Navigating Chrome's Block on Third-Party Cookies

Bye-Bye Browser Cookies

Google’s browser Chrome was sort of the last haven for third-party cookies, but it’s soon going to join other major browsers like Safari and Firefox in blocking them.

It’s been a long time coming. Google pushed the phase-out previously so the industry could prepare, but this time, it’s committed to a timeline.

According to Privacy Sandbox, Chrome will block third-party cookies for all users by the end of 2024.

(Note: Since this article was published, the timeline has been extended to early 2025).

What are Third-Party Cookies?

No cookie blog is complete without a primer on what third-party cookies are so let's break down the basics.

Third-party cookies are small text files placed on a user's browser by a website domain different from the one they are currently visiting.

These cookies serve a variety of purposes, including:

• Targeted advertising: Tracking user behaviour across multiple websites to deliver personalised ads based on interests and browsing history.
• Cross-site retargeting: Showing ads for products or services a user has previously viewed on other websites.
• Website analytics: Gathering data on website traffic, user interactions, and demographics.

Why is Chrome removing browser cookies?

The primary reason for Google Chrome's decision to deprecate third-party cookies is concern about online privacy.

Key issues include:

• Opaque tracking: Third-party cookies enable cross-site tracking that often happens without a user's clear awareness or consent.
• Data concerns: The data collected through these cookies can be used to build detailed profiles of individuals, raising concerns about responsible data use and potential misuse.
• User control: The current system offers limited options for users to control how their data is tracked and used.

How will cookie deprecation impact businesses?

The deprecation of third-party cookies in Chrome is going to have a significant impact on businesses heavily reliant on these cookies.

Some key areas that will be impacted are:

Advertising

• Disrupted Ad Targeting: The ability to deliver highly personalised ads based on cross-site browsing data will be reduced.
• Less Effective Retargeting: Retargeting campaigns may become less accurate, potentially lowering conversion rates.

Measurement

• Attribution Challenges: Measuring the effectiveness of marketing campaigns and attributing conversions to specific channels will become more difficult.
• Incomplete Analytics: Website analytics data may become less comprehensive, making it harder to gain insights into user behaviour and website performance.

Functionality

• Website Experience: Websites that rely on third-party platforms to provide a service (like a third-party iframe) that use third-party cookies may experience disruptions in the form of breakages or loss of functionality.

What Can Businesses Do?

Safari and Firefox have been blocking third-party cookies for several years now with Safari introducing the default block in 2020 and Firefox even earlier, in 2019.

The more advanced advertisers, publishers, and technology businesses have all created solutions to mitigate the disruptions caused by Safari and Firefox. However, perhaps the impact hasn’t been as widely felt because Google Chrome's global market share of 66% dwarfs those of Safari and Firefox, at 18% and 3%, respectively (according to Statista Feb 2024).

Once again, the entire ecosystem is experiencing change, but this time on a much larger scale. Despite the challenges, many businesses will see this change as an opportunity to future-proof their products and services.

There are several initiatives that businesses can start working on today to manage disruptions these changes will bring about.

1. Enhance first-party data capabilities

If data is the new oil, then first-party data is the new lithium (I personally dislike both these analogies, but I have nothing else).

If you can collect and store first-party data – like names, contact information, etc. in a privacy-safe manner, then you should. Not everyone will provide their details, but you can improve your chances by offering something of value in exchange.

Think about:

• Downloadable content – Provide users with useful content like a PDF in exchange for their personal data.
• Loyalty programs – One of the most popular and proven ways to collect first-party data.
• Surveys and forms – Reward users for filling in surveys and forms if you can.
• Customer portals – If your website has the ability for users to login, enhance the customer portal capabilities by investing in suitable technologies.

2. Build data partnerships

If you can, work with trusted partners to build transparent and privacy-safe data partnerships—more specifically, second-party data partnerships.

Second-party data refers to data that is collected directly by one entity and shared with another organisation in a partnership or agreement, typically for mutual benefit.

Here's an example to illustrate second-party data:

Company A operates an online sports apparel store, and Company B runs a fitness app.

• Company A: has data on what sports apparel their customers prefer.
• Company B: has data on the fitness activities and interests of its app users.

If both companies decide to form a partnership where they share this data with each other, the data Company A receives from Company B (and vice versa) would be considered second-party data.

Solutions you can implement today:

• Conversions API or CAPI — A conversions API allows you to send event data from your server directly to an advertising platform. This means conversion data collection is not reliant on pixels or tags. Most major advertising platforms, including Meta and TikTok, offer this feature. Implementation of CAPI can be difficult, with dev resources usually required.
• Enhanced Conversions by Google Ads — Like CAPI, enhanced conversion in Google Ads has been around for a while now. It supplements your existing conversion tags by sending hashed first-party conversion data from your website to Google in a way that safeguards privacy. It can be implemented easily using Google Tag Manager or the Google Ads API if you are an advanced user.
• User-provided data collection in GA4 — This feature, which is in open beta, is like enhanced conversions in Google Ads. It allows you to future-proof your setup so that it's not dependent on third-party cookies. However, it does require User ID collection in GA4, which isn’t always going to be possible.

3. Adopt new technologies and strategies

Keeping informed and testing new technologies is likely going to be the difference between businesses that do well in this situation versus those that don’t.

A lot of different technologies are being tested and there’s no universal solution and likely there won’t be as platforms and providers build their own proprietary technologies.

Things like Google’s Privacy Sandbox – which aims to create technologies that both protect people's privacy online and give companies and developers tools to build thriving digital businesses are most likely going to be heavily used in the future.

4. Audit your websites

Third-party cookies are also used to service features and functionality on websites, in addition to their use in advertising, audience collection, and measurement.

If a website is using a third-party platform relying on third-party cookies to provide certain features and/or functionality, it is likely that there will be disruptions when third-party cookies are fully deprecated.

It's important to audit websites to ensure that there will be no breakages in the third-party cookie-less future. Chrome Dev Tools has many features that can be used to audit your website for cookie usage, and Google has also created a helpful Chrome extension called Privacy Sandbox Analysis Tool that provides a quick overview.