We all have seen pesky popups that appear on our screens when we open most websites. They are permission for cookies, which we often accept or reject without even reading. They are kind of important because in a way, they determine your online experience as we see ads based on those cookies – more on that later. But for now, we should take a sigh of relief as those pop-ups will not appear as frequently as before because the end of third-party cookies is here, almost.

What are these cookies?

source

Cookies are small text files that sites store on a user’s device (computer, tablet, or smartphone) through the web browser. These files contain bits of information about the user’s interactions with a website, such as login details, preferences, and browsing behavior. Cookies can be used to improve our browsing experience by personalizing the website content, remembering our settings, and making it easier to navigate the site.

Let’s understand how data is stored in the form of cookies.

Let’s say a user is on a travel website looking to book a hotel. As the user browses various hotels, some of the information they enter (for example, specific dates, room type, or hotel location) is temporarily stored in the form of cookies. If the user books a room, the session cookies retain this data until checkout.

If a user has an account and they log in to it, cookies store their login information and preferences, like their preferred currency or saved destinations, allowing for a faster and personalized experience on future visits.

If the user starts a booking but doesn’t complete it, a persistent cookie can save this partial booking. When the user returns to the site, they’ll see their previous selections in the cart, helping them pick up where they left off.

The booking website might also use another type of cookies from ad networks to track the user’s visit. Later, when the user visits other sites, they might see ads for hotels in the destination they viewed, as these cookies help advertisers retarget based on the user’s previous interactions.

Types of cookies

Websites use several types of cookies, each serving a specific purpose. Overall, they have one basic function – store users’ information for a better experience on the website or on the internet. Here’s a breakdown of the most common types of cookies:

1.  First-Party Cookies

These cookies are created and stored by the site the user is directly visiting. They are typically used to enhance user experience on that site alone, remembering settings or login information. For example, first-party cookies or first-party data collection is when you log into a website like Gmail. Here, a first-party cookie saves your login session, allowing you to navigate between pages without needing to log in repeatedly.

2.  Second-Party Cookies

Second-party cookies are essentially first-party cookies shared directly between two trusted entities. In this setup, company A collects user data from its website and then shares that data with Company B. This sharing occurs only under an agreement, where both parties have permission and a direct relationship with each other. For example, an airline’s website might collect data on user travel preferences (such as preferred destinations and dates) and share it with the hotel chain. The hotel chain then uses this data to offer tailored promotions to users, like discounts on hotel stays.

3.  Third-Party Cookies

Third-party cookies are generated by domains other than the one you’re visiting. They’re often placed by advertisers to track user behavior across different sites, allowing them to build profiles and serve targeted ads. For example, if you visit an e-commerce site, like Amazon, and then see an ad for the same product on another website, it’s likely due to third-party cookies tracking your behavior and displaying related ads across the internet.

4.  Session Cookies

Session cookies are temporary and only last as long as the browser session. They store information temporarily and are automatically deleted once you close the browser. For example, on an online shopping site like Walmart, session cookies keep track of the items in your cart as you browse. If you close the browser without checking it out, these items disappear from your cart.

5.  Same-Site Cookies

These cookies can only be sent in requests originating from the same website that set the cookie, which helps prevent cross-site request forgery attacks. They are often used to improve security. For example, Google uses same-site cookies for services like Gmail to restrict data access only to requests from within Google, enhancing security by preventing other websites from using your login session.

The end of third-party cookies

Since long, third-party cookies have been used to track user behavior across different sites, enabling targeted advertising and personalized experiences. So, it is natural to wonder why there are now talks to stop doing that.

The extensive use of third-party cookies by websites made data privacy in marketing a big concern among users and lawmakers. The movement to phase out third-party cookies gained significant momentum in 2020 when Google announced its intention to deprecate them in its Chrome browser. This decision marked a turning point, as Chrome is the most widely used browser globally. This transition was forced due to increasing concerns over data privacy and the growing influence of privacy regulations.

For example, laws like the GDPR (General Data Protection Regulation) in the EU and the CCPA (California Consumer Privacy Act) have put strict requirements on how personal data is collected and shared. Third-party cookies, which track users across websites to build detailed profiles, became a focal point of these laws as they often lack transparent user consent.

If Not Third-Party Cookies, Then What?

Digital marketing without cookies is an unimaginable scenario. Advertisers have been using them for years to market their products to target users online who are likely to become their customers. Third-party cookies have long been the backbone of behavioral targeting, allowing marketers to track users across websites and build detailed profiles for delivering highly personalized ads.

So naturally, with the phasing out of third-party cookies, they are now forced to look for alternatives to third-party cookies to collect data and find their target audience.

