By: Glaelis Sierra – Director of Client Services @ Williams Whittle

Initially, the third-party cookie phase-out was announced in January 2020.  After the announcement, we all attended webinars and online courses to learn how to navigate a post-cookie world since these have been an integral part of digital advertising.  However, in June 2021, Google informed that the phase-out was now delayed until 2023.  So, what happened?  What changed?  We did some research and put together this quick recap so you’re in the know.

First things first, what are cookies?

Cookies are small files that are stored on a user’s computer.  They are designed to store fragments of user data used to improve the browsing experience.  This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script that is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next.  Basically, it’s a file that tracks your browser activity and helps create a profile of what you like and what you might be interested in.

How many types of cookies are there?

My favorite is a chewy chocolate chip cookie or anything with marshmallows, but in this case, according to Cookie Script there are only three types of cookies –

  • First-party cookies are stored under the same domain you are currently visiting.  So, if you are on, all cookies stored under this domain are considered first-party cookies.  Those cookies are typically used to identify a user between pages, remember selected preferences, or store your shopping cart. You can hardly find a website nowadays that does not use first-party cookies.
  • Third-party cookies are cookies that are stored under a different domain than you are currently visiting.  They are mostly used to track users between websites and display more relevant ads between websites. Another good example is a support chat functionality provided by a 3rd party service.
  • Second-party cookies are a questionable topic. Some people might say they don’t exist at all. In general, second-party data is some first-party data shared between partners. In this sense, second-party cookies are just part of that data related to cookies.

How do third-party cookies work?

Third-party cookies are cookies that are tracked by a website other than the one you are currently visiting.  So, one example of how they work… let’s say you were browsing for vacation rentals in Santorini, Greece.  You browsed a few websites, admired the photos of the caldera, blue roofs and the perfect sunsets, but ultimately decided to put this vacation on hold for now.  A few days go by and suddenly you start seeing ads for Santorini vacations on every website you visit – coincidence?  Not at all.  The reason why you’re now seeing these ads is because your browser stored a third-party cookie and is using this information to send you targeted ads.

You’re unintentionally creating a digital trail of crumbs that will follow you as you move from tab to tab.  If you’re like me and have one browser window open with tons of different tabs, you’re unwillingly sending information about your web visit history to other websites and parties.  Closing the browser won’t necessarily eliminate the cookies.  Depending on the one you’re using, you may have to clear your cookies manually.

How do advertisers use third-party cookies?

Advertisers use third-party cookie data to learn about a user’s overall online behavior.  Also, they collect demographic data such as age, location and gender.  Without them, we lose the ability to understand what websites a user frequently visits, what purchases they make or interests they have shown on other websites.

Currently, many digital marketing capabilities are powered by cookies.  We use them to track website visitors, improve the user experience, create personalized onsite experiences, and collect data to help target ads to the right audiences.

The End of Third-Party Cookies

As you can see, these cookies are very helpful to advertisers.  However, with the passage of CCPA, ePR and GDPR, governments are seeking to protect the privacy rights of website users.  These laws and regulations create civil and/or criminal penalties for those that fail to notify web users of the presence of cookies. You may have noticed that almost every time you visit a website in recent months, they all have a disclaimer that says something like “this website uses cookies click here to accept or decline”.  And that’s because these regulations also require website operators to let users know what information is being collected and to whom this information is shared, along with a way to opt-out at any time, according to Cookie Script.

Apple’s Safari and Mozilla’s Firefox now block 3rd party cookies by default.  But Google Chrome has the biggest browser market share and they have now delayed the elimination of third-party cookies to 2023.

Since the announcement back in 2020, there has been major pushback and pressure from advertisers.  So, Google has been pushing its own homegrown solutions to fill the gap for advertisers looking to serve targeted ads to digital audiences.  Earlier this year, they launched Federated Learning of Cohorts, or FLoC, a solution in which the web browser categorizes a user into a large group, and that group identifier is used to target advertisements.  But FLoC is running into three major headwinds surrounding legislation, privacy concerns, and industry support, according to an article from AdAge.

Another alternative they’re working on is the Privacy Sandbox.  In the cookieless future, Google wants ad targeting, measurement and fraud prevention to happen according to the standards set by its Privacy Sandbox, whereby cookies are replaced by five application programming interfaces.  Advertisers will use each API* to receive aggregated data about issues like conversion (how well their ads performed) and attribution (which entity is credited, say, for a purchase).  Privacy Sandbox represents an alternative pathway that Google is providing for the ad industry to take, relying on anonymized signals (that are not cookies) within a person’s Chrome browser to profit from that user’s browsing habits, according to Digiday.

Google claims that people shouldn’t have to accept being tracked across the web in order to get the benefits of relevant advertising.  And advertisers don’t need to track individual consumers across the web to get the performance benefits of digital advertising.  Therefore, first-party relationships are vital in a privacy-first world.

As you can see, Google won’t stop tracking users entirely.  They are currently working on solutions for advertisers and that’s one of the reasons why the elimination of third-party cookies is being pushed to 2023.  However, one thing is for sure – we all should start collecting first-party data if we want to know our customers better.  As privacy laws continue to evolve, this might be a great opportunity to look for innovations in digital advertising.

While we wait for the imminent death of third-party cookies, we can help you strategize a digital marketing campaign.  There are plenty of ways we can specifically target a consumer audience and hit every one of your KPIs.  One thing we quickly learned over 2020 is to quickly pivot and adapt to the new normal.  The cookieless future is no different.  Contact us today to work on a digital marketing plan that will work for your nonprofit.


*API is short for application programming interface.  It’s a piece of software that functions as a connection between two different applications.