Third-Party Cookies: Understanding Their Decline

Reading time 5 min.

Cookies have been a central part of the internet user experience, but the role of third-party cookies is changing as current legislation and attitudes towards privacy evolve. In this article, I will explain what third-party cookies are and discuss why their use is decreasing.

Additionally, I will examine how the General Data Protection Regulation (GDPR) of the European Union and other similar legislations affect these cookies and what methods companies can use to collect data potentially in the absence of third-party cookies. This provides a comprehensive picture of the current situation and how businesses should adapt to the changing digital landscape.

What are third-party cookies?

Cookies are small text files that websites can use to store information in a user's browser. Third-party cookies differ from first-party cookies in that they are created and managed by external companies, not directly by the website owner.

These cookies help companies improve user experience and target marketing more effectively, but they also raise concerns about privacy and data security.

Third-party cookies are typically used for the following purposes:

  • Targeted advertising: Third-party cookies enable the tracking of user activity across different sites. This information helps advertisers show targeted ads based on users' previous browsing habits. For example, if a user browses certain products on an online store, they may see similar products advertised on other sites.

  • Content personalization: Some sites use third-party cookies to customize content according to user preferences. This may involve displaying recommended articles or videos based on the user's past activity online.

  • Analytics: Third-party analytics services, like Google Analytics, use cookies to track user behavior on the site. This information helps website owners understand how visitors use their sites and make improvements to the user experience.

  • Social media integrations: Many sites include various social media integrations, such as share buttons and media embeds, which use third-party cookies. These cookies enable users to share content directly to their social media accounts and collect information about user interactions with embedded content, such as videos and images.

Why are third-party cookies decreasing?

Privacy has become a major concern in the digital world, and users are demanding more transparency and control over the handling of their personal data.

Privacy-focused browsers, such as DuckDuckGo, have been available for a long time and offer users the opportunity to browse the internet without extensive tracking. DuckDuckGo and similar browsers, such as Brave, focus on providing users with a secure browsing experience by default blocking tracking companies' cookies and other tracking technologies. These browsers have been popular especially among privacy-conscious users who want to reduce the exposure of their personal data online.

Now, major technology companies and browser developers have adopted similar practices. For example:

  1. Apple (Safari): Apple has promoted privacy by implementing the Intelligent Tracking Prevention (ITP) feature in the Safari browser. ITP limits the effectiveness of third-party cookies and other tracking mechanisms by using machine learning to identify and block active tracking attempts.

  2. Google (Chrome): Google has announced plans to remove third-party cookies from the Chrome browser by 2023 as part of the "Privacy Sandbox" initiative. The project aims to develop privacy-respecting alternatives to traditional tracking technologies, such as the proposed FLoC (Federated Learning of Cohorts) system, which allows grouping users without individual identification.

  3. Mozilla (Firefox): Mozilla has prioritized user privacy in its Firefox browser, which by default blocks many third-party tracking technologies through the Enhanced Tracking Protection feature.

  4. Microsoft (Edge): Microsoft has also added privacy protection features to the Edge browser, including tracking prevention features that can block third-party cookies and other tracking mechanisms.

These actions by browser developers are responding to the growing user demand for better privacy protection online, reflecting a clear trend towards combining user-friendliness and privacy protection. This development shows that protecting privacy has become a central factor in browser technology innovation.

The General Data Protection Regulation (GDPR) has been a significant factor in changing how companies collect and process personal data, including information collected through cookies. GDPR aims to give EU citizens more control over their personal data and sets strict requirements for data processing. This legislation has set a new standard for the protection of personal data, and its impact has been felt globally, as international companies that provide services to EU citizens are also required to comply with these rules.

GDPR and third-party cookies

GDPR requires that users must give clear and unambiguous consent before their data can be used or collected through cookies. This particularly applies to third-party cookies, which are commonly used by advertisers and analytics services. Consent must be voluntary, informed, and unambiguous. In practice, this means that websites must provide users with clear and understandable options for giving consent or denying the use of cookies.

New methods of data collection

The decrease in the use of third-party cookies and their potential disappearance in the future force companies to look for new ways to collect and analyze data. Here are some methods that companies can use:

  1. First-party cookies: Unlike third-party cookies, first-party cookies are created and managed directly by the visited site. These cookies can collect information directly from the user without sharing data with outsiders. First-party cookies are less problematic under GDPR, provided that proper consent has been obtained from the user.

  2. Server-side tagging: This method shifts data collection from the browser to the server. It reduces security risks and improves performance because less information is transmitted from the user's device.

  3. Analytics tools without cookies: Certain analytics tools can track web traffic and collect information without using cookies at all, providing a suitable option for privacy-conscious users. Companies can use other technologies, such as local storage, browser fingerprints, or even advanced algorithms based on machine learning, to collect and analyze user data.

  4. Privacy-protecting technologies: As technology has advanced, new ways have been developed to collect and analyze user data without revealing their identity. For example, differential privacy is a method that allows useful data to be collected while keeping individual user data anonymized.

  5. Consent-based marketing: This approach focuses on obtaining the customer's consent before any data collection. This not only ensures compliance with GDPR but also builds trust between the customer and the company.


Näiden muutosten myötä yritykset voivat jatkaa innovointia digitaalisen markkinoinnin alueella samalla kun kunnioittavat yksityisyyden suojaa ja noudattavat tiukentuvaa lainsäädäntöä. Muutos kolmannen osapuolen evästeiden käytössä vaatii sopeutumista, mutta tarjoaa samalla mahdollisuuden kehittää uusia, yksityisyyttä kunnioittavia tapoja vuorovaikuttaa digitaalisessa ympäristössä.

Cookie consents and their management

User consent to the use of cookies and their proper management is now more important than ever. Here are a few tools and practices that can help you in this area:

  1. Consent Management Platform (CMP): These tools help manage user consents for the use of cookies and other tracking technologies. It is an essential tool that helps ensure that your site complies with data protection laws.

  2. Google Consent Mode V2: This technology conveys cookie consent information to Google's data-collecting services and allows data to be collected respecting these settings, even when users refuse certain cookies. A functioning Consent Mode is mandatory for anyone using Google services such as Google Analytics or Google Ads advertising.

Conclusions

With the end of the third-party cookie era, it is important to stay up-to-date with new technologies and ensure that your website is ready to meet the challenges of modern data collection. By anticipating these changes, you can maintain your competitiveness and build trust with your customers. Therefore, update your site and tracking methods, and make sure you are ready for a future without third-party cookies.

Want to know more?

Ville Teikko

Ville Teikko

Ville Teikko is an award-winning creative & digital marketing specialist with over 20 years of experience in the digital design and advertising industry. Currently working as a Head of Digital at WaveCrest Finland.