In January 2020, Google announced that it would phase out third-party cookies in 2022, but later postponed it to 2023. After giving cookies a temporary extension, it pushed the timeline further into the second half of 2024. While a complete phase-out has not fully materialized yet, the industry has already shifted toward reduced reliance on third-party cookies, creating one of the biggest changes in online advertising.
This article is the first installment of a three-article series on server-side tagging (SST). Today, we will discuss how the absence of a proper solution led to the advent of SST, which will help you navigate your way through the evolving, ‘cookieless’ internet.
If you are a publisher or a marketing agency, you might have heard about this quite a few times, but you may have adopted a ‘wait and watch’ approach.
In this blog, we will help you understand the role of cookies in driving digital campaigns, first-party vs third-party cookies, and why third-party cookies are being restricted.
Also, we will cover what everyone is doing in the face of a potential tracking attribution challenge. Finally, we will look at a real-life example to understand the seriousness of the issue.
Let us get started:
What are cookies
Cookies are small pieces of data sent by websites to be stored in your browser and are meant to optimize your user experience on a particular website.
Theoretically, they also optimize your browsing experience across the internet as long as you are using the same browser, and that is where things start to get bothersome for users.
But before we jump into the details, let us get a brief overview of how cookies are classified.
First-party cookies vs third-party cookies
Here’s a snapshot of the first-party vs third-party cookies comparison:
Comparing first party vs third party cookies
The real deal breaker: Personalization of content vs personalization of monetization
Before we move to the next section, let us understand the major differentiator between first- and third-party cookies.
First-party cookies allow personalization of content, which is actually preferable for users, while third-party cookies enable personalization of monetization.
Personalized monetization or advertising operates on the basis of inventory offered in the open market by publishers and often does not factor in user consent.
In principle, personalization of content is preferred by users, and hence first-party cookies are relatively safer despite privacy legislations. However, personalization of monetization is where the industry needs to rethink its approach. That said, content personalization is not the end goal for publishers, monetization is.
However, one must understand that first-party cookies are not all rainbows and sunshine either, as they allow an entity owning multiple domain names to use the data generated across them.
Consider the case of Luxottica, a less-known conglomerate that owns several luxury eyewear brands, including Ray-Ban and Prada. If it collects first-party data from one of its websites, it can share it across its other brands without the user expecting the same.
This becomes even trickier with corporations like Berkshire Hathaway and BlackRock, which have portfolios across diverse sectors.
Why are cookies being phased out?
On June 5, 2017, Apple announced the rollout of a new privacy feature called Intelligent Tracking Prevention (ITP) for Safari browsers and iOS. It later introduced ITP 2.0 at the WWDC 2018 keynote, co-developed with WebKit.
ITP 2.0 and its advanced versions effectively removed the 24-hour access window by partitioning cookies into first- and third-party origins, followed by purging third-party cookie data. This had a significant negative impact on many adtech and martech entities, including Facebook.
iOS 14 further added to the challenge with Apple’s App Tracking Transparency Framework (ATT), allowing users to block tracking across apps and websites.
Browsers like Mozilla, Brave, Vivaldi, and DuckDuckGo have historically taken a proactive stance against third-party cookies, enabling users to block them easily.
Ad blockers and anti-tracking tools are widely used to prevent third-party cookies from collecting user data, while most browsers empower users to safeguard their privacy.
Google Chrome and Chromium-based browsers like Microsoft Edge have also moved toward limiting third-party cookies and introducing privacy-first alternatives, despite multiple delays in complete deprecation.
However, one must take these developments with a pinch of salt, as they are not purely driven by goodwill toward user privacy. Below is an overview of major legal frameworks and judgments that indicate lawmakers’ approach to third-party cookies.
Timeline of legislations supporting privacy of internet users against third-party cookies
Having said that, Chrome still holds the largest user base among browsers, and cookies continue to contribute significantly to Google’s advertising revenue through remarketing and search ads.
Therefore, it is understandable that Google continues to evolve its approach while exploring reliable, privacy-compliant alternatives to cookie-based advertising.
What are industry players doing about it?
To begin with, there are several approaches the industry is taking to address the decline of third-party cookies, with walled gardens being one of them, ecosystems that control inventory, tracking, and analytics end-to-end.
Google and social media platforms are prime examples of such ecosystems.
On the other hand, publishers like The Washington Post rely on premium solutions such as consented IDs and clean rooms like Unified ID 2.0. This approach is also effective for long-tail publishers that prioritize content quality and want greater control over monetization.
Verizon Media developed its own identity solution (ConnectID), while others like Epsilon CORE ID, Unified ID 2.0 by IAB, LiveRamp ATS, Merkury, BritePool, Neustar Fabrick, and ID5 Universal ID are emerging alternatives.
Google also experimented with solutions like FLoC and other Privacy Sandbox initiatives to maintain advertising effectiveness in a privacy-first world.
Despite these developments, there is still no universally accepted solution. Most players across adtech, martech, and advertising continue to adopt a cautious approach.
While it is clear that reliance on third-party cookies is declining, the lack of a standardized replacement has slowed decisive action across the industry.
A real-life example: Facebook Pixel
Meta remains one of the most popular platforms for running paid ads, with billions spent by advertisers annually.
To attribute transactions, website owners use tracking mechanisms like Facebook Pixel, which help identify users who land via Facebook or Instagram ads and complete a purchase.
This forms the basis of ROI measurement. Without reliable tracking, advertisers would struggle to understand revenue attribution.
Consider a scenario where third-party cookies become unreliable:
A footwear brand, Zector, hires an agency to manage its digital marketing. Social platforms like Facebook and Instagram have historically driven strong revenue.
Without effective tracking, identifying users who interacted with ads and later converted becomes difficult.
Ad personalization also suffers, for example, showing irrelevant ads such as brogues to a football player searching for cleats, reducing effectiveness for both users and advertisers.
Additionally, tracking users across devices and platforms becomes inconsistent, leading to repeated ads and poor targeting.
Analytics would struggle to attribute conversions accurately, resulting in incomplete insights and potential misinterpretation of performance.
This would lead to:
Increased customer acquisition costs (CAC) due to reduced targeting accuracy
Lower and less reliable return on ad spend (ROAS)
Reduced effectiveness of retargeting strategies
Difficulty in identifying and targeting unique users
Challenges in allocating marketing budgets effectively
This creates a difficult situation for both platforms and advertisers, with budgets potentially shifting toward more measurable channels.
Adtech and Martech tools would also face challenges due to limited data for training algorithms.
Towards the solution: Server-Side Tagging
Interestingly, Google itself introduced a promising approach that appears to address many of these challenges.
Known as Server-Side Tagging (SST), it represents a balanced, privacy-aware approach that aims to benefit both users and advertisers.
We will discuss SST in greater detail in the next post of this series to help you understand why it is emerging as a key component in modern, privacy-first tracking strategies.
