It’s time to say farewell to the third-party cookie. In about 24 months Google will join Microsoft, Apple, and Mozilla in officially declaring the long-time tracking and measurement tool dead, a casualty of privacy initiatives.
Marketing opinions on the cookie vary widely. Yet it will be sorely missed for measurement, tracking, modeling, targeting, and a variety of other activities. Third-party replacement IDs, first-party IDs, and other replacement solutions pale in comparison.
What’s your post-cookie Plan B? Few marketers and brands can afford to fly blind once Google pulls the final plug. This article offers a working action plan to help you:
- Implement a strategy based on first-party data that extends your reach well beyond your customer database
- Identify adtech partners that offer long-term cookie replacement fixes that are privacy compliant
- Test promising new alternatives in a cookie-supported environment before time runs out
Table of Contents
- Content Summary
- Reflecting on the multifunctional but imperfect tool
- How the consumer-first evolution is changing the game
- The adtech solutions fighting to solve post-cookie challenges
- How the walled gardens fall short
- It’s time to prioritize a first-party data strategy
- Seek martech-agnostic partners for guidance and testing
- Appendix
Content Summary
Reflecting on the multifunctional but imperfect tool
How the consumer-first evolution is changing the game
The adtech solutions fighting to solve post-cookie challenges
How the walled gardens fall short
It’s time to prioritize a first-party data strategy
Seek martech-agnostic partners for guidance and testing
Appendix
When Mike Weissberg first logged in to his email account at the LEGO® Group in August, the new senior programmatic manager had a surprise: There were already three messages from different martech providers hoping to hear back from him.
It was a shock, but not a big one: With Google’s plans to stop supporting the third-party cookie in late 2023, solutions are jockeying to replace the identifier’s capabilities. There’s no time to waste for vendors seeking traction.
Many marketers, however, don’t feel that same urgency. Two years may seem like a long way off. Why should they worry now about how they’ll reach audiences on the open web and gauge the success of campaigns once the cookie goes away?
Fortunately for the eager salespeople — and the LEGO® Group — Weissberg sees it differently. He is continually on the lookout for privacy-safe solutions that will allow him to target accurately in the cookieless future.
“Will Google push things back? Maybe, but if suddenly a significant portion of your audience is inaccessible to you, then why would you take that risk?” Weissberg said. “It’s not even a canary in a coal mine anymore. This is it. You have a deadline. The oxygen is running out. You have this much time left to get yourself into place.”
This article, which includes an overview of the solution landscape and practical tips, aims to help marketers better understand and succeed on that journey.
Reflecting on the multifunctional but imperfect tool
The extinction of the third-party cookie, a foundational component of digital advertising, will undoubtedly be a huge disruption to the ecosystem. Eightytwo percent of industry players say identifying users is very important for their business, according to ID5’s The State of Digital Identity Report-2021.
Many marketers base their core measurement infrastructure on the thirdparty cookie. Brands also rely on it for tasks like:
- TARGETING
- RETARGETING
- MEDIA MODELING
- POST-CLICK AND POST-VIEW TRACKING AND ATTRIBUTION
- FREQUENCY CAPPING
- A/B TESTING
- DYNAMIC CREATIVE OPTIMIZATION FOR PERSONALIZATION
Yet third-party cookies have never been ideal for digital advertising. They identify devices rather than individuals and lack cross-device and cross-browser reconciliation. Since internet users have different cookies for every browser and device they use to access a site — and because they can be deleted at will by users — cookies can throw off reach and frequency calculations.
In addition, platforms don’t always recognize one another’s cookies, so cookie syncing often results in leaks. This makes it hard for buyers to find all the users they care about. Cookie syncing also degrades the user experience by slowing web page downloads.
There are more deficiencies: With a half-life of a mere 7 to 30 days, according to IAB Europe, an individual third-party cookie can’t be trusted for long. These digital identifiers also don’t work in apps, and as Weissberg has learned firsthand, cookies have led to waste and a large amount of nonhuman traffic.
How the consumer-first evolution is changing the game
What is ultimately dooming the third-party cookie, however, is privacy concerns. (Ironically, the cookie wasn’t initially intended for advertising and was actually designed to protect privacy.)
