Close

April 20, 2021

Where Cookies End and Privacy Begins: The New Frontier of Marketing

fingerprint on a motherboard

By Nick Kastner, director of brand and digital strategy

Very few would have put money down on a bet in 2020 that it would be the “year of the pandemic.” But, Bill Gates predicted the event – not the year – in a 2015 TED presentation. There are probably hundreds of things that we would say weren’t “predictable,” and yet, they really were.

For years, marketers have said that there will come a day when users would request that their privacy online become important. We saw this with the creation, and all of the discussion, around SnapChat, YikYak, and other apps. Now enter 2021 – the year of privacy on the web.

In 2019 and 2020, Google made a series of major announcements:
• August 2019 – The Privacy Sandbox initiative is announced as an effort to develop open standards to enhance privacy on the web.
• February 2020 – Google announces new efforts in Google Chrome to limit third-party cookies in an effort to phase out third-party cookies by 2022.
• March 2021 – Google announces that it will NOT build identifiers to replace cookies.

Let’s back up – what is a cookie?

We all, for the most part, use the internet. As we visit websites across the web, many of these websites use small text files with ID tags that are stored on your computer called cookies. These cookies keep track of the things that you do across the web, remember your behavior on a given website, your login, preferences, and other information. These are incredibly powerful, tiny files that help marketers because while they contain very little information, they can be helpful.

Now, because marketers (that’s us) have become incredibly sophisticated, some of these cookies have started to retain additional information – sometimes an email address or other information to profile your web surfing behaviors. These are incredibly helpful for a marketer, as they can customize your experiences on websites based on your prior behavior. So, all those times you thought Facebook or [insert website name here] was listening to you – many times it’s because of website behavior that has occurred at a given IP address, geolocation, or otherwise found thanks to tracking. Many of you find it creepy, marketers find it helpful, and privacy experts have become concerned that personally identifiable information (that’s PII for short) is being tracked in these cookies. Privacy experts aren’t wrong – but it’s not always the case.

So what’s the difference between a first-party and third-party cookie?

Websites use two types of cookies – first-party and third-party. Both of these types of cookies contain the same pieces of information and can do the same thing. The difference is based on how they are created and used in context.

A first-party cookie is stored by the website you visited directly and collects information like the pages you visited, the language you selected, etc. to improve your overall experience on that particular website. So generally speaking, these cookies are the good ones and the ones that help remember the items in your shopping cart, your usernames and passwords if saved, etc.

A third-party cookie is created by a domain that you haven’t visited – thus third-party. These types of cookies are used to track you across various websites for ad retargeting (those creepy ads that follow you around the web), cross-site tracking, and more. So, good examples of these cookies are ones used by tools that we, frankly, use for clients, like GroundTruth, AdRoll, and even Google Ads cookies. They’re used for advertising purposes and are something that we use for clients now.

Why are they trying to get rid of cookies?

Well, that’s not it exactly. As of right now, the focus is getting rid of these “bad” third-party cookies. Privacy experts, and consumers, are seeking more control over how their data is used. New laws like the California Privacy Law, GDRP in the European Union, and other proposed laws are driving marketers to have to reconsider their practices in tracking. These new laws require you to accept the terms of service of using particular websites – so if you’ve seen these new pop-ups on websites you know – that’s why.

Web browsers like Safari and Mozilla have been able to block third-party cookies since 2013. Google has used them consistently for years to help advertisers so it was detrimental to their revenue streams to get rid of these cookies – so they didn’t – until now.

It’s also important to note that they aren’t “trying” to get rid of these third-party cookies – they are getting rid of these third-party cookies. Now, many of these advertising networks have tried to find work arounds like “fingerprinting” and other techniques that are even more invasive. We, along with most of the web, think those methods are bad and are dangerous in terms of privacy.

What’s this Apple / Facebook privacy issue I’ve heard about? Is it about cookies too?

Well, third-party cookies aren’t the only thing privacy advocates are going after.

Over the past two years, Apple has also taken a strong stance on privacy and how app creators like Facebook track users beyond use of just the Facebook app. In doing so, Apple is rolling out new rules that require apps that use ad tracking technology to allow users the ability to opt-in to ad tracking before installing the app. These new privacy features known as App Tracking Transparency are part of the major privacy update in iOS 14.5. They also change the Identifier for Advertisers (IDFA) – which is a unique, randomized number assigned to each device to track user behavior, app usage, web browsing behavior, and more. iOS 14.5 is expected to be available this week (the week of April 18, 2021).

For Facebook and many others, that means less revenue from advertising with estimates that Facebook could lose as much as 50% of its Audience Network and 10% of its revenue due to these new changes. The hardest hit will be the inability to track view-through conversions – that is when someone views an ad on Facebook, doesn’t interact with it, but makes a purchase later through other channels. The ability to track these assisted conversions will change and could go away entirely.

Facebook's Full-Page Ad in the New York Times in December 2020.

Facebook’s Full-Page Ad in the New York Times in December 2020.

If you’re an eCommerce store, you may have noticed that Facebook now has the ability for users to shop within Facebook. The reason why they added this service – these new privacy rules. By keeping the user on Facebook, they can continue to track their behavior. And this won’t be the end. Facebook has warned advertisers that its ad network could become ineffective on Apple products and has even warned that app developers like Facebook and others may have to turn to subscriptions or even in-app payments to generate revenue to survive while Apple may profit by offering new free services. Other articles I read just today stated that by 2030, it’s possible that app developers and social media platforms may be services that you’ll have to pay for – so no more free apps – because they will no longer be able to support advertisers due to privacy laws.

Facebook was so upset that in December 2020, they placed a full-page ad in the New York Times regarding the changes – claiming that small business advertisers could see a cut of 60% in their sales for every dollar spent.

How does this affect my business?

The next two years will be telling for the marketing space. We have to embrace change as it is the only constant – especially in marketing. Many of the incredibly powerful tools we have today such as geo-fencing and re-targeting may very well be a thing of the past 2 years from now. However, we do know that Google and others are working to introduce new technologies that will allow advertisers and businesses – like yours – to still operate in this new environment. Tools like FLoC – Google’s latest creation from the Privacy Sandbox – could be the newly adopted tool for tracking – however, we’re already seeing platforms – including WordPress which we use – consider banning these new tracking mechanisms.

It’s really the “Wild West” again on the web in terms of privacy hardening and “third-party cookie deprecation,” so what will happen remains to be seen. Our recommendation, as it has always been, is to never build a single-channel marketing strategy. Focusing on using just one marketing channel – whether it be search or social or billboard, banner & tile re-targeting or direct mail – is not the best way to go to market. A comprehensive, integrated marketing strategy that is goal-driven is the best route forward.

If you’re looking for a marketing solution or a partner to help you work through today’s marketplace, give us a call.