What the Third-Party Cookie Phaseout Really Means

For years, websites have been using cookies to track website visitors, collect data and improve the user experience. The collection of data via tracking cookies has allowed marketers to target ads to the proper audiences. These cookies are also used to learn what users are checking out on different websites. 

But are tracking cookies going away? The way websites use cookies could dramatically change with the recent announcement Google has made about phasing out third-party cookies. We have compiled this guide to the phaseout of third-party cookies to help you understand what this means for you. 

Not All Cookies Are the Same

Not all cookies are the same, and not all cookies will be banned as we’ll explain later. Cookies are managed differently depending on the browser and have different permissions. Essentially, cookies are pieces of code that are saved by websites onto a user’s web browser. Though cookies have many uses, the most important uses are tracking, user personalization and session management. 

Cookies are not programs and don’t perform any functions. Instead, they are simple text files. In adtech, cookies track users as they visit different websites. After visiting a website, cookies on that website will be saved to the user’s browser. After a few days, if this user visits the website again, the website will know this is the same user. Some cookies can track users across the web and across devices.   

What Third-Party Cookies Do

First, what are third-party cookies? These cookies are set by domains that a user doesn’t directly visit. This occurs when a publisher adds third-party elements to their website, such as ads, chatbots or social plugins.  

Once third-party cookies are installed, they track users and save their information. This information is used for behavioral advertising and ad targeting. For instance, if a blogger adds a YouTube link to a blog post, and a reader clicks this YouTube link, then a cookie from YouTube will be added to this user’s browser. This YouTube cookie can track the user until it expires.

Google is phasing out third-party cookies to make the web more private and secure for users while also supporting publishers, though many are skeptical about this move. 

What Other Types of Cookies Do

Different types of cookies, such as first-party cookies, session cookies, persistent cookies and secure cookies, do different things.

• First-party cookies: The website that a user visits sets first-party cookies. First-party cookies collect data for several purposes, such as calculating page views, the number of users and sessions. Publishers can share this data with agencies or advertisers for ad targeting. Analytics tools also use first-party cookies to understand a user’s behavior and present it for the publisher’s understanding in graphical or tabular form. 
• Secure cookies: Secure cookies are cookies with encrypted data that can only be set by HTTPS websites. Typically, e-commerce websites use secure cookies for payment and checkout pages to promote safer transactions. Likewise, online banking websites also use secure cookies for security purposes.
• Persistent cookies: Persistent cookies can remain on a user’s web browser for years. Publishers can use these cookies to track a user and their interaction with the website. For example, a web browser has persistent cookies if a user logs into Gmail, closes the tab, restarts their device, turns the device back on, reopens the browser, visits the Gmail account and is still logged in.  
• Session cookies: Session cookies expire quickly – either immediately or a few seconds after the user leaves the web browser. E-commerce websites use session cookies to keep a user logged in, remember a product placed in the cart and calculate user sessions for analytical purposes. If e-commerce websites didn’t use session cookies, items added to a cart would be removed before the user reached the checkout page.

Are Third-Party Cookies Going Away?

The three major web browsers — Safari, Firefox, and Google Chrome — have implemented changes or announced plans to sunset third-party cookies. 

Safari and Firefox Third-Party Cookies

When it comes to third-party cookies, both Safari and Firefox have taken aggressive measures to block them from their browsers by default.

• Firefox: This web browser announced a third-party cookie block in 2018. In 2019, they made the third-party cookie block the default.
• Safari: This web browser instituted a third-party cookie block in 2017 via the release of its Intelligent Tracking Prevention 1.0. Every year since then, Apple has continued making updates to ITP.

Neither Firefox nor Safari currently have plans to replace third-party cookies with other alternatives. But what about first-party cookies? Are first-party cookies going away? Unlike third-party cookies, Safari and Firefox still allow first-party cookies. On Safari, these cookies will expire after one day.

Google Chrome Third-Party Cookies

Is Google getting rid of cookies? Google Chrome accounts for 66% of the global market share, making it the most widely used browser that allows both first-party cookies and third-party cookies. However, Google will be sunsetting third-party cookies. Google plans to remove the third-party cookie by 2023 and replace it with various solutions currently in development. For the time being, both third-party and first-party cookies work on Google Chrome.

For many, this announcement from Google isn’t surprising after previous announcements about privacy on the web browser, including the proposed Privacy Sandbox. The new, aggressive timeline, however, will cause repercussions for many industries, including advertising.  

