Data & Privacy

The rise of digital marketing has evolved side by side with third-party cookies. And now–they're parting ways. 

Evolving privacy concerns are shaping policy decisions across the big tech landscape that will change how marketers handle digital channels. An entire industry is shifting from reliance on cookie-based marketing data to a future that currently feels a bit unclear.

You have options, but if you're asking—now is the time to support an omnichannel cookieless marketing strategy.

In this guide to a cookieless strategy, we'll discuss why third-party cookies are a thing of the past and how performance marketing programs with an omnichannel approach are the path forward.

What is cookie-based marketing?

In the digital world, a cookie is a small piece of code designed to store user data. In 1994, when a Netscape engineer invented the cookie, the goal was to improve the user experience on the web. 

Cookies can track things like:

• Page Visits
• Length of Time on Page
• User Location
• Income 
• Gender
• Interests
• Social Media Likes
• Age

By 1996, developers had figured out how to use cookies to extract valuable data for marketers, and by 1999 the third-party cookie had revolutionized digital marketing capabilities. For the last two decades, the marketing world has revolved around cookie-based marketing, often at the expense of data privacy.

As momentum grows behind data privacy as a human right, fueled by policies like the General Data Protection Rights act passed by the European Union in 2018, Big Tech is feeling the pressure to take third-party cookies out of the equation–leaving marketers no choice but to adapt.

Preparing for a cookieless future

The end of third-party cookies is a significant change for digital and programmatic advertising. Without cookies, marketers must find new ways to gather demographic and psychographic data to build complex customer profiles. 

The ability to track attributions to measure campaign effectiveness or to retarget and redirect traffic effectively will also be diminished. This means that return on investment for ad spend will suffer as conversion rates decline.

The fallout from the depreciation of third-party cookies will force change as the marketing world explores new options to recover lost ground in audience profiling, retargeting, and attribution tracking.

Alternatives to third-party cookies include:

• Cultivate First-Party Data Streams
• Utilize Aggregate First-Party Data Sources 
• Pair Contextual Targeting with First-Party Data
• Watch for New Sources

How big tech is moving us towards cookieless marketing

Once a place of anonymity, the internet has morphed into a world full of tools to track every click and pixel for someone else's benefit. 

It's an invasive practice that grew alongside the internet while effective data privacy policies were slow to adapt. That is–until Big Tech companies like Google, Apple, and Facebook made policy changes that would push us towards a cookieless future.

Apple set a precedent with its iOS 14 updates. For the first time, this tech giant rolled out changes designed to protect its users' privacy. An App Tracking Transparency Framework (ATTP), Wifi MAC address randomization, and Apple App Store permissions and disclosures put iPhone users in control with who they shared their data with.

Google matched suit by developing Google's Privacy Sandbox to foster innovation and facilitate the development of privacy-first marketing solutions in preparation for a cookieless future. This tech-facilitated development project produced several great ideas, including:

• Federated Learning of Cohorts (FLoC)
• TURTLEDOV
• SPARROW
• Dovekey
• PARRROT
• Fledge

Each of these initiatives addresses a different area of concern for digital privacy, providing an alternative that serves as building blocks for future cookieless tech stacks.

The innovation process is experimental. Every new advancement is a learning opportunity to discover what works and what doesn't. Google FLoC (Federated Learning of Cohorts) was the first attempt at a true cookieless alternative. 

FLoC was designed to protect data privacy, but it was quickly discovered that a fundamental design flaw actually made it easier to fingerprint and track users. Google suspended development on FLoC in July 2021, effectively shifting resources to Google Topics API instead.

This proposal utilizes a temporary, browser-based solution that shares topical interests safeguarded with pro-privacy protections. With Google Topics API, advertisers can access the important data they need for audience targeting and retargeting without third-party servers.

Policy moves towards privacy, limiting cookie-based marketing

Policies that protect personal privacy aren't new. As far back as 1789, the US Constitution included amendments addressing these protections. The only thing that has changed since then is how information is collected, stored, and used. 

The digital world is continuously evolving, and along with it, how we apply policy changes. More recent legislative actions like the General Data Protection Regulation (EU) or CCPA (US) are modernized policy updates to protect personal privacy as a human right in the digital age.

