uc_blog_hero_
Home Resources Articles Google phase out of third-party cookies: Impacts and solutions

Google phase out of third-party cookies: Impacts and solutions

While Google may not yet have completed plans to phase out third-party cookies in Chrome, the end will still happen. Other browsers already made this change several years ago. We look at what third-party cookies are used for in marketing, why there are issues, what will replace them, and more.
by Usercentrics
May 7, 2024
uc_blog_hero_
Table of contents
Show more Show less
Book a demo
Learn how our consent management solution can improve privacy and user experience for your users.
Get your free data privacy audit now!

Google again delayed its plan to phase out third-party cookies in Chrome, pushing the expected start from the end of 2024 to early 2025. This decision, influenced by continuous monitoring and feedback from regulatory bodies like the UK’s Competition and Markets Authority (CMA), grants businesses more time to adapt to a future where user privacy is a pivotal aspect of online interactions.

For marketers and businesses, this extended timeline is an opportunity to rethink and refine their digital strategies without panic. Digital advertising is evolving, demanding new strategies and solutions that respect user privacy while maintaining effectiveness.

This guide dives deep into the implications of Google’s phased elimination of third-party cookies, examining what this means for tools like Google Ads and the broader Chrome ecosystem.

We’re diving deep into what Google third-party cookies have meant for digital advertising, Google’s timeline for phasing them out, and what this means for platforms like Google Ads and the Chrome web browser.

We’ll explore fresh alternatives on the horizon to keep your marketing strategies sharp and effective in a cookieless world. Plus, we’ll show you how Usercentrics’ suite of solutions, including Usercentrics CMP, are invaluable for navigating these changes, helping you stay compliant, and maintaining trust with your audience.

Whether you’re seeking to understand the basics or strategizing a revolution of your marketing operations to prepare for the future of digital advertising, this guide offers comprehensive insights and actionable advice.

An introduction to Google third-party cookies

The cookieless future doesn’t mean all cookie use is being phased out. There are multiple types of cookies, which are used for different purposes on different properties to collect different types of data. Third-party cookies have been in use for a long time, but come with a number of drawbacks, of which privacy issues are just one.

What are third-party cookies?

Third-party cookies are placed on a user’s browser by a domain/website different from the one they are currently visiting. This mechanism enables tracking users across multiple websites, collecting data on browsing habits, preferences, and interests.

These tracking cookies provide important data for delivering personalized advertising experiences tailored to the user’s behavior and likes. First-party cookies are created and used by the site you’re visiting, typically to enhance your browsing experience. For example, remembering your login status or what’s in your shopping cart. Google third-party cookies, on the other hand, tend to serve the interests of advertisers and data brokers more than they do those of the user.

First and third-party cookies collect what’s known as first-party and third-party data, respectively. There’s also zero-party data, which is not collected via cookies. This is information that users willingly share with companies, such as survey responses, account settings, or communication preferences. It’s a valuable asset for businesses aiming to understand their customers better, and is the highest quality user data, which doesn’t infringe on their privacy since it’s provided voluntarily.

The role of Google third-party cookies

Google third-party cookies have played a multifaceted role in the digital advertising ecosystem. Here’s a breakdown of their primary functions.

User behavior tracking

Third-party cookies track user activity across different websites, painting a comprehensive picture of an individual’s online preferences, interests, and behaviors over time. This data can enable highly personalized online experiences, but often is collected without consent. Additionally, a large amount of data can become a highly identifiable profile of an individual.

Ad targeting

Armed with data from third-party cookies, advertisers can target ads with precision, often ensuring that users see advertisements closely aligned with their interests. This targeted approach significantly increases the likelihood of engagement, as ads are tailored to match user preferences or reflect past actions, like purchase history.

Analytics

Beyond ad targeting, third-party cookies contribute to analytics by offering insights into market trends and user behaviors across the web. This information is vital for businesses to make informed decisions, helping to optimize websites and user experience, and refine marketing strategies and product development to better meet user needs.

