Third-Party Cookies—and Beyond
Recently, marketers and advertisers are seeing significant changes in the way they place ads online. This is true, especially around third-party cookies.
The changes began with extraterritorial privacy regulations, such as the European Union’s General Data Protection Regulation (GDPR), which strictly regulates how advertisers collect and use personal data. And today, major players in the digital ecosystem prohibit third-party cookies in ad tracking or they plan to do so. Apple’s Safari already banned third-party cookies; Google is currently in a 2-year transition period.
While many marketers and advertisers are starting to think about weaning themselves off of cookies, the truth is that the removal of cookies changes the game for the entire industry. And many are left wondering, “Where do we go from here?”
With that in mind, here’s everything you need to know about third-party cookies and consent as a marketing or advertising professional.
The Difference Between First and Third-Party Cookies
Cookies are pieces of data, normally stored in text files, that websites place on visitors’ computers to store a range of information. They are usually specific to that visitor, or rather the device they are using to view the site, like the browser or mobile phone.
First-party cookies are set by the domain of the site you’re visiting. These cookies’ primary focus is to deliver you an optimal user experience. This means the site remembers your login information, language preferences, etc. Only the host domain can retrieve and read the contents of the cookie once it is sent.
Third-party cookies are set by a domain that isn’t the one you’re visiting right now. These cookies are typically used for online advertising purposes. For example, have you ever searched online for a pair of shoes, and then the next time you read a news article, there’s an ad for those exact shoes?
That isn’t magic. It’s third-party cookie tracking.
(To learn more about cookies, please visit OneTrust’s Cookiepedia.)
The History: Data Privacy Legislation & Third-Party Cookie Blocking
Third-party cookies, while creating a more personalized user experience, also track a lot of consumers’ personal information. And in a world where 81% of people believe the risk of their data being collected by companies outweighs the benefits, some sort of regulation was bound to be put into place to protect people.
These are the major laws and companies that impact the use of third-party cookie use:
GDPR: Though the GDPR doesn’t go in-depth with respect to cookies, it states that cookies are online identifiers that as personal data, and therefore, subject to the law.
Privacy and Electronic Communications Directive (ePrivacy Directive): The ePrivacy Directive, otherwise known as the Cookie Directive, initially instigated the proliferation of cookie consent pop-ups.
As marketers who target individuals in the EU, you’re required to comply with these two regulations following these five standards:
- Obtain user consent before you drop any cookies, except strictly necessary cookies
- Provide accurate and specific information about the data each cookie tracks and its purpose clearly and comprehensively
- Document and store user consent
- Allow users to access your service even if they refuse to consent to the use of certain cookies (i.e., no cookie walls)
- Enable users to withdraw their consent as easily as it was for them to give their consent
California Consumer Privacy Act (CCPA): The CCPA classifies cookies as personal information. While the CCPA doesn’t require businesses to obtain opt-in consent for cookies, it does require them to disclose what information they collect and the purposes of collection. Moreover, where businesses sell the personal collected via cookies, they must inform users of such sales and give them the opportunity to opt-out of the sale of their personal information.
As an advertiser targeting California consumers, you may continue to do cookie matching as long as the user hasn’t opted out.
(Please visit OneTrust’s DataGuidance to read Insights on cookie issues, see the latest news on cookies, consult reports on cookies, and to view the cookie comparison tool, which shows compliance obligations in jurisdictions worldwide.)
Not only is the government getting involved, but now major tech companies are taking cookie tracking into their own hands. And it’s actually making a bigger impact than legislation.
Firefox: In February of 2019, Firefox also blocked all third-party tracking cookies.
The Future of Advertising: Consent
Using third-party cookies tracking was simpler. And it gave you intel that was as good as gold. Advertisers must protect it as such. This means giving consumers the right to opt-in and out of first-party cookie tracking.
Eliminating the third-party cookie tracking process has two upsides:
Fewer prospects, but more relevant ones
These changes can be actually beneficial—they give marketers the opportunity to target people who are more interested in what they offer. If potential customers are willing to opt-in to cookie tracking, that could mean they’re likely interested in what’s on your website.
Personalization will evolve
70% of marketers say personalization has a strong positive impact on customer relationships. And many marketers feel removing third-party cookie tracking severely hindered personalization efforts. But the wonderful thing about marketers is that they’re resilient, and they always evolve.
Not having the third-party cookie tracking available gives advertisers the opportunity to improve the usefulness of data collected and personalization for users for whom they have. And those consumers may have more of an intent to buy.
Conclusion: How to Progress Forward After Third-Party Cookies
Dabbling into the unknown is scary for anyone. But marketers and advertisers should never be afraid of a little challenge. So in order to progress forward, here are the things they should begin telling their clients or their executives about targeting beyond cookie tracking:
- First-party cookies should continue to be a core part of the marketing strategy.
- Start testing strategies that reach beyond cookie tracking.
- Begin trying new targeting models like contextual targeting or keyword targeting.
- If you can’t beat it, join it. Open up to the idea of a safe, honest and transparent internet ecosystem.
- Performance still matters. Sales and conversions should still be the primary objective of advertisers and ad tech companies.
The Importance of Consent and Preference Management
The most valuable component to your work is building trust with the customer through a better understanding of what they want. Including preference management in your strategy can expand options available to customers, enhance the user experience, and reduce opt-outs/unsubscribes. You can show customers that you’re listening to what they want, while also respecting and protecting their privacy.