Google intends to sunset third-party cookies to make the web privacy-preserving by default. Though there are other tracking mechanisms, third-party cookies are the mechanism that people are most aware of and paying attention to. 

Google Is Planning a Third-Party Cookie Alternative

Users are demanding more privacy on the web, including transparency, control and choice in how their data is used. To meet these increasing demands, the web ecosystem must evolve. Google hopes that with privacy-preserving mechanisms like Privacy Sandbox, it can sustain an ad-supported web that renders the third-party cookie obsolete.

Unlike Safari and Firefox, however, Google does not intend to resolve the privacy concerns by simply blocking the third-party cookie since the company believes negative consequences could impact the web ecosystem and users. Ultimately, Google worries that outright blocking third-party cookies could harm the companies that depend on online advertising. For example, without third-party tracking, marketers will lose measurement, reporting, optimization and frequency capping abilities outside of walled gardens like Google, Facebook, and Amazon. Therefore, the company is taking a more cautious approach. Though Google wants to ensure users’ privacy, it doesn’t want to do so at the cost of the ad industry it relies on.

Until Google implements an alternative, they will be working to make the current technologies more private and secure, such as by limiting insecure cross-site tracking. The effort to shift to an internet free of third-party cookies could take even longer as Google plans to wait for publishers and advertisers to agree to the future standards before sweeping changes are applied. Developers, publishers, advertisers and browsers will also be allowed to:

• Experiment with the new mechanisms.
• Test whether the new mechanisms work well in various situations.
• Create supporting implementations, such as anti-spam, anti-fraud, federated authentication, denial of service prevention and ad selection and measurement.

Those in the industry will be able to offer feedback on the proposals and ensure these mechanisms address their needs. If a business relies on the web, it may want to ensure its vendors participate in this process and share feedback with trade groups that represent its interests.

Google Chrome does intend to replace the third-party cookie with several solutions that it has in development. Currently, there is no definitive date for when these alternatives will be put in place. 

Businesses Will Need to Prepare for the Phaseout for Future Successes

Businesses will need to prepare for the phaseout. You should talk to trusted partners about how they’re handling third-party cookies today and their plans for the future. You may need to create relationships with new vendors, partners and platforms. Websites will need to be updated, and businesses will need to search for new solutions.

What Cookie-Blocking Means for Lotame

At Lotame, we have designed our data enrichment solutions to be independent of third-party cookies and, therefore, prepared for the future of the eventual phaseout. 

We believe strongly in a connected ID-driven ecosystem and have invested in building out this connectivity. Our Panorama suite of solutions is future-proofed to offer data enrichment solutions for digital advertising – no cookies required, while our Panorama ID provides the bridge or common language that publishers and brands need to transact with each other and provide the improved experiences consumers want.

Using a Technology That Does Not Rely on Third-Party Cookies

Even though Google is phasing out cookies, this won’t affect data enrichment when you have Lotame’s Panorama identity platform.

With Lotame’s identity platform, you can:

• Activate anywhere and everywhere: Pass custom or ready-made audience segments into any environment to sell and buy.
• Create stories: Enrich data in a single place that has insights across various devices, contexts and platforms.
• Monetize more moments: Discover more moments to connect with your customers across devices and in cookie-challenged environments.

With Lotame’s identity resolution, marketers and agencies can enjoy better storytelling and easier analysis. No longer will you deal with isolated insights and scattered data resources to understand your customers. Instead, you’ll be able to enrich your first-party data with second-party and third-party data all in one place from more than 250 online and offline data providers.

And finally, reach more of your consumers with Lotame’s Panorama ID, the first global, people-based, privacy-first identifier for the open web. Lotame Panorama ID is freely accessible to and interoperable across the cookie-challenged web, all domains, devices, and platforms globally. Our solution was created with consumer privacy in the forefront. Panorama ID will give consumers control to see and own their privacy choices and will provide the marketplace with a solution that persists those choices everywhere. Furthermore, Panorama ID is not dependent on cookies to operate, making it future-proofed for advertising. 

Future Proof Connectivity with Lotame

Lotame delivers flexible data solutions to future proof connectivity and drive performance across all screens. Marketers, publishers, and platforms rely on our innovative and interoperable solutions, powered by our identity platform, to onboard, enrich, and address audiences.

Contact us at Lotame today to learn more about our data connectivity solutions, and to secure your future in the post cookie world.


What keeps marketing & publishing executives up at night in a post-cookie world? We’ve surveyed over 1,000 decision-makers to get their insights on how they’re preparing. Get access to our global report, “Beyond the Cookie: The Future of Advertising for Marketers and Publisher.”