The imminent demise of third-party cookies

Since the mid-1990s websites have used tracking technology called third-party cookies to follow us around the internet, largely to get us to buy things. Safari and Firefox already block third-party cookies by default as a privacy measure. Google Chrome has announced it will follow suit by 2022. When Chrome pulls the plug, the era of cookie-based tracking will be over.

Cookies from a website you chose to visit are called first-party cookies. Type in your zip code on a weather site and it might save it to remember your location the next time you visit. First-party cookies aren’t used for ads and they aren’t going away.

Third-party cookies come from a source other than the site you chose to visit, like an ad that saves a cookie on your computer. If later you visit the advertiser’s website and buy something, the company can infer that its marketing campaign influenced your decision.

0%-1%: Share of people who decline cookies when they see a privacy pop-up on a website. Most privacy pop-ups don’t include a button to decline cookies—visitors have to hunt that option down on a separate settings page. Almost no one bothers, according to privacy compliance firm CookieLaw.

$336 billion: Valuation of the digital advertising industry

72%: Americans who worry that what they do online is being tracked by companies

40%-60%: The (rather low) accuracy rate when two companies try to match the cookie data they have on the same set of consumers

2.7%: Increased likelihood that a person will buy something from an ad that uses cookies compared to one that does not

40%: Web traffic that currently comes from people who block third-party cookies

500+: Number of cookies a single website might place on a visitor’s computer

58: Different ways the digital ad industry uses cookies to track people

“I’m not particularly sad about the demise of third-party cookies because they were never really that accurate, never really that useful, and in fact I think this whole thing has helped us all to rethink what data matters.”

—Stephan Pretorius, chief technology officer at UK-based WPP, the world’s biggest ad agency, sums up the general consensus among advertisers who have turned against third-party cookie tracking.

 Lou Montulli, a 23-year-old engineer at the world’s then-leading web browser, Netscape, invented the cookie in 1994. Although Netscape was dismayed to discover that ad agencies were using cookies to track our travels around the web and sell us things, the company didn’t have the bandwidth to carefully weigh the future of the technology. Montulli got stuck making the call.

“Advertising at that time was really the sole revenue stream of websites,” he said. “By turning off advertising cookies, it would severely diminish the ability for revenue to be made on the web. We as a company believed very strongly in the future of the open web. We felt like having a revenue model for the web was pretty important, and we wanted the web to be successful. So we made the choice to try to give cookie options to the user, but not disable them.”

What comes after cookies?

There are three major proposals for how the ad industry can continue to show consumers relevant ads and measure their effectiveness without third-party cookies.

👯‍♀️ Google’s Federated Learning Cohorts (FLoC) model: The browser tracks users and groups them into cohorts alongside thousands of peers with similar online habits. Every time you visit a website, your browser tells the site which cohort you belong to so advertisers can display tailored ads.

🗞️ First-party data tracking: Publishers and advertisers each collect their own data about their audience and consumers. If a brand and a publisher have the same piece of information about you, like an email address, they can team up to match your spending habits on the brand’s site to your reading habits on the publisher’s site. 

🔑 Identity-based tracking: A central authority would assign every web user an advertising ID that advertisers could track every time a user logs into a website.