In the late 1980s and early 90s, policy moves established a National Do Not Call Registry and the Health & Medical Privacy (HIPAA). When Web 2.0 arrived in the 2000s, many states adopted data breach notification laws. And as recently as 2018, the EU passed a first-of-its-kind privacy act for the digital world, setting a precedent for other global leaders to follow suit.

With each new policy, the rights of individuals gain a little more protection, and the responsibilities of organizations that collect, use, and store personal data become greater. After the GDPR went into effect (2018), most online websites began displaying opt-in notices regarding cookies. 

This was one significant step in bringing personal privacy concerns out of the peripheral and into focus for everyday users. In the US, California was the first state to pass privacy-specific legislation similar to the GDPR, with a few states like Colorado and Virginia following suit. These policy changes designed to give individuals control over how, when, and with whom their information is shared have a naturally limiting effect on the function of cookie-based marketing systems. So, that is to say, every step in the direction of pro-privacy interactions is a step away from cookie-based marketing.

A cookieless marketing strategy for the future

Not all cookies are getting the crunch. Pro-privacy maneuvers are specifically targeting third-party cookies that collect and share unauthorized data. That means it will take a little more effort to collect data–but quality, first-party sources are still out there.

Customer loyalty programs provide a path forward

In a high-effort, high-reward environment, customer loyalty programs shine as a quality-rich data source. This sets the stage for building a cookieless marketing strategy that prioritizes personalization and engagement over blanketed demographic reach. 

With this level of detail, the downfall of third-party cookies is enabling the rise of omnichannel integration. We're moving away from generalized tactics and siloed strategies fed by voluminous third-party data streams. And we're working towards hyper-personalization that caters to a specific, highly-engaged, opt-in audience.

Personalization is great, but efficiency is still important

Without third-party cookies, marketers are apprehensive about finding cost-effective ways to reach their audience. These feelings are valid–the cost of curating first-party data streams can be higher and is often spread across a much smaller audience.

But what if you can grow the lifetime value of a customer to offset the cost? An omnichannel marketing strategy that relies on first-party data fed from a well-designed loyalty program offers a cyclical, self-feeding sales cycle that can extract that value.

What if your customers received a notification reminding them of special offers in your app when they stepped foot in the store? With geo-location data, it's possible. What if your purchase decision process in the store was facilitated by scannable QR codes that helped your customers find the things they really wanted? 

And what if they received an SMS follow-up after leaving the store, giving a time-based second chance offer on something they shopped for but didn't purchase? With an omnichannel strategy, it's all possible.

It's time to rethink the customer journey

The key to a loyalty-driven cookieless strategy is to redefine the customer journey. Instead of focusing on the 'awareness to conversion' journey, the new strategy will focus on the 'conversion to advocacy' journey.

Nurturing your most loyal customers with a seamless experience that transitions easily between digital and physical touchpoints will be the key to success in a post-cookie world.

How Cardlytics can support your cookieless strategy

The end of third-party cookies signals a major shift in how brands market their products and services. This change doesn't necessarily mean the end of targeted campaigns. If you look at the end of cookies as an opportunity, it's a better chance to serve your best customers with highly personalized experiences. 

When you invest more into serving your loyal fanbase, brand affinity grows naturally. Those satisfied, engaged customers are more than happy to share their positive, attention-grabbing experiences across various social platforms to bring you new traffic in a very authentic way.

The first step to building your cookieless strategy is to find a high-quality source of first-party data. With the power of firsthand Purchase Intelligence™ provided directly by banks, Cardlytics provides exactly what brands need to make the switch.

Our platform has been built with a pro-privacy mindset from day one. By partnering with top banks, we can provide access to high-quality first-party data from real consumer purchases, providing valuable insights to share of spend across brands and competitors. Our data is vital to growing a healthy, sustainable loyalty program, providing you with a high-value audience to power your cookieless strategy.

It's official—the cookie is crumbling. Because of consumers' growing demand for privacy, Safari and Firefox have already disabled third-party cookies. And Google Chrome, which represents close to half of the US browser market share, plans to stop using them by the end of 2024.

Epsilon research estimates that about 80% of advertisers depend on third-party cookies, so it's time to find a new way to reach customers and prospects online. One way to do this effectively is through first party data.

Key takeaways:

• Third-party cookie deprecation means marketers must re-focus their targeting and remarketing tactics.
• An alternative is Google Topics, but there's still limitations to contend with
• First party data is valuable as it still touches points tailored to an individual's behaviors

The new cookie landscape

With third-party cookie deprecation looming, first party data will be increasingly important for targeted marketing strategies and campaign measurement. The widespread targeting and retargeting tactics that you may have relied on in the past will no longer be possible. As a result, expect limitations with behavioral and browsing data, making it difficult to personalize ads.

