In less than two years, many publishers, advertisers, data vendors, and technology platforms will need to reevaluate and retool their approaches to cookies as it relates to data collection, audience targeting, measurement, and attribution analysis.
Any change comes with questions and lots of them. To better understand what actually happens when the browsers cut off third-party cookies, we sat down with MetaRouter’s Head of Product, Greg Brunk.
Q: Before we dig into the report, let’s start with an explanation of what MetaRouter does.
Greg Brunk, Head of Product: MetaRouter is customer data routing infrastructure built for companies who care about scalability, flexibility, and compliance, but still want to get the most out of third-party marketing, advertising, and analytics tools. By replacing browser tags and in-app tracking libraries with a MetaRouter deployment inside your private cloud, companies can keep all their raw streaming data private and secure until they specify exactly how they want it to go out. This highly simplifies compliance with regulations like GDPR, CCPA, and HIPPA. Particularly if your customer data includes personally identifiable information (PII) or protected health information (PHI), our flexible and transparent event mapping system is great for enterprises who want to hyper finetune the data they send server-side to third parties and achieve complete in-house data governance.
A major bonus of streamlining data collection through our platform is a massive decrease in latency due to fewer tags (~750ms for every three integrations moved server-side) and an increase in data accuracy across partners (from an average 30 percent to less than 2 percent variability).
Q: Can you explain what is happening to the third-pary cookie?
GB: In an effort to promote data privacy, since most people didn’t realize they were being tracked by third parties, major browsers (Safari, Firefox, and now Chrome) are beginning to significantly limit both the persistence and utilization of third-party cookies. Government regulation is taking the approach of forcing user permission in the exchange of their data and information.
More specifically, one area that is getting limited by these regulations and browser changes is the ability for tags and libraries to set third-party cookies directly from your site. So, a Facebook tag running on your website would not be able to set a third-party cookie–in the future, it will only be able to do that when the user is on facebook.com.
This actually doesn’t hurt Facebook too much, since the majority of the online world actually visits facebook.com somewhat regularly, but most third-party cookies are actually placed by companies you’ve never heard of—like LiveRamp, Trade Desk, or AppNexus. Think of these as “middle-men” who are in the business of helping companies understand what other websites their users visit and learn about their interests so they can advertise and target more effectively, and of course, advertise to them on other sites. Those companies live and die by setting third-party cookies on a user’s browser and collecting information on millions of websites all over the internet. When that ability gets severed, the whole connecting “paper-trail” for that user disappears.
That’s why companies like Facebook, Google and Amazon aren’t worried—they can still collect any info they need from users and easily advertise all within their own domain without much restriction.
GB: The obvious benefit is that cookies are the common language that everyone across the whole advertising ecosystem speaks in order to get on the same page about who the user is, choosing the right ads for them, and knowing how to understand when a conversion happens.
And the infrastructure used to store this “common-language” is the user’s browser–a completely free resource to advertisers, marketers, and the third-party tools alike. The problem is that users don’t like being used as a free resource, especially when it involves sharing a lot of proprietary information with a world of third parties they don’t know or understand.
Q: It seems like the collective move to phase out third-party cookies is prompted by privacy concerns, especially with the passage of CCPA. Do you think that is part of the motivation?
GB: Definitely… sometimes. The general public wasn’t aware of a lot of what was happening behind the scenes with this advertising and tracking world, and regulation and privacy controls have gained traction as more information and visibility has been brought to the common user by customer privacy advocates and initiatives.
Others began following suit as governments started shipping regulations like GDPR and CCPA to give privacy control back to consumers. As we discover the depth of personal data that companies like Facebook collect and use without many jurisdictions, there is growing public unease.
So companies like Apple found that it was good for their users (and boosted their brand appeal) to allow more control over the information that is being shared via their OS and browser (Safari). There’s also definitely a reasonable concern that other companies who aren’t as affected by these regulations (some of whom were mentioned earlier) are certainly incentivized to gain a competitive edge in the ad space by seeing the third-party cookie die.
Q: From what I’ve gathered, each web browser has a slightly different stance on how they are approaching third-party cookies. Is that going to make things more challenging?
Q: Yes, but nothing that can’t be managed with the right technology. There will be a natural cause and effect that cycles a few times. Browsers will get more strict, campaign efficacy and ROI will drop, and the global advertising technology ecosystem will be forced to innovate and adapt with new technologies that move away from cookie-reliance.
New ideas are emerging: global ID solutions, fingerprinting, archetypal attribution, Google’s Privacy Sandbox, etc. Some good, some worse than the current system. As a business, the key is taking ownership of your data and integration ecosystem so you can adapt and adopt any or all of these solutions as they gain traction. Third parties, their tags, and the browsers they run on will all adjust at their own pace–and you don’t want to be beholden to their schedule– especially with increasing regulation and government oversight.
Q: Do you think there are going to be any unforeseen consequences with the phase-out of third-party cookies?
GB: Yes. Probably an incalculable number. Every industry, enterprise, and cog in the global advertising machine has varying degrees of dependency on cookies and alternatives available to them. So it’s really case-by-case, but I think advertisers should expect to see a series of drop-offs in ROI from their advertising partners and their tags over the coming years.
The key is to try and get ahead of it. Consolidate your portfolio of partners, and control the compliance, identity, and integration components to the degree that you can. MetaRouter is a great tool for that.
Q: From your perspective, what does the phase-out of third-party cookies do for the independent advertising channels, as in not part of the oligopoly of Facebook, Google, Twitter, and Amazon?
GB: I am not sure it will “do” much for them, other than supply motivation. Dealing directly in identities and PII in such a public way, like it has been done in the past, is a lowest-common-denominator solution. It was easy and unregulated, so it was preferred. But it came at the cost of page performance and user experience, and certainly at the cost of user privacy in a lot of cases.
There are emerging solutions that could maintain advertising relevance and effectiveness without such an insecure and unregulated identity exchange via cookies. Global, anonymous ID initiatives are a great step, but there’s so much more that can be done! I think those hoping to compete with the Facebooks, Googles, and Amazons of the world will need to be making strong, strategic investments in these solutions, and fast. All things being equal, those major players will shift the controls in favor of their walled gardens, and the only way to stay competitive is to find the right technical solutions that balance both efficacy and privacy. Time to innovate!