Retiring Third-Party Cookies: Stop Panicking and Start Planning

This article originally appeared on Digital Content Next

Last January, Google announced the end of third-party cookies by 2022. The industry went into a frenzy. 

All the while, Google forged ahead quietly on its own. Occasionally, it would pop up to say, yes, we really are going to stop supporting third-party cookies and no, the pandemic hasn’t changed our plan.

It wasn’t until last this past January that Google fully reappeared announcing its plan to start publicly testing Privacy Sandbox. This included some associated privacy controls, and early performance results for FLoC, or “Federated Learning of Cohorts,” which allows ad targeting at large groups of users based on common interests. And just a few weeks ago, they affirmed that they would not adopt new tracking tech after phasing out third-cookies. Their claim: It’s no longer necessary to “track individual consumers across the web to get the performance benefits of digital advertising.”

The end of ad tech?

Another frenzy ensued. First reactions predicted the end of non-platform ad tech. And many companies saw their stocks drop. But then, by the second day after the announcement, some observers started pointing out that Google hadn’t actually done much besides make it clear (yet again) that support for third-party cookies will end this year. They also stated that they aren’t going to adopt a solution like Unified ID 2.0, which The Trade Desk,, and IAB are lining up behind.

That wasn’t the only announcement of note in the past few weeks. IAB Tech Lab released draft guidelines for advertising identifiers like Unified ID 2.0, LiveRamp, ID5, etc. The Trade Desk announced the start of beta testing for Unified ID 2.0, with advertisers being able to transact on impressions using the tech. And just a week after Google’s identity announcement, the company published another blog post with initial details of a plan to extend publishers’ first-party “Publisher Provided Identifiers” (PPIDs) from private marketplace deals to open auction.

Pointing out that the ad landscape is confusing and in flux for publishers is a bit of an understatement. And that’s without mentioning Apple’s moves on tracking consent and IDFA. Let’s try to clarify things a bit.

Prepare to have options

Between Google, Apple, and the “open web” ad tech players, there seem to be at least three different approaches publishers will need to test and adapt to: 

  1. Google’s FLoC, which might (or might not) become an industry standard;
  2. Apple’s strict app tracking rules and Safari ITP limits; and
  3. Unified ID 2.0 or whatever other standard emerges from the IAB TechLab working group, assuming that either regulators or the browsers don’t block those cookie replacement solutions.

Publishers and advertisers alike have fought an increasingly brutal battle against the walled gardens. Chatter has abounded that the cookieless future could tip things in their favor. Google’s latest announcement actually runs counter to that theory. Their publicly confirmed focus on Privacy Sandbox means, in the words of Magnite CTO Tom Kershaw, that Google will “actually use the same tools as the rest of the industry.” The end result could be a peaceful coexistence of the Chrome solution, user logins and publisher first-party segments. And that would mean choice for publishers, advertisers, and consumers alike. 

Focus on first-party data and identity

While there’s an element of self-interest, it does seem clear that Google is developing solutions to make it possible for publishers to activate first-party data. These include non-PII user IDs in the Google ad ecosystem. Of course Google relies heavily on first-party data and known user identities in YouTube, Search, Gmail, and its other properties. So, limiting publishers’ ability would be hypocritical. It would also be risky at a moment when the company is under antitrust investigations in more than one country. However, from a publisher perspective, this is further reinforcement of the need to focus on first-party data and identity.

Start your transition now

In some ways, we’ve been our own worst enemies in the run-up to third-party cookie deprecation. Many publishers and advertisers have awaited Google’s next move as if we were pawns in a drawn-out chess game instead of coming up with a plan and starting to execute on it. Let’s not so quickly forget that where third-party data offered efficiency, it often lacked effectiveness, due to uncertainty of where it comes from and, therefore, its accuracy. 

Six steps for transitioning away from third-party cookies

There are six areas you need to cover as you begin your shift away from third-party data:

  1. A minimum amount of zero-party data

    It’s not just about first-party data. Zero-party data — the data that users volunteer to you via other explicit data-capture tactics like registration forms — will be just as important. You need a certain amount of data to generate effective lookalike segments. To do that, it’s necessary to start targeting some segment of your audience and guiding them to register and provide their data with incentives such as the ability to access locked content.

  2. Tools for storing and managing consent

    Whether it’s a data-management platform, a customer-data platform or a consent-management platform, figure out now where you will store all of this data and consent.

  3. Audience segmentation tools

    You need audience segmentation tools to create subsets of your users. This can be based on like characteristics extracted from zero- and first-party data. They can also leverage lookalike modeling to produce larger audience pools.

  4. Collect data at the right moment

    Collecting more data over time requires thinking through the right moment in the customer journey to ask for it. At each stage, aim to understand how to move users deeper into the funnel with the right offers that will net you more data to round out your customer profile. 

  5. Vet identity partners

    You need one of these to replace cookie-matching and activate all that zero- and first-party data you will collect. Be sure that you vet their offerings to see which identifier could work best for your business.

  6. Start testing solutions now

    As Travis Clinger, SVP, Addressability and Ecosystem at LiveRamp, said in our recent Piano Academy event: you don’t want to get caught trying to apply new technologies and strategies in the middle of the Q4 holiday season. It’s worth testing different solutions, including identifiers and different data- or consent-management platforms, now.

We’ll be sure to hear more from Google publicly throughout the year. It will remain important to read successive announcements with a critical eye. We’ll need to remain focused on the steps required to prepare for third-party cookie deprecation now (as opposed to needless panicking). And remember you have a whole industry navigating this transition with you as we move towards a new era of privacy-first personalization.