If you’re someone with an eye on digital marketing or tech-related news, it’s likely that Google’s recent announcement setting out “a path towards making third party cookies obsolete” won’t have escaped your attention.
If you’re a marketer, on hearing the news perhaps you were filled with dismay - doesn’t everything we do rely on cookies? You may have even gone down a rabbit hole trying to find answers and ended up lost in a boggling array of technical terms like ‘fingerprinting’ and ‘cross-site injection’.
Well fear not, we’re here to demystify the wonderful world of cookies, what the forthcoming changes are all about, what the implications for your brand might be, and what action you might need to take. Let’s start with the basics:
What exactly is a cookie again?
A cookie is just a small piece of data, usually a text file, that’s sent by a website and stored by a user’s web browser. They can be very helpful, for example when returning to a website you’ve visited before, a cookie can help the site to ‘know’ who you are and make your interaction smoother.
As cookies have become more sophisticated, they’ve become an essential part of the machinery of digital marketing. Nowadays, they’re commonly used to track browsing habits across the web, store preferences and build profiles based on users’ interests. These cookies are known as third-party, because they are created by a different site to the one the user visits (which is the first party). The classic example is retargeting - once you’ve shown interest in a product online, if the Digital Marketing team is worth their salt, you’ll then see ads for it follow you around, whether you’re checking your email or flicking through cat videos on YouTube.
All of this has led to some concerns about the intrusiveness of cookies and ultimately to the (sometimes dreaded) EU privacy law known as GDPR…
What does the law require?
This message appears because the GDPR (General Data Protection Regulation) legislation requires your consent to be obtained before anything but strictly necessary cookies are used. The law also states that specific information must be given about the data tracked by each cookie, access to services must be allowed even if users refuse certain cookies, and it should be easy to withdraw consent.
Despite this, many sites still track users without consent, don’t give the option to reject tracking, or use sneaky tricks like pre-ticked boxes or burying the decline button multiple clicks away. Although they’re still fairly common, make no mistake, brands adopting these approaches are risking hefty fines from the regulator.
What have Google announced?
With so many websites failing to meet minimum requirements, the tech giants have taken matters into their own hands. Chrome dominates web browser market share, so it’s no surprise that the biggest waves were made when Google announced that, within two years, third-party cookies will be blocked.
In fact, third-party cookies have also been banned by Apple, Microsoft and Mozilla, all of whom have recognised that their users are demanding greater privacy, transparency and control over how their data is used, and have decided that the cookies have, ahem, exceeded their shelf-life.
What does that mean for brands?
No need to panic! For the next couple of years change will be gradual, and in the longer term, this doesn’t mean that brands can’t collect data.
First-party cookies will remain and instead of those invasive third-party tracking cookies, Google is aiming to put a new set of solutions in place to cover what they’re currently used for. They’re in active communication with publishers and ad tech partners, and both they and other browser makers have proposed new technologies to make interest-based targeting easy, keep people anonymous, and let marketers know if their ads actually converted. Based on the existing proposals from Google, retargeting will continue to be an option, albeit in a different form that alleviates privacy concerns.
As for Google themselves, along with the likes of Facebook, they run on first-party cookies so broadly speaking are unaffected by these changes. Since they don't deem their own data to be third party, they can continue the big business of serving ads (for example on Google.com and YouTube.com) in much the same way. Shocking, we know.
What immediate steps should I take?
Talk to your agency partners!
First thing’s first – are you compliant with the current cookie law? If not, whoever looks after your website is the place to start. Cost-effective cookie consent management solutions are available which can be applied to websites easily, so why risk falling foul of the regulator?
If your website is up to date, you can start to think about what’s coming along. Your agency should be able to advise where you’re currently making use of any third-party cookies (if at all), and they’re probably in conversation with their ad tech providers about how they in turn are working with Google to adapt to the changes.
How should I prepare for the future?
Ultimately, now is the time to start testing new strategies that leave third-party cookies behind. As we move into this new world, it will be a challenge for brands who don’t hold adequate first-party data. There are plenty of models available right now that aren't reliant on third-party cookies, in addition to first-party cookies on-site, it’s predicted that email will play a significant part in cross-channel targeting and measurement. Likewise, brands should consider providing customers with better integrations to connect with first-party cookie advertising channels such as Facebook, Google and LinkedIn. Naturally market leaders will also be forging ahead with increased use of AI to drive results.
Beyond the purely technical, it’s a good opportunity to revisit tried and tested measurement methods for campaigns such as brand tracking, which can be done far more efficiently than ever before. That brand uplift study marketers dream of, but all too often proves too much of a stretch for budgets, may now be within reach.
Although Google have set out a timeframe of two years, other browsers (such as Safari) are already blocking third-party cookies, making it tougher to measure results, so the time to look at replacement strategies is now. The upshot should be that marketing data gets cleaner and more dependable, which is what we all want, right?
In the long term it will provide a more transparent ecosystem for all, and we can look forward to deepening relationships with consumers in a more privacy-friendly advertising future.