How to Prepare for the Cookieless Future?

Despite their seemingly innocent name, cookies have found themselves at the heart of one of the internet’s biggest privacy revolutions. Specifically, third-party cookies have come under fire from privacy-advocacy groups, ultimately leading Google to work towards a cookieless future. This change will have significant implications for advertisers, as third-party cookies have been an essential targeting technology since their inception.

Let’s dive into the implications of Google’s decision and how you can prepare for the cookieless future.

This article will explain
  • What third-party cookies are and how they’re used today.
  • Why user privacy is at the heart of this debate, and why advertisers and brands should care.
  • What the cookieless future will actually look like and the consequences it will have on retargeting.
  • How you can prepare for this future with a little help from RTB House.
Last Updated:
Published:

What are cookies, and why do they matter? 

Before we jump into the cookieless future, let’s take a quick look at cookies in general. A cookie is a small piece of data in the form of a text file which is created by a website and stored on your web browser.

Cookies can be divided into two main categories: 

  • First-party cookies: Are created and stored by a website you directly interact with. These cookies are typically only used for purposes related to the website that created them, such as remembering user preferences or shopping carts. First-party cookies are generally considered unproblematic. 

  • Third-party cookies: Are created and stored by organizations other than the website you are currently visiting. These serve a variety of purposes, ranging from advertising to analytics or social media. These are considered problematic by many privacy advocates. 

Why are third-party cookies considered problematic?

When referring to the cookieless future, we are specifically talking about third-party cookies. These cookies are often used by advertisers and social media platforms to tailor personalized ads to a user. However, in the process of doing this, they make it possible to collect a significant amount of detailed information, which might contribute to creating a highly intricate user profile, often without receiving informed or explicit user consent. 

This has led to significant consumer pushback, with over 83% of users in the UK citing concerns about online tracking for advertising purposes. Despite well-meaning attempts to resolve this, users often don’t fully understand what they’re consenting to when accepting a website’s consent form. 

Technology companies have heard these concerns, and there has been a slow consensus forming toward limiting or outright removing support for third-party cookies. Today, many browsers like Brave or Firefox have developed solutions that prevent third-party tracking from working, and with Google joining them, the cookieless future is fast approaching. 

Why should I be concerned about user privacy? 

Many companies don’t necessarily see a problem with third-party cookies. After all, users have provided some level of implicit consent by not opting out, and the tracking involved isn’t illegal or even explicitly immoral. 

The problem with this thought process is that it ignores very real user concerns regarding privacy. These concerns have already led to a staggering rise in the use of ad-blockers and, if left unaddressed, could lead to advertisers losing any way to personalize content to users. This is ultimately bad for the customer, bad for the advertiser, and bad for companies in general. 

That is why Google and other tech companies have already taken steps towards depreciating third-party cookies and why everyone should begin to prepare for a cookieless world

When will third-party cookies stop being supported? 

For some smaller browsers, the cookieless future is already here; however, from an industry perspective, the only date that matters is Google’s. Chrome controls around 65% of the browser market, and Google accounts for approximately 28% of all ad revenue spent online. Any action Google takes on third-party cookies will define the direction the entire advertising industry ultimately follows. 

Google initially announced its plans to deprecate third-party cookies in 2020. Since then, the company has taken a thoughtful approach to the challenge and has worked hard to involve advertising industry stakeholders in the process. Google is already ramping up its new solution, the Privacy Sandbox, which will run alongside third-party cookies until the end of 2023 it. In Q1 2024, Google plans to withdraw third-party cookies for 1% of existing Chrome users in order to provide the industry with a real cookieless environment, in which one could test new APIs against the legacy technology. On the other hand, early 2025 is expected to introduce further gradual third-party cookie phase-out.

Speaking of solutions, let’s take a look at what the cookieless future means for marketers and how they can prepare for it.  

What does the cookieless future mean for marketers and users? 

Many advertisers are concerned that without third-party cookies, they will no longer be able to reach users who are actually interested in their products. This would force advertisers to throw ads into the void and pray that they reach the right kind of person. It would make it harder for small businesses to connect with interested customers, and such a change could cause significant damage to countless businesses. 

How will the cookieless future impact retargeting? 

This is of particular concern to advertisers that rely on retargeting. Historically, retargeting providers have used third-party cookies as the primary way to identify what a user is interested in, identify that user across multiple websites, and then produce a personalized advert they are likely to engage with. Losing that capacity would, theoretically, render retargeting useless and remove a key capability for marketers and businesses. However, there are some solutions that will enable cookieless retargeting

Advertisers need to adopt a range of new solutions in the cookieless future 

Advertisers will be able to dust off some tried and tested tools of the past, and take advantage of some shiny new solutions being developed that will preserve many of the advantages of third-party cookies, without all the privacy-intrusive baggage. 

Let’s take a deeper look at some of the tools that can help advertisers prepare for the cookieless future and how they can start implementing cookieless solutions today. We’ll start with the Privacy Sandbox: 

The Privacy Sandbox is the key to succeeding in the cookieless future

Given the importance of Google to the digital advertising space, the tech giant has had to take a meticulous approach to change in close cooperation with regulators like the British Competitions and Markets Authority (CMA) and other stakeholders. This is meant to give the industry time to adapt and prepare solutions to replace third-party cookies. 