In addition, basic capabilities like A/B testing and frequency capping will be a challenge. Expect analytics and attribution to be much less effective. By leaning into first party data marketing, you'll be able to minimize the impact of a world without third-party cookies.

What marketers will no longer be able to do

Marketers have been relying on third-party cookies for years. Now that they're going away, remarketing across domains and apps will no longer be possible. For example, the products you view on a retail website will no longer follow you to your Instagram feed based on your browsing behavior. As a result, Google announced Topics, a privacy-friendly replacement.

With Topics, as someone browses the internet, Chrome records the categories of websites they visit (like News or Finance). Each week, Chrome determines the five categories the user is most interested in and then randomly adds a sixth to boost user privacy. Chrome then stores these six interests for three weeks. 

Unfortunately, this option only allows you to target consumers based on broad website categories rather than specific content or user actions. So, given those limitations, it remains to be seen exactly how well the industry will receive Topics.

Increased importance of first party data

First party data is information that's collected from customers through direct interactions with them. It includes demographics, purchase history, website activity, mobile app data, and specific behaviors like clicking on an email. A first party data strategy is even more valuable in a world without third-party cookies because it represents your most engaged customer group.

A first party data approach also enables highly granular segmentation to serve your audience with personalized content based on their behavior. In addition, by using a test and learn approach and tying engagement metrics to first party cookies, you can increase the effectiveness of your campaigns over time. 

Ultimately, this translates into increased revenue and cost savings. In fact, one BCG study shows that digital marketers who can deliver relevant experiences at multiple points across the customer journey achieve revenue increases of as much as 20% and cost savings of up to 30%.

First party data to lean into

You can leverage first party data in multiple ways. For example, email marketing continues to be one of the most effective marketing strategies—delivering an ROI of $44 to every $1 spent. Similarly, text messaging is an excellent way to leverage first- party data. As with email, you can run different testing campaigns and optimize accordingly.

Another example is leveraging a customer data platform or CDP. This platform collects, stores, and amalgamates real-time customer data. With this tool, you can gain valuable insights into the consumer journey and identify which factors convert them into customers.

Finally, with first party data, you can make website improvements to provide a personalized experience and create new retargeting strategies based on improved customer knowledge. Whether they're new or returning customers, first-party data marketing gives you the ability to create tailored messaging based on shopping or browsing behavior and engagement with campaigns.

How Cardlytics can help

Gain a competitive advantage with real purchase data - one of the most accurate indicators of shopping behavior. This data can help you understand purchase intent, inform advertising spend and strengthen the customer experience.

Reach out to us today to learn more about how we can help you transform your marketing initiatives.

An omnichannel marketing strategy is a gold standard for effective brand messaging. By leveraging consumer data gleaned from third-party cookies, advertisers can get the right message to the right customer at the right time, regardless of channel or device. It's no wonder brands with robust omnichannel strategies increase average order value by 13% and purchase frequency by 250%. 

The coming cookieless future could threaten that success. Without third-party cookies, advertisers will struggle to track customers across channels and devices, analyze their journeys, and deliver personalized content and offers. 

It's easy to assume that cookie deprecation means the death of omnichannel marketing, but that's definitely not the case. If you have the right data, omnichannel marketing still holds the key to success.

Key takeaways:

• Consistency in branding and messaging across every channel is among the key elements an omnichannel marketing strategy prioritizes. 
• We can expect the deprecation of third party cookies from Google Chrome in 2024.
• First-party data in omnichannel marketing takes personalization to the next level, increasing a customer's lifetime value.

What is Omnichannel Marketing?

Omnichannel marketing seamlessly blends messaging and branding as customers move through online and offline touchpoints along the path to purchase. It puts consumers in the driver's seat, allowing them to choose how, when, and where to engage with your brand. 

An omnichannel marketing strategy prioritizes the customer experience through the effective use of a few key elements:

• Consistency in branding and messaging across every channel
• Personalized messaging and offers relevant to consumers interests and behaviors
• Content shaped by past interactions and the stage of the customer journey

A well-planned omnichannel strategy lets you target customers at the right time with on-brand offers that increase your chance of a conversion.

