Sentiment for business leaders about replacing third-party cookies is negative – 71% of them expect the end of third-party cookies will hurt their businesses.
As reported by the Reuters Institute at the University of Oxford, multiple Leading practitioners are concerned that the deprecation of third-party cookies will limit advertising functionalities and performance tracking.
“Without third-party cookies] performance advertising or conversion tracking is not going to be possible.”Senior UX Researcher, Meta
Without viable alternatives that provide similar functionalities, advertisers feel that they are losing visibility and control to run ads, losing functionalities such as audience segmentation and cross-site tracking.
“When we think of the term ‘unique visitors’, a lot of that data that relies on the Google platforms is going to change. You won’t be able to target repeat visitors because you won’t know who they are. A lot of browsers are going to look the same, and therefore you won’t be able to understand what is and what isn’t ‘unique’. […] There’s likely to be no or limited attribution on spend or [attributable] return on investment.”Financial Times Strategies Subscriptions Lead
This article presents the existing and proposed technologies that can replace third-party cookies for privacy-first alternatives while keeping most of the functionalities and user experience intact.
We delve into a variety of existing and upcoming technologies, exploring how they can be harnessed to maintain critical advertising functions such as audience segmentation, cross-site tracking, and conversion tracking. As such, businesses will be able to confidently prepare for a world without third-party cookies, ensuring continued growth in the face of this significant industry transformation.
Practitioners will learn tangible information about these technologies that will enable them to assess the core functionalities and determine whether the solutions are suitable for their businesses.
Glossary of Terms
- Publisher/seller – A company or individual that owns and operates a website, app, or other digital platform where content is created and shared with users. Publishers generate revenue by selling ad inventory (ad spaces) on their platforms to advertisers.
- Advertiser – A company, brand, or individual that purchases ad inventory from publishers to display their promotional messages to a target audience.
- Ad Exchange – A digital marketplace that enables advertisers, publishers, and ad networks to buy and sell ad inventory in real-time, often using an auction-based pricing model.
- Ad Network – An intermediary platform that aggregates ad inventory from multiple publishers and sells it to advertisers.
- Ad Inventory – The total amount of ad space available for sale on a publisher’s digital platform (e.g., website, app, video player). Ad inventory can be in various formats, such as display ads, video ads, native ads, or sponsored content.
- Supply-Side Platform (SSP)– A software platform that enables publishers to manage, sell, and optimise their available ad inventory to multiple demand partners.
- Demand-Side Platform (DSP) – A software platform that allows advertisers, agencies, and ad networks to manage, purchase, and optimise digital advertising inventory from multiple ad exchanges and SSPs through a single interface.
- Real-Time Bidding (RTB) – A programmatic advertising technology that enables the buying and selling of individual ad impressions in real-time auctions, usually taking place within milliseconds as a web page loads.
- Private Marketplace (PMP) – A type of programmatic advertising where an invitation-only marketplace is created by a publisher or group of publishers, allowing select advertisers to bid on their premium ad inventory.
- Data Management Platform (DMP) – A technology platform that collects, stores, and analyses data from various sources, allowing advertisers and publishers to create audience segments and optimise their targeting strategies.
Businesses Overrely on Third-Party Cookies
The deprecation of third-party cookies is not a new idea. Firefox and Safari started blocking them since 2019 and 2020 respectively. The 2024 timeframe is dictated by the deprecation of third-party cookies in Google Chrome, which currently holds 77% of the web browser market share, so it singlehandedly determines the direction of the industry. As part of this, Google has also been working on the Privacy Sandbox, which defines a set of standards for replacing third-party cookies.
GDPR has had a strong influence on pushing browsers toward third-party cookie deprecation. Under the regulation, browsers can still use them with explicit user consent. But rather than edging on the lines drawn by regulators, Google and other browsers are leaping forward and depreciating third-party cookies altogether. However, this can only be done by offering the market viable alternatives.
A comprehensive 2023 study from Adobe shows that across the UK, 70% of marketing and customer experience leaders still rely heavily on third-party cookies, and 41% of leaders are spending at least half of their marketing budgets on cookie-based activations – and 59% plan to increase spending on cookie-dependent activations in 2023.
84% of leaders at cookie-dependent companies say that at least 30% of their potential market is in environments where third-party cookies don’t work, such as social media platforms and Apple devices.
71% of leaders expect the end of third-party cookies will hurt their businesses. Out of these: 10% said it will “devastate” their businesses, 21% anticipate significant harm, and 39% predict a moderate negative impact.