Together, they’ve been working on an alternative that will give advertisers the same fidelity of targeting options while putting user consent and privacy first. The solution Google came up with is the Privacy Sandbox. 

The Privacy Sandbox was built in close collaboration with the advertising industry, and RTB House has helped to play a role in shaping it. Rather than being a single tool, the Privacy Sandbox is a collection of solutions designed to simultaneously enhance user privacy while still allowing advertisers to meaningfully connect with users. 

The initiative encompasses an array of solutions, which you can find here, but for our purposes, there are two main ones that advertisers should look into: 

Topics API—grouping users based on their browsing history

Topics API maps and classifies website domains into approximately 470 categories, such as “fitness” or “technology.” The mechanism relies on providing users with five distinct categories based on their recent browsing activity in Chrome. These categories are supplemented with randomized elements to prevent user re-identification.

Only callers who have previously encountered users from the same category elsewhere can access the topics provided by Topics API. 

Protected Audience API

The Protected Audience API’s distinctive feature is that the user’s personal data remains on their device—never leaving the browser. All the processes which use these pieces of data also happen on that same device. When a user visits a website, based on their behavior there, they can be assigned to an interest group that was pre-defined by the advertiser (or its technological partner). What’s important is that outside of the browser (on external servers), the user is only visible as somebody from that interest group. Their anonymity is preserved by applying a k-anonymity feature, which would prevent an interest group from being created unless it reaches a reasonable number of people in it (at the time of writing, the k-anonymity factor equals 50, but its final size is subject to feedback).  

This enables privacy-enhanced cookieless personalization and retains much of the functionality of third-party cookies.

First-party data will become more important

As third-party cookies disappear, the importance of first-party data will increase significantly. This is the data about user’s behavior on a website collected and used by the owner of that very website on its premises. Its main functional flaw depends on the source of the data and its usage being partitioned within the same website/domain. However, there are some new privacy-preserving mechanisms which enhance the scope of where that data can be used (such as the aforementioned PAAPI).

Contextual targeting will help make first contact 

Contextual targeting might be an older method of reaching users, but with the depreciation of third-party cookies, it will become even more important. While it is best suited for upper-funnel campaigns that focus on brand recognition or making first contact with customers, it can provide a useful way to connect with new customers. 

Rather than relying on knowing who the user is, contextual targeting instead uses the context of a publication to determine what kind of ads will play well with that audience generally, for example, ads for a car brand on an automobile-related website. We’ve had plenty of experience with this at RTB House, and our ContextAI is a powerful cookieless tool to help advertisers connect with users. 

You should avoid unethical targeting practices 

We’ve covered a lot of tools you can use, but there are also certain practices that companies should not allow. There is a slight temptation to set aside user privacy concerns and look at controversial techniques, which might be effective but on a small scale. The most common example is external identifiers, which replicate the same privacy-related problem that third-party cookies have—being able to profile an individual with frightening accuracy and track them across multiple websites. An even more controversial subset is device fingerprinting, which is based on probabilistic mapping. 

Device fingerprinting might be cookieless, but it collects a lot of data. In fact, its entire purpose is to combine a number of factors, such as an IP address, browser parameters, and device details, to create a unique user profile. This ID is then used to track users online and monitor how they behave, ultimately building a profile for advertisers to use. 

This is even more privacy-intrusive than third-party cookies, and it replicates the problem which led to third-party cookie deprecation in the first place. Ultimately, brands who embrace this technology might see short-term benefits, but in the long term, the industry and regulatory trend is towards privacy, and they will quickly find themselves falling behind companies that opted to embrace privacy-friendly advertising solutions.

Early adopters will see the most benefits from the cookieless future 

Our final and most important tip is this: Early adopters of cookieless solutions will have a significant lead over companies that choose to stick to outdated methods. That’s why RTB House has opted to engage proactively with Google and other ecosystem partners on this subject from the day third-party cookies deprecation was first announced. Moreover, we are an early pioneer in terms of testing cookieless solutions but focusing on those that constitute an upgrade in terms of respecting users’ privacy online. This is something that is important to many regulators worldwide, but that the wider industry has largely ignored. 

As you read this, Google has already opened up the ability to test the Protected Audience API and other Privacy Sandbox Solutions on a larger scale (at the time of writing, 50% of Chrome users are Privacy Sandbox-enabled). This is your opportunity to get to grips with how these solutions work and prepare yourself for the end of 2024, when third-party cookies will finally be depreciated. This is your best moment to lay the groundwork for success in the cookieless world.

RTB House is here to help you navigate the cookieless future

This can seem overwhelming, but you’re not alone. We at RTB House have not only extensively tested how Deep Learning solutions can work with a variety of cookieless targeting techniques, but we have been deeply involved with the creation of the Privacy Sandbox and invented some of its key elements. 

Moreover, in times when there is less and less granular data to play with, our Deep Learning algorithms constitute even higher value than ever by squeezing more insights from the shrinking information pool.  We’ve already been using cookieless solutions in connection to our proprietary Deep Learning algorithm in real campaigns, and we’re working closely with a number of brands and agencies to help them test these solutions before third-party cookies are retired. 

If you’d like to find out more about how RTB House can help you navigate the cookieless futurecontact our team today.

More Articles

See our reports, articles, guides, videos, and more.