What a world without third-party cookies means for digital advertising

In the name of consumer privacy, major browsers are phasing out third-party cookies.

In January 2020, Google announced that they’ll deprecate third-party cookies over the next two years. Then in June, Apple announced that it’s limiting the use of its mobile device ID, known as Identifier for Advertisers (IDFA), in iOS apps. Digital advertisers have long used these identifiers for targeting, pacing, measuring and personalizing their campaigns.

How do third-party cookies work, why are they going away and how can advertisers continue to deliver relevant, effective messaging in the new digital world?

What are third-party cookies?

Websites use cookies to remember a user’s action so they aren’t asked to perform a task again and again. As a result, they help provide a better, more personalized user experience.

Third-party cookies specifically are created and placed by websites other than the website you’re visiting. Some common uses include cross-site tracking, retargeting and ad serving.

First-party cookies, on the other hand, are generated by the host domain. They are usually considered good because they help provide a better user experience. These cookies enable the browser to remember important user info, such as what items you add to shopping carts, your username and passwords, and language preferences.

For an example, let’s say you visit a website called learn.com. Any cookies put on this website by learn.com would be first-party cookies. Any cookies put on learn.com by any other site, like a social media site or an advertiser, would be third-party cookies.

Why are third-party cookies used?

Cross-site tracking: the practice of collecting browsing data from numerous sources (websites) that details your activity

Retargeting: using search activity to retarget visitors with visual or text ads based on the products and services for which they’ve shown interest

Ad-serving: making decisions regarding the ads that appear on a website, deciding when to serve these ads, and collecting data (and reporting said data including impressions and clicks) in an effort to educate advertisers on consumer insights and ad performance.

How do third-party cookies work?

Third-party cookies work by embedding JavaScript from one website into another. Third-party cookies store data remembered between browsing sessions. They remember information this way because HTTP, the web browsing protocol, is a stateless protocol. A “stateless protocol” means that data is not saved between browsing sessions. In the HTTP response header, cookie attributes determine whether a cookie is a first- or third-party cookie.

Why are third-party cookies going away?

Major browsers began eliminating third-party cookies in 2017. They say it’s because of consumers’ growing demand for privacy.

Apple’s recent iPhone video ad, for example, features people loudly sharing personal, often dangerous information with those around them, and closes with: “Some things shouldn’t be shared. iPhone helps keep it that way.”

But without third-party cookies and IDFA, are consumers really better off? Google and Apple’s moves personally benefit them, because their direct customer relationships will keep them relatively unaffected while many other identity solutions are weakened. A recent Epsilon study found that most (62%) marketers believe the changes won’t help consumers.

How will the death of third-party cookies impact digital advertising?

The impending death of the third-party cookie is already causing a stir: About 80% of advertisers rely on third-party cookies, and 67% feel a combination of disappointed, frustrated, overwhelmed, helpless and even confused by the news.

Here are the aspects of advertising that will be most impacted by the death of third-party cookies:

Reach: About 80% of advertisers depend on third-party cookies. Without them, those advertisers will need to find a new way to reach their customers and prospects online.

Personalization: Behavioral and browsing data will be limited, making it hard for advertisers who depend on third-party cookies to personalize ads.

Campaign management: Basic capabilities like A/B testing and frequency capping will be challenging for advertisers who depend on third-party cookies.

Performance measurement: Analytics and attribution based on third-party cookies will be much less effective.

Our research shows that 69% of advertisers think the death of the third-party cookie will have a bigger impact than the GDPR and CCPA, and 70% feel that digital advertising overall will take a step backward.

But despite the understanding of importance and concern, fewer than half (46%) feel “very prepared” for the change.

What will replace third-party cookies?

In a world without third-party cookies, marketers will need to find a new way to identify people online so they can continue to personalize messages, optimize campaigns and measure performance.

To start with, you’ll want to get familiar with your options for identifiers. When you understand the strengths and weaknesses of the most common identifiers, you’ll be able to choose a smart approach to identity that doesn’t rely on third-party cookies. To succeed, they must partner with an established, people-based identity solution. One that’s future-proofed against the loss of identifiers, and built with privacy by design. Any adtech and measurement partners you work with should have a solid plan that doesn't rely on third-party cookies.

What's Epsilon's response to third-party cookie deprecation?

Epsilon has never needed third-party cookies to connect with consumers. We saw their flaws years ago. They’re not people-based, not transparent and can’t identify people over time.

We’ve always known that the key to identity is first-party relationships with publishers and brands. That’s why we started building our identity solution in 2007 and growing our publisher relationships in 2012. We now have 5,000+ direct publisher relationships compared to just hundreds for other solutions, and our identity graph has greater scale and higher accuracy. 98% of our ads are delivered to individuals, not to cookies or devices.

The industry agrees that Epsilon leads the way in helping marketers reach customers and drive performance without third-party cookies.