Google has announced that they would eliminate third-party cookies from Chrome. Multi-site tracking cookies will therefore be blocked. Google will offer alternatives that will allow the advertising industry to continue working. However, all this is still under consideration at this stage, so the end of third-party cookies has been postponed. Head down to this blog post to know more.
What is the end of third-party cookies in Chrome?
In 2020, Google announced that they will stop the use of third-party cookies in Chrome within two years.
The American company is thus following in the footsteps of other browsers such as Safari, Brave and Firefox, which already offer the possibility to block this type of cookies.
In reality, not all third-party cookies will be affected. It will still be possible to use solutions (chat, web analytics tools, etc.) whose operations require the suppliers to deposit cookies. It is the multi-site tracking cookies however that will be targeted, particularly those from adtech companies.
Why this decision?
Third-party cookies are one of many tracking technologies provided by third parties – often an AdTech company like Google – that you use on your website to run analytics solutions, marketing platforms and social media integrations.
These tracking technologies allow the third party companies to build up the pools of data they use for their business. By doing so, they facilitate the global tracking of each Internet user’s navigation and a particularly massive processing of personal data. The information collected in this way can then be reworked to deduce centres of interest and communities of belonging.
Tracking is therefore particularly intrusive, and ultimately offers little protection for the privacy of Internet users. Blocking third-party cookies is therefore a feature that is expected in modern browsers.
End of third-party cookies, what does this mean for you?
The end of third-party cookies forms a real threat to adtech companies whose tracking activity has historically been based on data gathered by cookies. Behind this, the entire advertising ecosystem is impacted:
- As an advertiser, it decreases the quality of ad targeting you expect when you run campaigns on the internet.
- As a publisher, the lowering of quality of the ad targeting impacts the revenue you generate from online advertising.
The real challenge is therefore to strike a balance on your website allowing you to use third-party cookies for analysis and marketing purposes, while still giving your users the choice to consent. This choice must be GDPR compliant and transparent.
End of third-party cookies, what alternatives?
The news of the end of third-party cookies has led to an outcry from the advertising industry.
Google is therefore thinking about offering an alternative to third-party cookies. This will be part of a global project called Privacy Sandbox.
Privacy Sandbox is a secure environment for personalisation that also protects users’ privacy. Some ideas include new approaches to ensure that ads continue to be relevant for users, but their personal data shared with websites and advertisers is minimised by anonymously aggregating users information, and keeping much more users information on-device only. This is part of the goal to create a set of standards that are more in line with users’ expectations on privacy.
The Privacy Sandbox will contain various APIs that can be used by advertising players. One of these APIs is the Federated Learning of Cohorts (FLoC). With this project, data will be processed directly on the user’s browser. Google will group these users into “cohorts”, i.e. groups of similar users that advertisers can target for marketing purposes. This means the end of individual advertising ads, in favour of a communication aimed at a group of people who share similar interests.
Google is conducting tests on this technology and regularly reveals the results. In January 2021, for example, they published a blog post announcing a few developments in the Privacy Sandbox.
End of third-party cookies, when?
- The results of the tests launched on FLoC did not convince the market.
- The GDPR compliance of Google’s practices raises questions too. Although the project will concern groups of users, the entity that will proceed the anonymisation of data is Google. This implies that Googles processes personal data.
- The compliance of the system for advertisers is not so obvious either. Is the anonymisation of data real? Or is it possible that the data to which advertisers will have access, can still identify a given Internet user?
- The Privacy Sandbox is also under increasing scrutiny from antitrust and competition authorities. The United Kingdom’s Competition and Markets Authority (CMA) and the European Commission are conducting separate investigations on whether the proposals could cause advertising budgets to become even more concentrated on Google’s ecosystem at the expense of their competitors.
Due to of all these uncertainties, the end of third-party cookies has been postponed to a later date. To be continued.
The end of third-party cookies, and your GDPR compliance in all of this?
Google’s decision to block third-party cookies on Chome, and Apple’s decision to impose user consent to be tracked on their iOs smartphones have led some players to consider alternative technology solutions.
For instance:
- invisible pixel;
- digital fingerprint;
- advertising identifiers, etc.
Other players are also considering discarding behavioural targeting campaigns (which analyse past behaviour to serve ads to prospective buyers), in favour of contextual targeting, based on the content consulted on the Internet.
However interesting these solutions may be, you should keep in mind that they do not allow you to avoid your legal obligations.
As a website owner you must follow these practices:
- Transparency of information. You must inform your users about third-party cookies, who installs them and why, in simple and plain language. How to do so? Via the display of a cookie banner and a dedicated cookie policy.
- Give your users a clear choice to accept or decline all non-necessary cookies.
- Allow your users to give consent to cookies based on their categories.
- Let users withdraw cookie consent any time, and if they do, block the relevant cookie scripts immediately.
In the future, the ePrivacy Regulation should also require browsers to develop features that allow users to freely express their choices about cookies.
Conclusion: the end of third-party cookies on Chrome, a topic to follow
Given the difficulties encountered by Google, the browser will most likely continue to support third-party, multi-site tracking cookies until the end of 2023.
In the meantime, it will be interesting to follow the developments of the Privacy Sandbox project to see what alternatives will be deployed.
Until then, making your website GDPR compliant should be a real priority for you. Whatever cookies your website generates or uses, you need to inform your users about it. A cookie banner is the solution for it.
You can rely on solutions like Admeet to create your cookie and privacy policies and manage your users’ consent, to make sure your website stays compliant with the GDPR.