Google third-party cookies deprecation: a cookieless future

In January 2020, Google announced a groundbreaking initiative to phase out third-party cookies in Chrome by 2022. Adjusted to meet evolving privacy demands, the new timeline aims for complete third-party cookie deprecation by the end of 2025. Beginning January 4, 2024, Google initiated this phase-out for 1% of users, with plans to expand this to all Chrome users by the third quarter of the year.

This strategic move towards third-party cookie deprecation marks an influential shift towards a more privacy-focused internet by arguably the most influential platform provider. Notably, Google is not alone in this endeavor. Major browsers like Safari, Firefox, and Brave blocked third-party cookies years ago.

However, Google’s market share is substantially larger than all of those browsers, so the company’s actions affect far more people — nearly 3.5 billion users. Microsoft Edge and Opera are enhancing user privacy through cookie blocking and other features, indicating a broader industry move towards minimizing user data tracking.

Why is Google removing cookies?

Google’s decision to remove third-party cookie function from Chrome is a direct response to increasing ethical and legal concerns surrounding online privacy and data protection. This move marks a significant step towards creating a more privacy-focused internet, addressing the need for greater transparency and user consent in the digital advertising space. The change has been in the works for some time. However, passing and enforcement of laws like the Digital Markets Act (DMA) — which specifically targets Alphabet (Google’s parent company) as one of the designated “gatekeepers” of digital platforms and markets — has likely influenced acceleration of these changes.

What does it mean to remove cookies?

When cookies are allowed to be used, small text files are saved in the browser. User activity “activates” their function of collecting data. Blocking cookies prevents the cookies being set and the collection of user data across different websites without explicit consent.

This effectively disrupts traditional online tracking and advertising practices. First-party cookies that improve site functionality and user experience, such as keeping users logged in or remembering shopping cart items, remain unaffected. However, eliminating Google third-party cookies prevents issues around consent and addresses growing ethical and legal concerns regarding user privacy and data protection.

The use of Google third-party cookies has raised several ethical issues.

Invasive tracking

The volume of personal data collected by third-party cookies, ranging from browsing habits to potentially sensitive personal details, can pose a stark invasion of privacy. Especially since it’s common for huge amounts of third-party data to be aggregated and sold, often without the knowledge of the owners of that data. Such extensive tracking without user knowledge or consent spotlights the need for regulation, enforcement, and more respectful data practices.

Lack of transparency

A notable gap in the digital consent process is the widespread lack of awareness among users and website operators about the extent of data collection. Many people don’t know where, how, how much, and how often their data is collected, or for what purposes. This opacity undermines the principle of informed and voluntary consent, a cornerstone of digital ethics and data privacy.

The covert nature of third-party cookies often bypasses not only the awareness, but also the explicit consent of users, contravening ethical standards for digital engagement and an increasing number of data privacy laws. Achieving genuine GDPR cookie consent, for example, necessitates a clear, prior, and user-friendly approach to data collection notifications.

User profiling

Data derived from third-party cookies can be sold to just about anyone willing to pay for it, and exploited for discriminatory advertising. This can raise profound ethical questions about the nature of digital profiling and its implications for user autonomy and respect. These concerns are compounded by the spread of “automated decision-making” performed with user data, which can include the use of AI tools that can be responsible for actions or decisions about individuals that have significant effects.

The use of Google third-party cookies can also create legal issues, particularly in regions with strict privacy laws, frameworks, or adequacy agreements, like the European Union and California.

General Data Protection Regulation (GDPR)

As the benchmark for data privacy, the GDPR sets rigorous standards for GDPR cookies, data consent, security, and transparency within the EU. It mandates clear GDPR compliance guidelines for businesses, ensuring users have control over their personal data.

