Google Chrome will wipe out third-party cookies. What’s next?

,

Written by Karolina Matuszewska

Published February 14, 2020

At the beginning of 2020, Google caused quite a stir with its initiative to stop supporting third-party cookies by 2022. Justin Schuh, director of Chrome engineering, explains that move should make it possible to “sustain a healthy, ad-supported web.”

Note

After many delays, on July 22, 2024, Google announced it would not deprecate third-party cookies in Chrome. Instead, it will introduce a new experience in Chrome that lets users make an informed choice about their web browsing, which they can adjust at any time.

Google has also been discussing its new path with regulators and will engage with the industry as it rolls out. The tech giant will also continue working on the Privacy Sandbox API. 

While this decision gives advertisers some clarity, the web has been moving away from third-party cookies for years in favor of more privacy-first technologies. Also, the quality and reach of third-party cookies have been continuously degrading. If users get the option to opt out of tracking, they may additionally contribute to the technology becoming a thing of the past.

Third-party cookies are a powerhouse of digital advertising as they let marketers track site visitors across cyberspace. The tech giant’s decision will impact the entire industry considering Chrome’s 67% market share.

Getting rid of those cookies is part of a bigger plan. It involves reshaping the internet into a more privacy-friendly space. The first step, announced in May 2019, was to introduce features that offer more transparency and provide better protection of individuals’ privacy. But this was a less-focused undertaking and nothing indicated the elimination of the core of online advertising as cookies are.

Today, we’ll talk about how Google envisions the future web and how it influences marketers and site owners.

What’s behind Google’s latest idea?

The strategy to enhance privacy across the web is nothing new. Safari and Firefox already took their position on this subject and started blocking third-party cookies by default.

But Google’s experts think this isn’t the answer, and they’re taking a different approach. They believe the instruments developed by other browsers only foster workarounds, such as device fingerprinting. Alphabet plans to prevent such opaque techniques that further intrude users’ personal space.

If you want to dive deeper into Safari’s solution, take a look at this exhaustive post: What Is Intelligent Tracking Prevention and How Does It Work? [versions 1.0 – 2.3]

At the same time, Google wants a safer ecosystem but one that still enables all players, including Google, to generate revenue from online advertising.

The next two years will serve as a transition phase. The first stage is to gather internet community feedback, design, then test out different mechanisms. One of the key issues is to check how conversion measurement and personalization work without third-party cookies.

Alphabet is encouraging other industry actors to engage and put the focus on privacy safeguards. On the other hand, most probably not everyone welcomes the idea of replacing cookies with the proposed Privacy Sandbox (see the next section).

17 new privacy laws around the world and how they’ll affect your analytics

Read our recap to learn more about and prepare for 17 new and upcoming data privacy laws from around the world.

What is the Privacy Sandbox?

In August 2019, Google introduced an undertaking called Privacy Sandbox that aims to “create a thriving digital ecosystem that is respectful of users and private by default.” It includes a bunch of proposals to set open web standards instead of merely providing new privacy features. Here’s a recap of the key issues.

The project focuses on building a secure environment that enables personalization without using third-party cookies and invading peoples’ privacy. Privacy Sandbox is still in a transition phase since it’s an open solution and Google is gathering industry feedback on the next steps.

Another issue refers to ads that should stay relevant to visitors. However, site owners and advertisers need to minimize sharing of visitor data by focusing on anonymous, aggregated information and keep it on the users’ device.

As for blocking cookies, Google realizes that without a proper alternative to provide relevant ads, not only will publishers lose their main source of revenue, but the Internet in general will be adversely affected. Nevertheless, the tech titan intends to seek a solution that allows for the free access of relevant digital content while better safeguarding people’s personal information.

However, Google admits that the whole undertaking is complex and requires input from many stakeholders. It could take multiple years to reach the final stage.

Chrome’s SameSite cookies

In autumn last year, Google brought news of another step towards improving privacy and tightening security across cyberspace. This involves a new classification system for cookies, as Chrome will change the way it handles them. The official rollout of browser version 80 took place on February 4, 2020.

Website developers while setting cookies need to explicitly label them with an attribute, SameSite. Without this, Chrome will place them into first-party context by default. If you want to use them for third-party access, they must have the attributes SameSite=None; Secure. The additional marker “Secure” means that they will be sent over secure HTTPS connections.

In this way, not only will Chrome recognize whether the cookies are first-party or third-party, but it will also apply a safer connection to migrate them.

What’s more, it will be easier for users to delete them while retaining the first-party counterparts. This may become a source of third-party cookie classification used in the future when Chrome starts blocking third-party cookies by default.

Bear in mind that these rules apply only to Chrome but shouldn’t cause issues with other browsers.

What do these changes to Chrome mean in practice?

We acknowledge that Google’s recent measures might provoke questions about their impact on marketing efforts and also Piwik PRO users. Let us clear up some doubts you might have:

Organizations that base their activities on third-party cookies will face serious challenges as certain actions won’t be possible at all. What, exactly, will stop working?

  • Audience buying based on third-party data
  • Data activation on web
  • Retargeting on web
  • View-through advertising attribution

For more details, we recommend reading this article by Clearcode.

But if your company sticks to using first-party cookies as its main marketing fuel, then you shouldn’t worry too much. These cookies will do the job and keep you on the safe side, delivering measurable benefits even in the face of the changes coming to Chromes.

For instance, Piwik PRO employs only first-party cookies and local storage, and we’ve already addressed Chrome’s new requirements.

To get more precise information on Piwik PRO’s approach to cookies, have a look at our help center here and here.

As to Chrome’s impact, in digital advertising you can still perform:

  • Web analytics. You can track users by cookies within the domain of the website they’re visiting. That’s also possible with Google Analytics, Piwik PRO and other online marketing software using first-party cookie identifiers.
  • Product analytics. Analyzing user journey in digital products is based on a first-party identifier, like a first-party cookie or mobile app identifier generated by the SDK. In both cases, technologies such as Mixpanel or Piwik PRO will work fine despite changes to Chrome.
  • On-site personalization & remarketing. It will be possible to personalize user experience on your website by applying first-party data-based technologies, be it Optimizely or Piwik PRO Customer Data Platform.
  • Retargeting and tracking on iOS and Android. You will still be able to retarget and track users across native mobile apps on iOS and Android using mobile identifiers.
  • Offline data onboarding using emails/phones. You can upload offline data and apply it to Facebook’s Custom Audiences from customer lists without messing up your Google Ads Customer Match.

It’s clear you still have a lot of business opportunities. That’s why you should team up with vendors that operate on first-party cookies.

To read about advantages of first-party cookies, check out our blog post: First-Party vs Third-Party Cookies: Why First-Party Is the Way to Go.

17 new privacy laws around the world and how they’ll affect your analytics

Read our recap to learn more about and prepare for 17 new and upcoming data privacy laws from around the world.

Tech giants aren’t slowing down

Apple made the first move, then Mozilla and Google followed. The privacy race is heating up. The new initiatives are Alphabet’s attempt to address the rising concern about online privacy. This is palpable across the legal landscape, while vendors are introducing more and more adjustments to their browsers to protect peoples’ information.

At the same time, the changes might wreck Chrome’s competition that relies chiefly on cookies and reselling data collected through them. Google not only already enjoys market dominance, but now it’s trying to shape the digital ecosystem by setting its rules, not all of which are clear. We’ll see what the future brings.

We’re keeping a close eye on things, so stay tuned as we’ll be bringing you more news. And if you’ve got some burning questions on your mind about the issues we’ve discussed in this article and how they can affect your analytics, just …