted advertising on those platforms. Because individual websites will still be able to collect a treasure of information from their visitors through first-party cookies, these walled gardens remain extremely effective ad publishers.

Google’s Privacy Sandbox

When Google announced that it would phase out third-party cookies, it also advertised its Privacy Sandbox as the alternative to use. In the Privacy Sandbox cookies are replaced by several APIs that advertisers can use to receive data about their ads (such as conversion rates and attribution). Instead of third-party cookie tracking, a user’s online activity is analyzed within the Chrome browser and then assigned to groups with common interests without identifying any specific user. Of course, all this cohort information will be completely Chrome controlled and even though there will no longer be any more individual profiles, tracking and profiling is still used to allocate a user to a group.

Universal IDs

This solution is often touted as a major contender for replacing third-party cookies. A Universal ID is a common identifier that can be created with first-party data and used by different platforms across the web. This ID is only created after some form of authentication and consent; for instance, through signing up to a publisher’s website with an email address or phone number that is subsequently hashed. The information associated with the Unique ID is then shared with the network of partners that have signed up to the ID service provider. Of course, this solution only works if publishers are willing to use the same ID service provider, otherwise the user data will be rather limited.

Will Google Become Zeus?

It seems any fear that advertisers will lose large chunks of their digital advertising spending to waste coverage due to ads not reaching their target audience, is probably exaggerated. There are many solutions in the pipeline, including many that have been available for long before the looming death of the third-party cookie. Of course, the giant walled gardens will continue to thrive anyway, and it remains to be seen whether Google will upgrade its status even further if indeed their solution comes out as the winner. Until then it will pay for any advertiser to reassess their ad targeting solutions and in the meantime beef up on first-party data collection.


Written by Aisha N. van der Staal and Gregor Wepper