California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)

Mirroring the GDPR’s protective measures, the CCPA and CPRA were the first modern and comprehensive state-level privacy laws passed in the US, and have been influential on privacy legislation in other states. These laws grant California residents extensive rights over their personal data, underscoring the importance of GDPR compliance in US territories.

Digital Markets Act (DMA)

The European Digital Markets Act aims to foster fair and open digital marketplaces, designating six influential big tech companies as “gatekeepers” and applying specific requirements to their operations. There are also specific provisions under the DMA dedicated to safeguarding user privacy and enhancing data protection standards.

EU-U.S. Data Privacy Framework

Replacing the struck-down Privacy Shield, which was aimed at aligning international data transfers with EU data protection standards. The EU-U.S. Data Privacy Framework includes principles and provisions that highlight and provide options for the critical need for robust measures to ensure that international data transfers meet stringent privacy standards.

Reinforcing privacy laws like the GDPR and CCPA/CPRA necessitates a strategic pivot towards GDPR solutions that uphold data privacy without compromising digital marketing efficacy. Companies still need data for marketing operations. Additionally, concerns regarding data protection and cross-border data transfers illuminate the potential risks of unregulated data movement, especially as technologies evolve, emphasizing the importance of adopting GDPR overview strategies that mitigate these risks.

Google’s move to phase out third-party cookies is a proactive response to these ethical and legal concerns in a new era of web privacy. While this transition poses challenges for advertisers and marketers, there are good solutions, and it also opens the door to innovative approaches to online advertising and user tracking that respect user privacy and consent.

Checklist

Ensure your platform delivers data privacy compliance.

  • Enable valid consent collection from site visitors
  • Achieve and maintain compliance with global data privacy regulations
  • Optimize for opt-in rates, remarketing, and re-engagement campaigns
  • Use data for growth while reducing user acquisition costs

What is the Privacy Sandbox?

The Privacy Sandbox represents Google’s ambitious initiative to reinvent the foundation of online privacy and advertising. Launched in August 2019, this set of technologies is designed with dual objectives: enhancing user privacy across the web while also ensuring that digital businesses can continue to thrive. Google envisions a web where personal information remains private unless users consent otherwise, online content and services are freely accessible, and new internet privacy standards are set through industry collaboration.

Core goals of the Privacy Sandbox

Google outlines three primary objectives for the Privacy Sandbox:

  1. Build new technology to safeguard user information, ensuring that personal data remains confidential and secure.
  2. Enable publishers and developers to continue offering online content and services at no cost, supporting the free internet.
  3. Collaborate with the industry to establish new standards for internet privacy, fostering a safer, more respectful online environment.

Utilizing the extended timeline

With the deadline for phasing out third-party cookies now moved to 2025, businesses have additional time to refine their data privacy strategies. This period is crucial for strengthening first-party data capabilities through enhanced CRM integrations, direct user surveys, and optimized customer interactions. These efforts will reduce reliance on third-party data and align with evolving privacy standards.

This extended timeline allows businesses to explore and integrate more deeply with the Privacy Sandbox’s initiatives. Active participation in industry tests and staying updated with developments in Sandbox technologies like the Topics API and FLEDGE is essential. Engaging with these technologies now will equip businesses with a competitive edge, ensuring a smooth transition to a post-cookie era and maintaining the effectiveness of advertising strategies while respecting user privacy.

Focus areas of the Privacy Sandbox

In an effort to achieve its core goals, the Privacy Sandbox concentrates on several critical areas.

Ad delivery without personal data

Delivering innovative methods to display relevant ads without needing to collect personally identifiable information from users. This includes techniques like aggregating data or processing it on-device to prevent any one entity from accessing too much information.

Conversion measurement

Creating tools that enable advertisers to measure the effectiveness of their campaigns without tracking individuals across the web. This ensures businesses can achieve and understand their ROI while respecting user privacy.

Preventing ad fraud

Developing technologies to identify and prevent fraudulent activities in digital advertising, ensuring that the ecosystem remains healthy and trustworthy.