In the absence of third-party cookies, advertisers can adapt by switching to alternative and more personalized marketing strategies to collect user data and deliver relevant ads to their audience. Let’s look at some of these strategies and how these can be integrated into marketing for a more personalized yet privacy-conscious, web experience for the users.

1.  Zero-Party Data Collection

Zero-party data is the data that customers intentionally share with a brand, often through surveys, preference centers, account settings, or interactive content. As third-party cookies are phased out, zero-party data offers marketers an effective alternative that respects user privacy while still allowing them to gather valuable insights for personalized marketing.

A zero-party data example could be the information gathered by a brand by creating a preference center on its website where users can control and specify what information they want to share and what kinds of promotions they’d like to receive.

2.  First-Party Data Collection

First-party data is information gathered directly from users on a brand’s own website, app, or other owned channels. For example, e-commerce companies can collect data on user preferences, purchase history, and behavior on their site to personalize recommendations or tailor email campaigns. By asking users for explicit consent, companies can use this data for targeted advertising without third-party cookies.

To effectively collect and leverage this information, websites need to have CRM systems for first-party data. These include form and survey integration, cross-channel data capture, social media and web integrations, preference and consent management, content personalization, etc.

3.  Contextual Targeting

Contextual targeting is a privacy-conscious data collection technique that involves displaying ads based on the content of the site or page a user is currently viewing rather than their browsing history. For example, on a travel website, users might see ads for luggage, travel insurance, or hotel deals based purely on the site’s travel-related content instead of the user’s past web activities.

4.  Google’s Privacy Sandbox

Privacy Sandbox is Google’s initiative to replace third-party cookies that limit user tracking while still enabling advertisers to reach audiences effectively. The Privacy Sandbox proposes various technologies, such as Topics API, Fenced Frames, Private Aggregation, and Protected Audience, to replace third-party cookies.

1. Topics API: It replaces individual user tracking with interest-based advertising. In Topics API, the browser categorizes users into broad interest topics (e.g., “fitness” or “travel”) based on their recent browsing history without tracking specific behavior on individual sites. Advertisers can target ads based on these topics without learning about specific users.
2. Fenced Frames: This API isolates third-party content within a website, limiting the data they can access about the user.  This prevents cross-site tracking and protects user privacy.  For example, a news website embeds a video from a third-party platform within a fenced frame. This limits the third-party platform’s ability to track the user’s browsing behavior across other websites.
3. Private Aggregation: It aggregates user data across multiple websites to analyze trends and insights. This preserves individual privacy while providing valuable information to advertisers and developers. For example, multiple websites can use this API to collect data on user preferences for a specific product category (e.g., smartphones). This data is aggregated and anonymized, allowing advertisers to understand broader trends without compromising individual privacy.
4. Protected Audience: It allows advertisers to reach specific user segments without knowing their individual identities. This ensures privacy while enabling targeted advertising. For example, an advertiser who wants to target users who have previously shown interest in a particular brand can use Protected Audience API to create a private audience of these users without revealing their specific identities.

5.  Second-Party Data Partnerships

In second-party data partnerships, brands can partner with their trusted businesses to share their first-party data, expanding their data pool and insights while avoiding third-party networks. For example, an airline and a hotel chain could share anonymized first-party data to understand mutual customer interests, allowing them to cross-promote services (like flight and hotel packages) without third-party cookies.

An example of this collaboration is something done by Dunkin’ Donuts and the navigation app Waze. The two companies entered into an agreement where Waze allowed its users to place a Dunkin’ Donuts order directly in the app and then pick it up from their nearest location of the food franchise.

Source

6.  Engagement-Based Ads

Advertisers can also leverage engagement data from their own sites or apps to display relevant ads to users based on past interactions. For example, if a user engages with product pages for winter clothing, that behavior can inform future ads for similar products on the same platform or within that brand’s ecosystem.

7.  User Consent and Transparency

User consent in data collections has become integral as third-party cookies are gradually sidelined. It is important for websites to obtain explicit consent from their users for data collection and be transparent about data practices to build trust. Sometimes, these permission pop-ups irk users, making them bounce off the website.

To address this problem, websites can use simple language on these pop-ups and clearly explain to the users how each type of cookie benefits the user. For example, “These cookies help us remember your preferences” or “These cookies help us improve our website by analyzing usage data.” They should also provide clear “Accept All” and “Reject All” buttons for users who want a quick choice.

Source

Conclusion

The gradual end of third-party cookies has pushed advertisers to develop more privacy-focused strategies that foster direct relationships with users. The future of data in advertising lies in prioritizing transparency and consent for data collection and behavioral analysis. The strategies mentioned in this blog work together to create a more private web experience where users can browse and interact with websites without being constantly tracked.