Big changes are coming fast for advertisers who rely on cookies from third-party players to power their online advertising strategies. It’s been a long time coming given the growing drumbeat of consumer privacy worldwide — and we still don’t know what alternative browsers like Google will offer to make up for it — but now is certainly the time for advertisers to prepare for what’s to come. Here’s a comprehensive guide to first-party cookies vs. third-party cookies, including what the future holds for them and what marketers need to know now.
For more on first-party cookies vs. third-party cookies:
What Kind of Cookies Are Out There?
First, it’s important to note that there are three kinds of cookies: first-, second-, and third-party. We don’t hear much about second-party cookies, however, because they require data partnerships between multiple companies — and some advertising professionals dispute their very existence.
For our purposes, we’re going to focus on first-party cookies versus third-party cookies, which are by far the most prominent. Both are text files that observe consumer behavior online, but they differ in how they are collected and implemented.
What’s the Difference Between First- and Third-Party Cookies?
As the name implies, first-party cookies are created and stored by the website a consumer visits to help enhance the customer experience. These cookies allow the site to remember user preferences like passwords or language, but they also help sites better understand visitor behavior.
Amazon is a good example. When a shopper signs in to their Amazon account, the browser they’re using saves a data file for that domain on their computer. This allows the customer to remain logged in for future visits and save products in their carts until they are ready to check out — even if that doesn’t happen for days or weeks.
Third-party cookies, on the other hand, come from other domains. They are placed on a site via a script or tag and are typically used for observing consumers and serving ads, including retargeting.
Let’s go back to the Amazon example. When consumers browse items on Amazon.com and then see ads for those very products on other sites, it’s third-party cookies in action. They are tapping into the tracking data that remains on shoppers’ computers to nudge them toward conversion. In fact, one other key difference between first- and third-party cookies is visitors have to be informed of the latter because of the vast data companies can collect with them. Alternatively, first-party cookies are accepted automatically.
Other uses for third-party cookies include collecting data on consumer engagement with ads, so advertisers better understand what works and what doesn’t with their target audience and adjust their strategies accordingly.
How Are Third-Party Cookies Created? And Who Leaves Them?
First-party cookies are typically seen as “good” cookies because they help enhance the user experience. They are only available on the sites that create them. Third-party cookies are more controversial because some are created by adtech companies for the express purpose of observing consumers and monetizing their data.
How exactly third-party cookies are created can get complicated fast. However, one easy-to-understand example is when a website pulls in functionality from a third-party service provider like live chat. To implement live chat functionality, the site has to request a script from the service provider. The browser then receives a file with chat functionality along with cookies from the domain of whoever is providing the live chat service.
While the specifics vary, third-party cookies typically always appear as a result of requests like this to third-party services. Other common examples of third-party services that leave cookies include ad retargeting and social media plug-ins.
How Do Browsers Treat First- and Third-Party Cookies?
While first-party cookies are supported by all browsers, they can be blocked and/or deleted by consumers.
Third-party cookies, however, can be found on any website that loads the code. For now, they are supported by some browsers, but others — including Mozilla and Safari — are starting to block them because of consumer privacy concerns. This trend is expected to continue — most notably with Google Chrome in 2023.
Don’t forget that browsers don’t load third-party cookies when users are in incognito mode.
What’s the Future for Each?
In 2023, the browsers blocking third-party cookies will include Google Chrome, which has the largest market share by far and therefore, the biggest implications for brands and consumers. As a result, many advertisers will have to adjust their strategies.
The good news is sites can still use first-party cookies to observe consumer behavior and preferences as they won’t be impacted by the announced changes.
For now, the best advice for marketers is to stay informed as Google has said it wants to work with advertisers to ensure the change doesn’t torpedo the online advertising industry. And so it remains to be seen what will result from Google’s so-called Privacy Sandbox initiative. According to a 2019 blog post, Google hopes this will enable marketers to reach their target audiences with less user data. This could include anonymously aggregating user data or keeping more user data on devices only.
Nevertheless, advertisers would be wise to begin considering alternatives. One place to start is relying more on their own first-party data — and finding partners who can help them better leverage first-party data. This potentially includes publishers, who have direct relationships with site visitors, as well as data management firms, which, like Google, are working to create alternative tools for advertisers to better capitalize on first-party cookies and/or create anonymous aggregated groups like in the Privacy Sandbox.
Another option is revisiting an older tactic like contextual advertising, which display ads on sites that rank for similar keywords.
Meanwhile, convincing consumers to consent for targeting could open additional options. It will prove challenging as a March 2020 survey by Pew Research Center found more than 70% of U.S. adults want regulatory reforms for how companies use their data. That being said, consumers have been shown to be more open about sharing at least some data if they have clear and easy controls over how and when it is used.
First-Party Cookies vs Third-Party Cookies
While it sounds brutal, the death of third-party cookies should be positive for consumer privacy. It’s also a good reminder that advertisers shouldn’t put all their proverbial eggs in one basket. As Google and data management firms experiment with alternatives to third-party cookies, AdRoll is exploring new ways to identify audiences, such as email, and other advertising opportunities beyond cookies.
For more on what your brand should be doing now to prepare for the year to come, check out our ultimate Q1 growth guide.
Angie is the Content Marketing Manager at AdRoll. Prior to AdRoll, she was a Content Writer at various digital marketing agencies. A writer by day and a reader by night, Angie’s other hobbies include cooking and learning useless movie trivia.