Omnichannel versus multichannel: What's the difference?

Omnichannel and multichannel share similarities, but the differences are significant. Multichannel marketing gives consumers multiple options to engage with your brand, but the channels aren't seamlessly connected. The experience is optimized for each separate channel. 

On the other hand, omnichannel marketing recognizes that the customer journey spans multiple channels and seeks to create a consistent, personalized experience as the customer moves between them.

The Coming “Cookie-geddon”

Although Google's cookie deprecation timeline has changed a bit since they first announced the phaseout in 2020, the final demise of the third-party cookie is slated for 2024. The news didn't come as a surprise to anyone paying attention to the growing concerns of privacy advocates. 

Third-party cookies collect an enormous amount of personal data, usually without the individual's explicit consent. Data breaches and privacy violations caught the attention of legislators around the globe, resulting in the EU's GDPR and "cookie law." In the US, individual states passed their own versions of the cookie law in an attempt to promote transparency in data collection practices. 

A few tech CEOs also took a stand for privacy. Apple and Mozilla were among the first to give users the ability to block third-party tracking as early as 2012, with both companies disabling third-party cookies entirely by 2020. Google, the browser behemoth representing over 60% of Internet traffic, was the only holdout. But by 2020, it too announced it would end third-party cookies, albeit on its own, slightly elongated timeline. 

Now “Cookie-geddon” is almost upon us, and marketers are scrambling for solutions to replace the data cookies provided.

What Does This Mean for Brands?

Marketers have become addicted to the easy flow of third-party cookie data driving programmatic and digital advertising. It enabled personalization, targeting, and attribution to justify spend. But third-party cookies have their share of drawbacks:

• There's no transparency. The slightly underhanded way data is collected destroys the sense of trust between consumers and brands. Omnichannel marketing is a two-way street; consumers are willing to trust brands with their data in exchange for a more personalized experience as long as they feel confident their data is secure and only shared with consent.
• They're not people-based. Cookies are connected to devices, not people, so there's a lot of waste and duplicate impressions.
• They're not persistent. Cookies don't last forever, and the user can always delete them.

Third-party data made it easy for brands to acquire new customers, lose them to churn, and reacquire them with aggressive retargeting. What it didn't do is help them build the trust and loyalty that drives long-term profits. Customer retention has always been key to profitability; invesp, a conversion rate optimization consultancy, showed that increasing retention by just 5% led to a 25% increase in profits.

On the other hand, first-party data from past brand interactions and logged-in states give marketers the information they need to genuinely understand their customers and create highly relevant experiences throughout the customer lifecycle. 

Leveraging first-party data in omnichannel marketing levels up the personalization and relevancy of the content you serve your customers. Where retention spreads customer lifetime value over a longer timeframe, personalization increases the absolute lifetime value of the customer. Boston Consulting Group found that marketers who could deliver relevant experiences at multiple touchpoints decreased costs by 30% and increased revenue by 20%.

The Cardlytics Advantage

Cardlytics is uniquely positioned to help brands deliver relevant and personalized experiences via cash back offers served through the consumers trusted digital banking channels. Using first-party data obtained from one in two card swipes in the US, we can provide a whole-wallet view with insights into the cross-channel purchase behavior and preferences of your customers. 

Get in touch today to find out how Cardlytics can help you reach your customers with personalized offers in a brand-safe channel to help drive customer loyalty, retention, and revenue.

Most people don’t know the name Lou Montulli but he’s indirectly responsible for one of the biggest invasions of privacy of the modern era. In 1994, Montulli was a 23-year-old founding engineer at Netscape with a number of Internet innovations to his credit, including web browsers, HTTP proxying, and the infamous tracking cookie. 

Montulli never imagined the privacy issues that would arise from the cookie. The Netscape founders were extremely privacy-focused, as were most early Internet pioneers. When Montulli created the cookie to help a single website remember a particular user from visit to visit, he believed the small text file it contained would not allow users to be tracked. 

As history shows, that was definitely not the case. In record time, ad tech companies figured out how to hack the cookies and track users from site to site as they browsed the Internet. 

Nearly 30 years later, ad tech has become increasingly stealthy and sophisticated in its ability to collect consumers’ most intimate personal information, often without their explicit consent. But the war between privacy advocates and the $120 billion digital advertising industry may be at an end. With Google’s latest timeline for privacy milestones, third-party cookies will disappear completely in 2023. The privacy advocates prevailed and the era of cookieless advertising has arrived. 

