Business

The End of Third-party Cookies Should Not Hurt Retailers

Changes to some of the world’s most popular web browsers may impact how advertising networks and cross-site analytics tools monitor consumer behavior online. Although the changes could affect some marketing campaigns, the end of third-party cookies should not hurt online retailers.

Google and Microsoft have both recently announced (or confirmed) plans to change the way their web browsers — Chrome and Internet Explorer, respectively — and other services manage certain types of site or application tracking. Mozilla, which makes the Firefox web browser, announced similar plans earlier this year, and Apple has been blocking third-party cookies in some versions of its Safari browser since 2003.

In the Internet context, a cookie or browser cookie is a small text file sent from the web browser to the user’s computer or mobile device, where it is stored. The cookie contains a means of identifying the user or tracking user preferences. When a user visits a site, that site may check for the presence of cookies and use some of the stored data to provide a personalized experience or track consumer behavior.

Third-party Cookies

There are several different types of cookies that may be transferred from a website or application to a user’s system. So-called first-party cookies are sent directly from the domain the user is visiting. As an example, if a user went to abc.com and abc.com sent a cookie from its own domain for its own personalization services, that would be a first-party cookie.

The recent confirmations from Google, Microsoft, and Mozilla would not change how first-party cookies work, and should not change things like on-site personalization, which can be important for online merchants.

In contrast, a third-party cookie comes from a domain other than the one a user is visiting and may be used to monitor user behavior across several different websites.

As an example, if a user visited a magazine website that displayed advertising banners delivered over an advertising network, that advertising network — which is a third-party in the browsing experience — could send a cookie to the user’s computer or mobile device. When the user visited another website that also used the same advertising network, the third-party cookie could be accessed and the advertising network would now have information about a particular user’s activity on two separate sites.

It is third-party cookies that browser makers are planning to block.

Internet Explorer

Popular web browsers, such as Microsoft’s Internet Explorer, have announced restrictions on the acceptance of third-party cookies.

Retargeting Campaigns

Third-party cookies are often used in retargeting campaigns wherein users who visit an online store are shown ads from that store when they go to other sites. Retargeting can work a couple of different ways. Here is a step-by-step example of one form of retargeting.

  • Site A, an ecommerce site, wants to retarget site visitors who look at products but leave without making a purchase or registering, so it places a retargeting script from “Ad Network” on its site.
  • When “Visitor” navigates to Site A, Ad Network’s retargeting script serves up a third-party cookie, storing a unique identifier on Visitor’s computer and keeping track of which products Visitor looked at on its own server.
  •  Site B, an informational site, wants to make money with advertising. It places an Ad Network script on its site to automatically load relevant ads.
  •  Visitor navigates to Site B. Ad Network’s ad-serving script recognizes the cookie and displays an ad featuring products from Site A that Visitor showed an interest in.

But regarding an impact on merchants, there probably will not be one. If Google and Microsoft were simply stopping third-party cookies, then this form of retargeting would not work. But they are planning, by all accounts, a replacement system. Right now we don’t know exactly how that replacement system will operate, but I can speculate that it might go like the following.

  • Site A, an ecommerce site, wants to retarget site visitors who look at products but leave without making a purchase or registering. So it places a retargeting script from “Ad Network” on its site.
  • When “Visitor” navigates to Site A, Ad Network’s retargeting script registers with the browser, requesting an anonymous unique identifier for Visitor and storing that identifier and Visitor’s browsing behavior on its own server.
  • Site B, an informational site, wants to make money with advertising. It places an Ad Network script on its site to automatically load relevant ads.
  • Visitor navigates to Site B. Ad Network’s ad-serving script contacts the browser requesting Visitor’s anonymous unique identifier and comparing the result to its database of unique identifiers. If it finds a match, it displays an ad featuring products from Site A that Visitor showed an interest in.

Notice that there is no difference for Site A, the ecommerce site, or Site B, the informational site. The difference is in how Ad Network gets user information.

Thus, this change in third-party cookies is not likely to directly impact merchants that rely on retargeting.

Advertising Networks Could Still Access User Data

Both Google and Microsoft have said they could replace third-party cookies with an anonymous identification system that would still allow advertisers to use cross-site data to serve ads or positively impact user experience, but that would offer users more control over how data was collected and that could provide a greater level of Internet security. It is not yet known exactly how either Google or Microsoft’s new system would work, but it could resemble the process that I’ve described above.

“Technological enhancements can improve users’ security while ensuring the web remains economically viable. We and others have a number of concepts in this area, but they’re all at very early stages,” Google spokesman Rob Shilkin told USA Today in September.

Since both Google and Microsoft derive a significant amount of revenue from Internet advertising sales and since both currently use third-party cookies to track users and serve retargeting ads, it is very likely that advertising online will not change functionally, but rather procedurally.

Online marketers from ecommerce businesses will probably not see a change in the types of ads available or in the kind of consumer data available, but advertising networks and cross-site analytics tool makers will need to adhere to terms and conditions that browser makers impose.

A Shift in Power

The most significant change that third-party cookie blocking may introduce could be a matter of power or control. At present, there are a number of firms that offer tracking-related services. These services have been able to freely use third-party cookies and other techniques to collect user specific data in some jurisdictions. Under a new Google or Microsoft data collection model, those firms would, perhaps, need to register for and abide by a set of terms that could give users the opportunity to opt-out of some forms of tracking or that might turn tracking off by default.

Although this new approach to tracking will certainly be a hot topic for sometime, an anonymous identification system may be better for advertising networks than alternatives like banning any form of tracking or notifying users before each and every cookie is served.

It is also worth noting that if browser makers do not take steps to offer users more control and privacy, legislative bodies might do it for them. The European Union has had an electronic privacy directive since 2002. That directive, which was amended in 2009, requires sites to notify users when cookies are employed.

Armando Roggio
Armando Roggio
Bio   •   RSS Feed


x