Why are businesses still relying on third-party cookies? Despite privacy concerns, third-party cookies have been the go-to technology for digital advertising companies as several value-adding functionalities are hard to replicate with other technologies. Some of these functionalities include:
- Cross-site user tracking – Third-party cookies enable the tracking of users across multiple websites. This helps build user profiles, which can be used for targeted advertising, analytics, and personalisation. Although other techniques like fingerprinting or local storage can be used for similar purposes, they have limitations in terms of accuracy, user privacy, and compliance with regulations.
- Frequency capping – Without cookies, tracking and controlling ad exposure is more difficult, potentially leading to a negative user experience and reduced ad efficiency.
- Attribution and conversion tracking – Third-party cookies help advertisers attribute user actions (like clicks or purchases) to specific ads and campaigns. This helps them measure the effectiveness of their advertising efforts and optimise their strategies accordingly. Other solutions like first-party cookies, pixel tracking, or server-to-server tracking can be used, but they often require more effort to implement and can face limitations in cross-domain tracking.
- Audience segmentation and targeting – Third-party cookies enable advertisers to segment and target users based on their browsing behaviour, demographics, and interests. While first-party data can be used for targeting, it may not provide the same depth and breadth of information as third-party cookies, especially when it comes to cross-site user profiling.
- Remarketing/retargeting – Advertisers use third-party cookies to serve ads to users who have previously visited their websites, increasing the chances of conversion. Although alternative solutions like first-party cookies, local storage, or server-side user identification can be used for retargeting, they may not offer the same level of reach and accuracy.
- Ad relevance and personalisation – Third-party cookies help deliver more relevant and personalised ads to users, improving user experience and ad performance. While contextual targeting and first-party data can be used to personalise ads, they may not achieve the same level of precision and customisation as third-party cookies.
These functionalities have become the industry standard. Pulling the rug from under third-party cookies will leave a whole gap in the advertising industry. As such, a number of vendors have developed solutions that aim to replicate a similar level of functionalities.
In the following chapter, we will highlight the latest efforts by developers and standardising bodies to keep as much of the flexibility and visibility of third-party cookies for privacy-first alternatives.
Privacy-First Alternatives for Serving Advertisements
Large organisations in the web development space are working with the community, regulators and standardising bodies to re-create third-party cookie functionalities using privacy-first technologies. We explore several of these key developments, which aim to recreate similar capabilities for digital advertisers using a combination of user consent, human-curated advertising interests, modern data architectures, and machine learning.
Contextual targeting is an advertising method that selects and serves ads based on the content and context of a web page, rather than relying on individual user data. By analysing page elements such as keywords, topics, and metadata, contextual targeting can deliver relevant ads that match the interests of users visiting the page, without the need for tracking cookies or personally identifiable information (PII).
Unlike behavioural targeting, which uses third-party cookies to track user behaviour across multiple websites and serve personalised ads based on browsing history, contextual targeting focuses on the context of the web page itself. This approach ensures a higher level of privacy compliance, as it does not require user-level tracking or data collection.
To maximise the effectiveness of contextual targeting, businesses should optimise their website content and metadata to ensure that it accurately reflects the topics and keywords relevant to their target audience. These can include the following:
- Natural language processing techniques to analyse the text and content of a web page, extracting relevant keywords, phrases, and topics to inform ad targeting decisions.
- Semantic analysis techniques to understand the meaning and context of the content, enabling more accurate ad placement and reducing the risk of inappropriate or irrelevant ads.
Contextual targeting may not deliver the same level of personalisation as behavioural targeting, as it relies solely on the context of the web page rather than individual user data. Implementing contextual targeting can be more complex and resource-intensive than relying on third-party cookies, requiring advanced technology and expertise in natural language processing (NLP), semantic analysis, and machine learning.
Here are two examples of serving ads using contextual targeting:
- A user visits a popular hiking blog to read an article about the best trails in a national park. The blog provides detailed information about each trail, such as the level of difficulty, scenic views, and required gear for a successful hike. As the user reads the article, a contextual targeting system analyses the content and identifies keywords and topics related to hiking, outdoor activities, and gear. Based on this analysis, the system serves an ad from an outdoor gear retailer promoting a sale on hiking boots, backpacks, and trekking poles. The ad is relevant to the user’s interests and the content of the page, increasing the likelihood of user engagement and a potential sale.
- A user searches for a healthy, vegetarian dinner recipe and lands on a website featuring an extensive collection of vegetarian and vegan recipes. The user clicks on a recipe for a vegetable stir-fry that includes instructions on how to prepare the dish using a wok. While the user is browsing the recipe, a contextual targeting system scans the page content, picking up on keywords and phrases such as “vegetarian,” “healthy cooking,” and “wok.” Based on this analysis, the system serves an ad for a high-quality, non-stick wok from a reputable kitchen appliance brand, along with a limited-time discount code. The ad is contextually relevant to the user’s interest in cooking and the recipe they are viewing, making it more likely that the user will consider purchasing the promoted product.