The switch to consent-based data collection represents a significant change for consumers and advertisers alike. Although Google continues to work on third-party cookie alternatives, no viable replacement is on the immediate horizon. Given the profound implications of a cookieless future, it’s worth looking at how we got here.

How the cookie became so important

In the early days of the Internet, websites had a memory problem. They lacked a mechanism to recognize a returning user. It was a disaster from a user-experience perspective. Many of the features people take for granted today—shopping carts that remember our selections, websites that remember our login credentials and site preferences—couldn’t exist without Montulli’s cookie invention. 

When advertisers figured out how to exploit cookies for revenue, the problem was more nuanced than it first appeared. At the time, advertising was the only source of revenue for most websites. Robust ecommerce was years in the future. So advertising was the only way to monetize websites and essentially keep the whole Internet in business. 

The underlying exchange—free content for a limited amount of advertising—was nothing new. Radio and TV operated on a similar system. The problem was the extensive data collection and privacy implications, as you can see from the following timeline of events. 

The reign of the third-party cookie

Once Google bought DoubleClick, the Internet became the wild, wild west for third-party cookies. Without regulatory oversight, ad tech companies became ever more aggressive in their data collection tactics. They went beyond online behavior and location to personal information like age, gender, income, health status, and even, in some highly unethical cases, keystrokes. 

The concept of Internet privacy was dying on the vine. Despite the 2002 ePrivacy Directive requiring websites to inform users about data collection activities and allow them to opt out, many sites did not allow users to block cookies. The objective for ad tech was to collect and monetize as much detailed personal information as possible. 

The tracking frenzy finally caught the attention of the Federal Trade Commission (FTC) and the European Union (EU). In 2012, the FTC slapped a record-breaking $22.5 million penalty on Google for misrepresenting their tracking activities on Apple’s Safari browser. The EU passed Directive 2109, also known as the Cookie Law, which led to the ubiquitous cookie consent popups on websites. 

Big Tech also stepped up to give consumers more control over their data. Both Apple and Mozilla enabled third-party ad blocking on their browsers, and later, disabled third-party cookies altogether. Google Chrome, the leading browser, was the only holdout. 

In 2008, Cardlytics launched its native ad platform. Cardlytics was a new solution to the privacy needs of the moment. Because it operated within the digital channels of major financial institutions and used first-party purchase data obtained with consent, it offered advertisers an ethical approach to targeted campaigns. 

Internet privacy hits mainstream

Whether due to the flurry of legislation or the collective shock of the Cambridge Analytica scandal, in 2019, Big Tech finally stepped up to protect consumer privacy. Apple and Mozilla took the lead, giving users maximum control over cookies in their browsers. Apple’s Intelligent Tracking Prevention not only disabled third-party cookies, but it also gave users control over their first-party cookies for the first time. 

Google was the last to the privacy party but it, too, is phasing out support for third-party cookies in 2023.

What’s coming in 2022 and beyond?

There’s a lot of apocalyptic messaging about the future of cookieless advertising. The Interactive Advertising Bureau projects that cookieless advertising will cost publishers $10 billion in revenue while Google estimates they’ll lose 50% to 70% of their ad revenue. 

The developers at the Privacy Sandbox, Google’s initiative to replace third-party cookies with privacy-conscious alternatives, are working on a set of API solutions. Although Google’s Federated Learning of Cohorts (FLoC) was paused, other options are still on offer. Turtledove, for example, is designed to enable granular retargeting on an individual level. SPARROW will allow advertisers to create lookalike campaigns built around interests. FLEDGE will help them target specific user cohorts. 

All of these are still in development, however, so their features and future functionality are uncertain.
The bad news is that 75% of marketers believe cookie deprecation will negatively impact their business, and nearly 80% haven’t tested an alternative solution. The good news is that organizations still have more than a year to develop and implement a plan before Google pulls the plug on third-party cookies in late 2023.

The future of cookieless advertising is in flux. Cardlytics offers a proven solution for precision targeting that doesn’t rely on third-party cookies. Get in touch to learn more.

Google may have delayed the ultimate death of the cookie, but that doesn’t mean marketers can breathe easy. Brands have relied on third-party cookies for behavioral targeting and remarketing campaigns for decades. Change won’t come easy. 