Enhanced privacy protections

Strengthening user defenses against intrusive cross-site tracking, ensuring that users can browse the web without being followed by unwanted trackers.

Data collection transparency

Implementing safeguards against undisclosed data collection practices, promoting transparency and trust in the digital landscape.

Alternatives to third-party cookies

As digital markets prepare for the end of Google third-party cookies, several innovative solutions are emerging to ensure that personalization and measurement in advertising don’t fall by the wayside. These alternatives promise a future where privacy-led marketing enables both regulatory compliance and revenue operations.

Google Privacy Sandbox Solutions

Google’s Privacy Sandbox offers cutting-edge technologies designed to replace third-party cookies with more privacy-conscious mechanisms.

Topics

Topics offer a novel approach to simplifying how user interests are understood and categorized. Topics analyzes the themes of sites user visits, rather than tracking individual actions, enabling advertisers to align their messages with these broader interests. This method significantly diminishes the need for detailed personal data, moving towards a model where privacy and relevance coexist.

Protected Audience

Previously known as FLEDGE, Protected Audience introduces a method for in-browser, targeted advertising that drastically reduces the need for data transfer. It supports remarketing efforts to well-defined user groups based on shared interests, utilizing minimal data while bypassing the invasive tracking that characterized third-party cookies.

Attribution reporting

The attribution reporting tool links advertising interactions to specific actions or conversions, bypassing the need for individual tracking. It offers a privacy-centric way for advertisers to understand the effectiveness of their campaigns.

Other advertising solution alternatives

Beyond the Privacy Sandbox, digital advertisers are exploring additional avenues to maintain effective targeting and analytics while adhering to privacy standards. Though not part of Google’s Privacy Sandbox, these alternatives can play a crucial role in privacy-led advertising strategy.

Contextual advertising

This strategy signifies a return to advertising fundamentals, where the focus is on the environment where ads are displayed, rather than the individual viewing them. By matching ads with relevant site content and keywords, contextual advertising enables ads to meet users’ current interests, providing a seamless and privacy-respecting user experience.

Universal ID

With a focus on consent and transparency, Universal IDs propose a method for user identification that respects privacy preferences. Users can opt into tracking through a simple email verification, providing them control over their data. This system bridges the gap between user privacy and the need for personalized experiences.

Server-side tagging

Server-side tagging shifts data collection from users’ browsers to your servers, streamlining how you gather first-party data while bypassing ad blockers. This method avoids the pitfalls of Google third-party cookies, enhancing user privacy and trust. Data is then selectively and securely shared with third parties, ensuring tighter control and improved data security.

Incorporating server-side tagging, especially for Google Ads server-side tracking, enables precise advertising insights and campaign measurements without compromising user privacy. This approach aligns with modern privacy expectations, offering a strategic advantage in optimizing site performance and user experience.

Read more: How to implement server-side conversion tracking with Google Ads and Usercentrics CMP

Server-side tagging solution

Embrace the future of data privacy with Usercentrics’ Server-side Tagging. This innovative solution enables your business to:

  • Comply with privacy regulations confidently
  • Maintain effective digital marketing strategies
  • Control data collection and distribution securely

The impact on Google Ads

With the deprecation of Google third-party cookies, Google Ads is on the cusp of a major transformation. Historically, Google Ads has heavily relied on third-party cookie data to target specific users with precision. This change necessitates a strategic pivot for advertisers traditionally dependent on this detailed targeting capability.

Adapting strategies

Advertisers will need to adjust their approaches as Google Ads evolves to function without third-party data. This shift heralds a greater reliance on first-party data collected directly from advertisers’ websites and customer interactions. Additionally, Google’s Privacy Sandbox initiatives, like Topics and contextual advertising, are set to become more prominent, offering new ways to reach audiences based on general interests rather than individual tracking.

