Demandbase Demandbase

Simplifying Chrome’s 3rd-party Cookie Deprecation:

The Ultimate FAQ Guide to a Cookieless Future

When it comes to Chrome’s upcoming deprecation of 3rd-party cookies, it can be a lot. Complicated. Complex. (A bit) technical. Lots of words that are not often seen or used in everyday life.

So we broke it all down for you in a simple FAQ. Have more questions? Let us know — we’ll answer ‘em, then post here.

Q: What are website cookies?

A: Like Starbucks says in its popup, cookies are “not the kind you eat.” Clever. A website cookie, often just called a “cookie,” is a small piece of data sent from a website and stored on the user’s computer by the user’s web browser … while the user is browsing. Cookies are used to “remember” user information (i.e., items added/left in a shopping cart), record a user’s browsing activity (where they clicked, when/how often — they logged in, which pages they visited, and so on). Cookies can also be used to remember pieces of information that the user previously entered into form fields — name, address, passwords, and credit card numbers.

cookie notice image

Q: Why do marketers use cookies?

A: There are numerous reasons why a marketer would want to use cookies. Here are a few:

  • Tracking and analytics: Cookies help to understand how users interact with your website — browsing habits, time spent on the site, and the path through your site.
  • Personalization: Cookies allow marketers to collect user preferences and behaviors for a more personalized browsing experience.
  • Targeted advertising: Cookies mean marketers can serve relevant ads to each website visitor.
  • Retargeting: Cookies are often used for users who visit a site but fail to purchase something or perform a desired action. Ads will then appear on other websites to encourage users to return to your site.

Q: What are the different types of cookies?

A: Cookies generally fall into two buckets.

  • Session cookies: Temporary. Deleted once browser (or tab) is closed. Mainly used to keep track of online activities during a session.
  • Persistent cookies: Remain on a user device for a set period of time, specified in the cookie. These cookies are activated each time a user visits a website that created that particular cookie. Most often used for quickly accessing (remembering) user preferences and making subsequent visits to the site more convenient.

Q: What are the privacy concerns surrounding cookies?

A: In short, users have historically been concerned with the collection, storage, and use of their browsing data, especially without their explicit consent or awareness.

 

Q: How have privacy concerns been addressed?

A: Over the years, several regulatory measures have been implemented. The General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in the United States are two of the more popular ones. Both require websites to obtain consent from users before tracking using cookies. As users, we’ve all seen these popups (the Starbucks example is one).

 

Q: What are 3rd-party cookies (and how are they different from a “1st-party” cookie)?

A: 3rd-party cookies are created by companies other than the one whose page a user is visiting. These cookies are used for cross-site tracking, retargeting, and ad-serving and can be used to capture info on what pages you visited, what articles you read, what ads you were previously exposed to and how or if you interacted with them.

From Google: [3rd-party cookies are] “created by other sites. A site that you visit can embed content from other sites, for example, images, ads and text. Any of these other sites can save cookies and other data to personalise your experience.”

1st-party cookies are placed on a user’s device directly by the company whose page a user is visiting. They are typically used to remember a user’s settings/preferences or to keep someone logged in.

From Google: [1st-party cookies are] “created by the site that you visit. The site is shown in the address bar.”

 

Q: Which browsers (companies) have already eliminated 3rd-party cookies?

A: Apple (Safari) began the process of tightening restrictions on 3rd-party in 2017 with the introduction of Intelligent Tracking Prevention (ITP). Since 2020, Safari has blocked all third-party cookies by default.

Mozilla (Firefox) introduced Enhanced Tracking Protection (ETP) in the summer of 2019. By the Fall, Firefox automatically blocked all known 3rd-party tracking cookies by default.

 

Q: What is Google’s Tracking Protection?

A: Google’s Tracking Protection is a new feature being tested in the Chrome browser, aimed at enhancing user privacy by limiting cross-site tracking. This feature restricts website access to 3rd-party cookies by default, thereby reducing the ability of websites to track users’ activities across the Internet.

 

 

Read more about Google’s Tracking Protection

 

Q: When will Google phase out 3rd-party cookies in Chrome?

A: Google announced its intention to phase out 3rd-party cookies over a two-year period starting in 2020, aiming for completion in 2023. However, that timeline has since been pushed back to Q3 2024. As it says here, “To facilitate testing, Chrome has restricted third-party cookies by default for 1% of users. Subject to addressing any remaining competition concerns of the UK’s Competition and Markets Authority, Chrome will ramp up third-party cookie restrictions to 100% of users from Q3 2024.”

 

Q: How is Demandbase preparing for a cookieless world?

A: Funny you should ask. We wrote an entire blog post about it.

 

Q: What is Google saying about all of this?

A: There have been a few blog posts that directly address a “cookieless world,” including this one from December 13, 2023, and this one and this one (more technical, for developers).

 

Q: Why is Google getting rid of third-party cookies?

A: According to an August 2019 Google blog post, “privacy is paramount to us, in everything we do. So today, we are announcing a new initiative to develop a set of open standards to fundamentally enhance privacy on the web. We’re calling this a Privacy Sandbox.”