There’s no plug-and-play replacement for third-party data on the horizon. Even though Google is putting the final nail in the cookie coffin, Apple and Firefox banished their use years ago. The heightened awareness around ethical data collection and privacy concerns means brands will need new ways to segment and activate their audience. 

That’s where loyalty programs come in. Strong brand loyalty programs are built on first-party customer insights, and present a wealth of opportunity to grow your data assets for targeted campaigns. If a loyalty program isn’t part of your marketing strategy today, read on to find out why it should be. 

The brave, new cookieless world

There’s no avoiding the fact that cookie deprecation will have a major impact on the way brands implement and manage marketing campaigns. Third-party cookies were the gateway to targeting consumers—observing the websites they visited, the products they bought, and even their interests and affiliations. 

They also enabled accurate campaign measurement and attribution. Brands could track conversions to a particular ad and have deep visibility into ROAS. Cookie deprecation puts an end to reliable multi-touch attribution models.

With the fall of reliable multi-touch attribution, marketers need a way to make sure they have accurate, repeatable, and affordable ways to measure the incremental impact and return of ad spend on each channel.  

Brand loyalty programs can be a treasure trove of insights

While consumers view unauthorized third-party data collection with disdain, they are typically willing to volunteer personal data for something of value. A recent YouGov poll showed that 88% of US adults would happily share personal information with brands if they received discounts, free products, or rewards in return. 

That makes brand loyalty programs the perfect vehicle to collect meaningful, and accurate, customer insights at scale as part of a value exchange. Because loyalty programs are designed to cultivate repeat customers, the insights they generate can be used to enhance personalization efforts and build a better customer experience. 

Of course, the pivot toward loyalty programs as a way to replace third-party data requires some agility in marketing tactics. The ‘awareness to conversion’ journey must be replaced by a ‘conversion to advocacy’ journey to maximize the program’s value. While a brand’s most loyal customers make up just 20 percent of its audience, they typically generate up to 80 percent of its revenue. 

Brands can use a rewards program to build a loyalty bridge that turns their best customers into advocates. A properly designed and executed loyalty program is a powerful owned-media channel that builds engagement, grows market share, and drives sales. 

Accelerating brand loyalty programs with Cardlytics 

Most brands have a good grasp of who their customers are when they’re making a purchase with them, but they lose visibility once the transaction is complete. Brands have no idea, for example, what share they’re getting of a particular customer’s category spend or just how loyal their ‘loyal’ customers really are. Without that insight, they run the risk of spending money where there is no headroom.

Because Cardlytics partners with top financial institutions, we have a “whole wallet” view of consumers, with insights into how, when, and where  they spend both in and out of the store. Armed with this first-party data, brands can deliver targeted offers to their most loyal customers, increasing their lifetime value. They can also re-engage lapsed customers with compelling offers designed to turn them into loyal fans, thus expanding market share.

It’s a win-win for brands and customers. Brands have more efficient use of ad spend with the same or better visibility into performance as third-party cookie campaigns. Customers get reward offers that make them feel valued, increasing their loyalty as a result. 

Brands with loyalty programs are a giant leap ahead when it comes to a cookieless future. That’s because responsibly managed first-party data will become the only path for brands to grow their audience, market share, and sales once the cookie crumbles.

Get in touch to learn more about how partnering with Cardlytics can turbocharge your loyalty efforts and increase sales. 

Google’s 2020 announcement that it would ban the use of third-party cookies in 2022 made big waves for both consumers and digital marketers. Cookie privacy isn’t a new concern—Apple’s Safari and Mozilla’s Firefox browsers have been blocking cookies for almost a decade. But the news that Google planned to follow suit rocked the industry. 

That’s because Google Chrome is by far the most popular browser, accounting for over 63 percent of all global web traffic. Apple’s 20 percent and Mozilla’s 4 percent pale in comparison to Google’s tracking power. It’s no wonder that the latest move by Google has been hailed as the death of the third-party cookie. 

Google’s capitulation suggests that the cookie battle may finally be over and that privacy advocates are the de facto winners. But that means big changes for advertisers. What does that future look like? And how do privacy-safe solutions like Cardlytics’ “whole wallet” view provide the same impact for marketers without sacrificing consumer privacy?

What are third-party cookies?

Cookies are a bit of JavaScript embedded in a website that stores data about a particular browsing session. Cookies come in two main flavors, first-party and third-party. 

