Browse Definitions :

Getty Images/iStockphoto

The death of third-party cookies: What marketers need to know

Marketers need to revisit their marketing strategies now before third-party cookies disappear forever. Here's what you need to know.

Cookies have enabled the growth and success of many marketing and sales efforts across the internet.

In the physical world, marketers rarely -- if ever -- knew exactly how many people actually looked at an advertisement. But internet cookies have enabled marketers to identify if a user has previously visited a site, along with other customer data points.

Cookies have also enabled marketers to deliver more targeted and relevant ads to users. Instead of a generic display ad, cookies can enable delivery of ads that are more attractive to specific users.

Advertisers have relied on third-party cookies since the 1990s. But third-party cookies in the marketing landscape may soon come to an end, due to security and privacy concerns.

What are third-party cookies?

A cookie is a small amount of data that is stored in a user's web browser. It can track if a user has visited a website before, login information or other user behavior attributes. Cookies can also improve user experience and collect a limited amount of customer data.

For web browsers, there are two foundational types of cookies: a first-party cookie and a third-party cookie.

A first-party cookie is set and accessed by the same website the user is visiting. It is also sometimes referred to as a SameSite cookie. First-party cookies help with personalization for the specific site a user is visiting.

A third-party cookie is set and accessed by a different entity than the local domain or website the user is browsing. A third-party cookie can help to track users across multiple sites to better understand user behavior beyond a single site. Marketers and social media platforms often use third-party cookies for advertising purposes.

First-party cookie vs. third-party cookie graphic
Here are the differences between first-party cookies and third-party cookies.

Google postpones death of third-party cookies

While third-party cookies are a good thing for marketers, the same cannot be said for user privacy. Third-party cookies have long been viewed as a tracking mechanism that can potentially violate user privacy.

While generally safe, third-party cookies could potentially represent a security risk. For example, there could be user risk if the cookie is not properly secured, if data includes personally identifiable information or if the data is shared without authorization.

In August 2019, Google announced a plan to block and disable third-party cookies in its Chrome browser. Then in January 2020, Google's Privacy Sandbox project was unveiled. The intent was to bring in a more privacy-sensitive approach than third-party cookies. At that point, Google expected to declare third-party cookies dead by 2022.

On June 24, 2021, Google gave third-party cookies a stay of execution. The transition to a different technology wouldn't be complete until at least 2023. The delay was due, in part, to an ongoing investigation by the European Union into Google's advertising activities. The United Kingdom's Competition and Markets Authority is also investigating Google's Privacy Sandbox plans.

Why businesses need to create a new marketing strategy now

To comply with privacy regulations -- including General Data Protection Regulation and California Consumer Privacy Act -- website operators have had to identify when third-party cookies are used and ask users to allow them.

The need to allow cookies creates a friction point for some users when they don't allow cookies. Without cookies, marketers may not be able to accurately deliver targeted digital advertising. So, even in the absence of an outright ban on third-party cookies, users need to opt-in to allow them, which not all users will do.

There is also a growing use of ad blockers inside browsers, including Google Chrome. Ad blockers often rely on blocking third-party cookies to be effective.

It's no longer a good strategy for marketers to rely on third-party cookies, as they did during the early days of the internet. It is necessary for marketers to have an alternative online advertising and marketing strategy.

Alternatives to using third-party cookies graphic
Instead of using third-party cookies, here are some alternatives to help with targeted advertising.

Alternatives to third-party cookies

There are alternatives to third-party cookies that can help with online marketing efforts.

One of the primary hurdles behind the death of third-party cookies is the delay in Google's suggested replacement, known as Federated Learning of Cohorts (FLoC). FLoC's premise is that privacy can be protected by clustering groups of users together by interests. It would hide individual users and enable advertisers to reach an appropriate audience. FLoC is positioned by Google as a potential industry standard.

However, FLoC isn't the only alternative to third-party cookies. Here are some others:

  • First-party cookies. While third-party cookies may not be around for long, there is no indication that first-party cookies are going away. With a first-party cookie, the origin site can still collect and understand customer data that it can use to improve user experience.
  • Zero-party data. The concept of zero-party data is one where users voluntarily provide information to a site or platform.
  • Identification (ID) providers. With ID providers, users opt into a service, giving permission to provide information about themselves to marketers. There are also ongoing efforts to develop email address-based identity associations known as unified identifiers (UID 2.0). This would help users opt into an approach allowing marketers to identify some of their activities.
  • Device fingerprinting. This method enables a site operator or marketer to collect information about a user's device or browser. device fingerprinting makes it possible to profile a device and its usage for more targeted marketing.
  • Contextual targeting. Also known as contextual marketing, this approach relies on the context of the site the user is visiting. For example, if a user is on a site searching for a keyboard, they will be shown advertisements about keyboards.

Read more on tips for creating a personalized marketing strategy here.

Dig Deeper on Internet technologies

SearchCompliance
  • ISO 31000 Risk Management

    The ISO 31000 Risk Management framework is an international standard that provides businesses with guidelines and principles for ...

  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

SearchSecurity
  • Twofish

    Twofish is a symmetric-key block cipher with a block size of 128 bits and variable-length key of size 128, 192 or 256 bits.

  • walled garden

    On the internet, a walled garden is an environment that controls the user's access to network-based content and services.

  • potentially unwanted program (PUP)

    A potentially unwanted program (PUP) is a program that may be unwanted, despite the possibility that users consented to download ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
  • Remote Direct Memory Access (RDMA)

    Remote Direct Memory Access (RDMA) is a technology that enables two networked computers to exchange data in main memory without ...

  • storage (computer storage)

    Data storage is the collective methods and technologies that capture and retain digital information on electromagnetic, optical ...

  • storage medium (storage media)

    In computers, a storage medium is a physical device that receives and retains electronic data for applications and users and ...

Close