Consumers have become more aware and concerned about being tracked online and having their personal data shared across the ecosystem. PwC found that 46% of respondents said they became more data-conscious between October 2020 and March 2021. In addition, a 2021 Blockthrough report found that 56% of surveyed US internet users rated their online privacy as “extremely important,” and 31% said it was “somewhat important.”
Data-privacy concerns prompted the European Union to pass the General Data Protection Regulation (GDPR), and lawmakers elsewhere have instituted their own privacy laws, including in California, Virginia and Colorado.
Digital advertisers, meanwhile, lost another way to use data to target specific users when Apple introduced AppTrackingTransparency in its iOS 14.5 release. App developers must now receive permission from users to track their activity across other companies’ apps and websites. The change has left the ad industry searching for new signals that can be used for measurement.
As for the third-party cookie, Mozilla Firefox, Apple Safari and Microsoft Edge have already largely phased out support. Google is the last major holdout, and with Chrome owning a nearly 70% share of the global desktop browser market, it’s an influential one.
So what does the future of addressability look like? Not even the most informed players in the ecosystem know for sure. A big open question pertains to measurement. “There’s a lot of unknowns right now about which solutions will be used and how effective they’ll be as well as what kind of granularity the advertising side will accept,” said Isaac Schechtman, IPONWEB’s Vice President, Head of Product and Solution Engineering — AdTech. Will measuring at a household level, versus one-to-one, be good enough?
A few predictions about the post-cookie landscape are gaining consensus, however. First, no one solution or even single bundle of solutions will ultimately replace the cookie. Also, brands will need to be more careful guardians of customer data. “I think the days of the data free-for-all are coming to an end,” said Paul Bannister, chief strategy officer at CafeMedia, which manages digital advertising sales and operations for more than 3,000 publishers.
Today, there are largely four categories of alternatives vying to stand out in the industry and to be included in an individual brand’s campaign mix:
ALTERNATIVE IDS
Also known as universal IDS. These solutions, which dozens of players are creating, can identify users on the open web in a way that complies with privacy regulations and can last longer than today’s cookie. Variations use different means, but many identifiers are based on deterministic data such as anonymized personally identifiable information (PII) that a user provides (the popular Unified ID 2.0 assigns IDs based on hashed email addresses) or probabilistic data modeling of a number of user touchpoints to approximate identity (such as identifiers provided by ID5 and Lotame). (See Diagram 1 in appendix.)
BROWSER SOLUTIONS
There are about a dozen active browser proposals that the industry references as the “avian” or “bird” solutions. Proposed cross-browser solutions include Microsoft’s PARAKEET (Private and Anonymized Requests for Ads that Keep Efficacy and Enhance Transparency) and Criteo’s SPARROW (Secure Private Advertising Remotely Run On Webserver).
Google, meanwhile, has the Privacy Sandbox for Chrome. It consists of a set of solutions in various levels of development that individually address a functionality of the third-party cookie, including audience segmentation, retargeting, measurement and incrementality.
The internet giant says that the components will ensure consumer privacy and protection and that marketers can deliver relevant advertising without using individual identifiers. For example, its audience-segmentation tool for ad targeting, Federated Learning of Cohorts (FLoC), uses machine learning algorithms to bucket users into cohorts based on common interests derived from browsing habits, such as soccer moms with kids in elementary school. Individual-level data isn’t passed along to ad exchanges.
FLoC remains a work in progress. Amazon is reportedly already blocking FLoC from gathering data on its site to build cohorts. Edge, Safari and Firefox have said they don’t have immediate plans to adopt it. Google has paused FLoC’s testing, and the company could be mulling a change to a topic-based approach.
FIRST-PARTY ID
These use first-party cookies, which collect analytics about customers who visit a brand’s own online properties and improve the user experience. Publishers can make their desired first-party audiences available to buyers through the open auction or through more exclusive programmatic means like invitation-only private marketplaces (PMP) or one-to-one programmatic guaranteed deals.
While publishers can individually build their own site-level IDs, achieving scale can be difficult. That’s why many publishers and brands are banding together to create a common ID on which they can each transact. (See Diagram 2 in appendix.)
CONTEXTUAL ADVERTISING
This sideline player is getting renewed attention because marketers see value in serving ads that are likely to be well-received when someone is in a certain mindset — such as promoting hiking boots to people reading about adventure travel. Some companies are even proposing unique crossovers between contextual and ID.