First-party cookies are created by the host domain (think GoDaddy, Hostgator and WPEngine) to help create a better experience for the user. They store data like website preferences, usernames, passwords, and shopping cart contents. First-party cookies are generally considered ‘good’ cookies and don’t draw the ire of privacy advocates.

Third-party cookies, on the other hand, are not created by the website a user is visiting, but by other entities such as marketers, advertisers, and social media platforms. Cookies can be placed on multiple sites allowing the tracking entity to create a holistic picture of a user’s activity on the web.

What do third-party cookies do?

Third-party cookies collect an impressive amount of information about users. Cookies track information about search requests, page visits, time on page, purchase decisions, even social media ‘likes.’ 

But that’s just the beginning. Cookies can also help advertisers pool data such as age, gender, occupation, income, location, payment types, and interests to create highly detailed user profiles. 

This type of tracking can be incredibly intrusive because most users feel that they haven’t given advertisers explicit permission to collect so much personal data. 

Privacy concerns with third-party cookies

Cookies aren’t inherently bad and, in fact, about 95 percent of all websites use cookies for relatively harmless purposes that ensure a returning visitor has a seamless experience. 

The problem is that ad networks track and store incredible amounts of information, including personally identifiable information. Because they place cookies on a massive variety of sites, they may have access to sensitive information such as medical history, sexual orientation and gender identity, and even political affiliation. Even more troubling is that this information is likely linked to the user’s real name.

Privacy as a human right

Third-party cookie tracking is ubiquitous and all-encompassing; it’s become a central pillar of modern digital advertising. The privacy implications are obvious and enormous. In just the past 10 years, massive data breaches have exposed billions of users’ private information, much of it collected and stored through the use of cookies, often without the user’s knowledge or explicit permission. 

Few privacy violations rocked the collective conscience like the Cambridge Analytica Facebook scandal. Prior to the 2016 elections, political consulting firm Cambridge Analytica harvested vast swathes of Facebook user data and used it on behalf of political campaigns to help shape voting behavior. 

While most Facebook users were peripherally aware that the social media company collected personal data, few had any inkling of the scope and detailed nature of the information Facebook stored. Even worse, they had no idea that using certain apps on the platform gave the app developer access to the personal data of all their Facebook friends. 

For many, the Cambridge Analytica scandal was a watershed moment that galvanized privacy advocates and brought privacy as a human right to the forefront. As a result, consumers are becoming more savvy about cookie tracking and the information they are willing to share.

Tech steps up

Regulators and legislators have been trying to tame the third-party cookie beast since the dawn of the 21st century. The EU passed a series of e-privacy directives under the General Data Protection Regulation (GDPR), including the ‘cookie law.’ Several states in the US passed similar privacy protection laws, including the California Consumer Privacy Act (CCPA). These measures are designed to bring more transparency to third-party data collection and cookie-based privacy issues.

A few forward-thinking tech CEOs championed the cause of cookie privacy, taking the lead in giving consumers control over their data. Apple CEO Tim Cook was among the first to give Safari users the ability to block third-party tracking in 2012. Apple remains at the forefront of privacy. Its latest iOS 14.5 rollout includes features that provide deep transparency into the type of tracking that takes place on consumers’ devices and the ability to opt out at the site and app level. 

Apple has forced other major tech companies to change their approach to cookie privacy. Facebook launched a very public PR war against Apple, claiming Apple’s privacy protections will harm businesses that rely on cookie-based advertising. The spat underscores the fundamental tug-of-war between profit and privacy; iOS 14 threatens the $86 billion in targeted ad revenue Facebook generates each year.

Google’s upcoming cookie phase-out is also likely at least partly due to Apple’s privacy protection rollout. Whatever the impetus behind the change, however, Google’s new cookie policy represents a sea change for marketers who’ve relied for years on cookie-based targeting.

The coming cookieless future

Ready or not, the death of third-party cookies is imminent. While marketers should be prepared for some disruption, a cookieless future presents an opportunity for brands to be on the forefront of more transparent, privacy-friendly solutions that win consumers’ trust.

Cardlytics has always been ahead of the cookie privacy debate. Our platform uses relevant, first-party insights obtained from one in every two credit card swipes and combines it with powerful Purchase Intelligence built on real transactions from real banking customers.

A cookieless future doesn’t have to mean an end to targeted campaigns. Cardlytics helps you reach the right audience with the right offer without compromising privacy.