As digital advertising transitions away from third-party cookies, adopting Google’s Consent Mode becomes increasingly important. This tool enables advertisers to meet Google’s requirements, securing continued access to the company’s platforms and services. User consent information is obtained using a consent management platform, then with Consent Mode it’s signaled to Google services, which adjust their Google tag activity based on those user consent preferences. This helps to meet consent requirements and demonstrate respect for user privacy by tailoring data collection and processing activities.

Implementing Consent Mode helps businesses to continue gathering crucial analytics and conversion data effectively. This proactive adaptation is key to maintaining legally compliant and efficient marketing operations in a cookieless environment. Using Consent Mode also demonstrates a commitment to user privacy, building increased trust and transparency with audiences.

The impact of blocking on Google Chrome third-party cookies

Concerns that eliminating Google Chrome third-party cookies could lead to user attrition are largely unfounded, as evidenced by the experiences of Safari and Firefox. These browsers have already implemented third-party cookie blocking without seeing a decline in their user base, and Chrome’s user base is far larger. The trend towards a cookieless internet is industry-wide, leaving no major browser behind in this privacy-forward shift.

It’s crucial to recognize that the end of Google Chrome third-party cookies signifies a transformation in how data is collected and used behind the scenes, rather than a change that users will directly notice in their browsing experience. This evolution represents a significant pivot in strategy for business owners, marketers, and ad tech professionals. However, for the average user, the shift will likely manifest as an enhancement in privacy without a noticeable impact on the usability or functionality of their preferred web services.

This adjustment in Chrome’s approach to privacy underscores a broader movement towards creating a more secure digital environment, one that respects user preferences. As this transition unfolds, it’s an opportune moment for stakeholders in digital markets to reassess and innovate their data strategies in alignment with these emerging standards.

As the deadline for third-party cookie deprecation approaches, here are steps you can take to be ready:

  • Understand the distinction between third-party and first-party cookies to better grasp the scope of the change.
  • Explore alternatives to third-party cookies, such as those offered by the Privacy Sandbox or other privacy-focused technologies, including server-side tagging solutions like those provided by Usercentrics.
  • Audit your website for third-party cookie usage. Usercentrics CMP and Cookiebot CMP have automated scanning functionality that comprehensive insights into your site’s cookie use.
  • Test your site with Google’s tools designed to simulate a post-third-party cookie environment, enabling you to anticipate and address any issues.
  • Request additional time if needed to adjust your digital strategies effectively.
  • Ensure compliance with privacy regulations by leveraging checklists and guidance from Usercentrics, tailored to different regulatory frameworks.
Google CMP Partner

Google Consent Mode

Leverage Usercentrics with Google Consent Mode and elevate your consent-driven marketing strategies. By integrating a Google-certified CMP with Con sent Mode v2, you can comply with EU consent policies.

  • Collect valid consent from users in the EEA
  • Run data-driven marketing campaigns compliantly
  • Enhance user experience with privacy-focused consent management

How Usercentrics can help

Usercentrics offers a dynamic Consent Management Platform (CMP) that equips businesses to navigate the evolving landscape of digital privacy with confidence. As Google phases out third-party cookies, our web CMP and app CMP emerge as crucial tools for maintaining compliance with stringent privacy regulations like the GDPR, ePrivacy Directive, and DMA. Our platform enables your business to secure valid consent from users and build and maintain trust by demonstrably respecting their privacy preferences.

Usercentrics CMP: Your partner in compliance

  • GDPR compliance: Usercentrics’ CMP streamlines the process of achieving and maintaining GDPR compliance by facilitating valid user notifications and consent collection, management, and documentation across your websites and apps.
  • ePrivacy and DMA adaptation: Stay ahead of gatekeepers’ requirements for businesses with a platform that is designed to adapt to ever-evolving privacy regulations to keep your marketing strategies effective and compliant.
  • Automatic consent documentation: Usercentrics records information about user consent, enabling a robust audit trail.