The Privacy Sandbox is an initiative led by Google to create web standards for websites to access user information without compromising privacy. Its core purpose is to facilitate online advertising without third-party cookies. The Privacy Sandbox proposals are under ongoing development, with components at various completion stages. The proposals are based on input from developers, publishers, marketers, and regulators via forums like the W3C.
Privacy Sandbox APIs are scheduled to be launched and generally available in Chrome by Q3 2023. As developers adopt these APIs, Google will begin phasing out third-party cookies in Chrome in the second half of 2024.
The technologies developed by the Privacy Sandbox cover all AdTech areas impacted by the cookie phase-out. These include:
- Targeting and interest-based ad selection– achieved via Topics API
- Retargeting – achieved via Protected Audience API
- Measurement – achieved via Attributes
Topics are recognisable categories that the browser infers based on visited pages. With Topics, the visited sites visited are no longer shared across the web, as they might have been with third-party cookies. A topic in the Topics API is a subject a user is interested in as evidenced by the websites they visit.
Topics are a signal to help AdTech platforms select relevant ads. Unlike third-party cookies, this information is shared without revealing further information about the user themself or the user’s browsing activity. The Topics API allows third parties, such as ad tech platforms, to observe and then access topics of interest to a user. For example, the API might suggest the topic “Fiber & Textile Arts” for a user who visits a relevant website.
The topics taxonomy is constructed to support interest-based advertising and keep users safe and protect their privacy. The initial taxonomy for the web version of Topics includes around 350 topics across categories such as “Arts & Entertainment,” “Home & Garden,” and “Travel & Transportation.”
Topics are inferred by Chrome, using a classifier model that maps site hostnames to topics. Topics are manually curated for 10,000 top domains, and this curation is used to train the website classifier algorithm.
The API infers topics for a site from a classifier model that maps website hostnames to zero or more topics. Only sites that include code that calls the Topics API are included in the browsing history eligible for topic frequency calculations, and API callers only receive topics they’ve observed. In other words, sites are not eligible for topic frequency calculations without the site or an embedded service calling the API.
The top five topics are selected based on frequency. That is, the browser selects the five topics that appeared most frequently in a user’s browsing history for a given week. The list of topics used by the Topics API is public, human-curated, human-readable, and designed to avoid sensitive categories.
A Topics API caller is the entity that observes and requests topics. Typically, this caller is a third party (such as an ad tech) who uses the topics returned by this method to help select relevant ads. The browser determines the caller from the origin of the request. If Site A requests topics from their code in an iframe hosted on Site B, the browser determines the caller is Site A.
How the API decides which callers see which topics
API callers only receive topics they’ve recently observed, and the topics for a user are refreshed once each epoch. That means the API provides a rolling window in which a given caller may receive certain topics.
|Site||Topics||API callers on site|
|hiking-holiday.example||Fitness, Travel & Transportation||adtech2.example|
|diy-clothing.example||Crafts, Fashion & Style||[none]|
At the end of the epoch, the Topics API generates the browser’s top topics for the week.
- adtech1.example is now eligible to receive the “Fitness” and “Crafts” topics, since it observed them on yoga.example and also on knitting.example.
- adtech1.example is not eligible to receive the “Travel & Transportation” topic for this user as it is not present on any sites the user visited recently that are associated with that topic.
- adtech2.example has seen the “Fitness” and “Travel & Transportation” topics, but has not seen the “Crafts” topic.
The user visited diy-clothing.example, which has the “Fashion & Style” topic, but there were no calls to the Topics API on that site. At this point, this means the “Fashion & Style” topic would not be returned by the API for any caller.
Going Privacy-First with Merj
Specialising in data engineering and marketing data, Merj can help your business smoothly transition to a privacy-first technology stack by the time third-party cookies will be deprecating, minimising disruption to your business and identifying improvement opportunities.
Our team of developers and researchers can complement your development and marketing teams with deep knowledge on products and technologies.
We can help you build or rebuild a range of value-adding services on top of new privacy-first advertising technologies, including:
- Reimagining and redeveloping webpage personalisation in a cookieless environment
- Detecting vulnerabilities in new advertising platforms such as data leaks
- Compliant data collection, processing and storage
- Analytics, reporting and visualisation of multiple data sources
- Supply chain legislation compliance
To find out how Merj can help your business navigate the transition to a cookieless future, contact us today.