How the walled gardens fall short
All these solutions are a lot to take in. It doesn’t help that much of what marketers hear about them is highly technical, nuanced, layered and full of lingo. Some much-discussed alternatives remain stuck in the conceptual phase. It’s not even clear which platforms will extend support for which solutions.
Some marketers will try to solve their addressability challenges by turning to the closed-loop ecosystems of Facebook, Amazon and Google. Sending ad dollars to these entities puts ad-supported independent publishers at risk, however, and it builds an unhealthy reliance on platforms that limit control, transparency and outside validation about campaign effectiveness. In addition, many audiences don’t spend time on these platforms.
“You’ve still got to find the right people in the right place at the right time, and you want to be able to reach people wherever they are,” Weissberg said. “You need to have access to as many different places to publish as you possibly can.”
It’s time to prioritize a first-party data strategy
To prepare for the cookieless world, brands should collect first-party data, including purchase data, behavioral data and PII such as email addresses and phone numbers. This can be tricky, especially for brands like the LEGO® Group that appeal to kids and must be extremely careful about data collection. Still, Weissberg sees the upside of the industry’s fresh privacy focus. “Needing to rely on more reliable, accurate data is going to be good for myself and everybody else in the long run,” he said.
Brands will need to activate their first-party data through identity providers as well as via direct data sharing with not only relevant retailers but also publishers. “Now has to be that accelerator moment where publishers and brands really do need to work together in a world where first-party data is the most powerful thing by far,” Bannister said. “You’ve got to figure out who you can partner with to extend your reach beyond your own walls.”
Brands and publishers can collaborate in many ways in the future. They could use data clean rooms to anonymously match customer datasets for ad targeting, for example, and to discover fresh data points about visitors. “There are a lot of interesting things you can do with identity around not just campaign execution but also around insights,” said Bannister, who’s also a board member of the IAB Tech Lab and is involved in the World Wide Web Consortium (W3C).
Seek martech-agnostic partners for guidance and testing
Trusted partners can help marketers discover cookie alternatives that generate the same level of performance-targeting capabilities, delivery levels and measurement they achieve today.
Team members designated to own a brand’s identity strategy need to choose their guides wisely. Some technology partners will address only the slice of the problem that is relevant to them. Google, for instance, will only solve the issues that operate within its privacy frameworks. Companies that offer unified identity will be biased toward that approach. Marketers should be wary about becoming too reliant on a technology that can change down the road — such as, of course, the third-party cookie.
It’s important to interrogate potential adtech partners about whether their cookie alternatives are oriented for the long term or are a short-term fix, if the partners will provide status updates on their plans, and who benefits most from their initiatives.
Ideally, adtech partners should take a holistic approach to replacing the capabilities of the cookie while trading in a privacy-compliant way.
They should offer an experimentation playground to test a combination of solutions with real media spend against the current cookie-based methodology. Some components may work better for frequency capping, for example, while others will produce better outcomes for performance plays.
“The ability to get learnings from other solutions while the cookie still exists is going to be essential for being prepared for the future,” said IPONWEB’s Schechtman. “This extra time buys you a lovely, perfect testing scenario without needing to do additional work in terms of development, setup or integration. You can use the existing cookie footprint that you know to run these types of tests.”
All this is hard. Weissberg conceded that the loss of the cookie would create hurdles and headaches. Still, prioritizing identity on the road map and finding the right mix of effective tools are good investments of resources. “People who don’t plan ahead,” Bannister warned, “are going to end up spending a lot of money on solutions that don’t work for them.”
Appendix
Diagram 1: Alternate ID Workflow
HOW IS A UID GENERATED AND ACTIVATED ON?
- ID Service (IDS) provides the ID creation and encoding services
- Both the publisher and the Advertiser convert their consumer emails into a “UID” using the service
- For pub, user authenticates with an email via the IDS’ sign on service and email is coded into a UID.
- For advertiser, they provide emails which IDS codes into UIDs and get added to DSP for targeting.
- A publisher will pass the UID in a bid request through their SSP to the DSP.
- Depending on the IDS, decoded is initiated by either SSP in a bid request or DSP when request is received when applicable.
- The DSP will respond to the bid request if the campaign targets ID received
Diagram 2: 1st Party ID Workflow for a publisher/publisher coalition