Through our comprehensive suite of tools and resources, Usercentrics is dedicated to empowering your business to confidently navigate the transition away from third-party cookies, achieve privacy compliance, and bolster trust with customers in this new era of digital privacy.

Subscribe to Usercentrics newsletter

Subscribe now to stay ahead in the dynamic world of data privacy with Usercentrics’ newsletter.

  • Receive the latest updates on data privacy regulations and compliance solutions
  • Gain insights into managing digital privacy challenges
  • Discover actionable strategies for privacy-led marketing

FAQs

Are third-party cookies going away?

Yes, Google Chrome has joined other major browsers in starting to block third-party cookies. This shift aims to enhance user privacy by eliminating trackers that operate across websites without explicit user consent.

When are cookies going away?

The phase out of Google Chrome third-party cookies began in early 2024 and is projected to be completed by the end of the year. This gradual approach gives digital advertisers time to adjust to the new privacy-first landscape.

What is replacing third-party cookies?

In the wake of third-party cookies’ deprecation, several alternatives have been proposed. These include Google’s Privacy Sandbox initiatives like Topics for interest-based advertising, Universal IDs for consent-based tracking, server-side tagging for enhanced data control, and contextual advertising that aligns ads with the content rather than the user’s personal data.

Is Chrome blocking third-party cookies?

Yes, initially Google started blocking third-party cookies for about one percent of Chrome users, and plans to fully block third-party cookies for all users by the end of 2024, marking a significant step towards a more private web browsing experience.

Does my website use third-party cookies?

Many websites do, often for analytics or advertising purposes. Conducting an audit with Usercentrics CMP can help you identify and manage these cookies effectively.

Are third-party cookies legal?

Their legality often hinges on obtaining explicit consent from users, as mandated by privacy laws like the GDPR. Unauthorized use of third-party cookies without user consent can lead to significant legal and financial repercussions.

Are tracking cookies illegal?

Tracking cookies is another name for third-party cookies, and without the proper consent mechanisms in place, their use contravenes privacy regulations. Using a CMP like Usercentrics CMP to manage and signal user consents helps to maintain legal compliance.

Is Google phasing out tracking cookies?

Yes, Google’s initiative to phase out tracking cookies by the end of 2024 reflects a broader industry move towards enhancing online privacy and user control over personal data.

What will replace third-party tracking cookies?

Emerging solutions include Privacy Sandbox’s Topics, UID for user identification with consent, server-side tagging for first-party data collection, and contextual advertising, among others.

Without cookies, do you still need a CMP?

Absolutely. Even with deprecation of third-party cookies, there are still first-party cookies and other tracking technologies in use on websites and other platforms., Managing user consent for first-party data collection and other tracking technologies remains crucial for legal compliance and fostering trust with your audience.

What are the alternatives to third-party cookies?

Alternatives to third-party cookies include Google’s Privacy Sandbox initiatives like Topics and Protected Audience, server-side tagging for controlled data management, Universal ID for consent-based tracking, and contextual advertising that focuses on the relevance of content rather than user behavior. Additionally, first-party cookies can provide a more privacy-compliant way to personalize user experiences directly on the website they are visiting. Preference management is also recommended for companies wanting to obtain zero-party data directly from their customers, which provides the most engaged and high-quality source of user data.

Why is Chrome deprecating third-party cookies?

Chrome’s decision to phase out third-party cookies stems from growing privacy concerns, ethical considerations, and regulatory compliance requirements and enforcement.

Ready to navigate the cookieless future with confidence? Explore Usercentrics CMP Solutions and take the first step towards a privacy-first digital strategy today.

Related Articles

How the EU Data Act affects businesses and consumers

How the EU Data Act affects businesses and consumers

The European Union's Data Act sets new rules to regulate the way data holders and users can manage and...

PIPEDA hero

Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA): An Overview

Canada’s data privacy law has been active since 2020, through big changes in digital markets and business and personal...