Google’s prolonged journey towards phasing out third-party cookies in its Chrome browser took another significant turn. Recently, Anthony Chavez, VP of Google’s Privacy Sandbox, announced that Google will no longer develop a standalone prompt for user choice and instead keep it in Chrome’s settings.
To catch you up to speed quickly, here’s a timeline of Google’s announcements:
- August 2019: Google introduces the Privacy Sandbox initiative, signaling its intent to develop new web standards to enhance user privacy while still enabling key web functionalities like advertising, initially without a specific timeline for cookie deprecation.
- January 2020: Google announces plans to phase out third-party cookies in Chrome within two years.
- March 2021: Google states it won’t build alternate identifiers to track individuals once cookies are phased out.
- June 2021: First delay announced, pushing timeline to late 2023. The UK’s Competition and Markets Authority (CMA) oversight role was established.
- July 2022: Second delay announced, extending timeline to 2024.
- January 2024: Google begins disabling third-party cookies for one percent of Chrome users (“Tracking Protection” test).
- February 2024: CMA reports competition concerns remain with Privacy Sandbox, stating Google cannot proceed with deprecation until resolved.
- April 2024: Google announces third delay, pausing the 2024 phase-out due to CMA review process and industry feedback. New target: 2025 (tentative).
- July 2024: Google announces it is scrapping plans for automatic third-party cookie deprecation, opting for a new user choice approach instead.
- April 2025: Google clarifies the “new experience”: No new standalone prompt; user choice maintained via existing Chrome Privacy and Security settings.
To summarize, Google has gone from deprecating third-party cookies entirely in Google Chrome to not deprecating third-party cookies at all in Google Chrome and will instead give users the option. However, they won’t actually prompt users to choose; but, instead, the option to opt out will remain buried in Chrome’s settings.
What Does This Mean for the Marketing Industry?
This is still an open question, unfortunately. Many ad platforms invested heavily in finding alternatives for third-party cookies and many agencies invested heavily in testing out Google’s Privacy Sandbox preparing for third-party cookie deprecation.
Now that Google has completely reversed its stance, it will be interesting to see how the market responds. Will the industry abandon Privacy Sandbox altogether? Will companies and platforms double-down on third-party cookies or continue to develop solutions that aren’t cookie-based? Only time will tell and we don’t have a crystal ball.
With that being said, the prevalence of cookieless (or third-party-cookieless) browsers is still significant. In the United States, 50 percent of mobile browsers use Safari. That’s a significant percentage and you wouldn’t want to make marketing decisions based on half of your data.
The trend is still focused on building durable first-party data architectures that ensure companies own their data and can best activate it for marketing activities. We do not see this trend changing in the near future.
InfoTrust’s Perspective
At InfoTrust, we believe Google’s latest announcement doesn’t change the fundamental direction that privacy-centric marketing is the future of the industry.
The writing has been on the wall as browsers like Safari and Firefox have already phased out third-party cookies years ago. We believe the industry will continue to move away from third-party cookies as user preferences continue to shift towards expectations for online privacy.
To this end, we still believe third-party cookie-based identifiers will continue to decrease and marketers will be faced with smaller addressable audiences. First-party data will only become more valuable and those companies that leverage their first-party data most effectively will find the most success.
We still see tremendous value in solutions like server-side tag management that have been developed to:
- Improve Data Quality and Breadth: Server-side allows companies to implement logic to validate incoming data while also enriching it before sending it on to third-party platforms. This results in more accurate, reliable, and complete data for reporting, analysis, and activation.
- Enable AI and Advanced Marketing Use Cases: For marketers, server-side can ensure clean and accurate data for AI-enabled solutions along with advanced use cases like dynamic value-based bidding (VBB) that require grabbing additional user or product data in transit before sending it to third-party platforms for activation.
- A quick example: An e-commerce company might have sophisticated customer lifetime values attached to their customers but that data lives in their cloud environment. With a client-side tag management system, it would take too long to grab those values from the server to add on to a tag request to the third-party platforms and these values would be exposed in the network traffic, leading to potential privacy and security concerns.
- With a server-side implementation, this can all be done in a secure server environment where timing and security aren’t issues.
- A quick example: An e-commerce company might have sophisticated customer lifetime values attached to their customers but that data lives in their cloud environment. With a client-side tag management system, it would take too long to grab those values from the server to add on to a tag request to the third-party platforms and these values would be exposed in the network traffic, leading to potential privacy and security concerns.
- Ensure a More Durable Implementation: Cookies set client-side are subject to each browser’s cookie restrictions. Browsers like Safari and its Intelligent Tracking Prevention (ITP) aggressively limit the lifespan of cookies set by client-side JavaScript. A server-side implementation offers greater resilience (Read: more durability) against these various tracking limitations.
- Enhance Data Control and Privacy: In a client-side setup, the user’s browser communicates directly with third-party platforms, making it difficult to impossible to fully control the data being sent. Third-party scripts can potentially capture more data than expected, or load additional unexpected tags, which can expose clients to unintended risk. A server-side implementation introduces a critical control point where a company can send itself the data first, inspect it, validate it, clean it, anonymize it (if needed), and then send along to the third-party platforms.
How InfoTrust Can Help
If your company is unsure of how to navigate the changing landscape, reach out to InfoTrust. We specialize in providing expert guidance and effective solutions for helping companies improve their analytics and marketing.
We’ve helped companies understand their exposure to third-party cookie deprecation and its impact on their marketing use cases. And, we’ve migrated many organizations to a more durable server-side implementation that enhances data control and privacy, improves data quality, and enables more advanced marketing use cases.
