When the European Union introduced GDPR (General Data Protection Regulation) in 2016, the digital world had to completely rethink its strategies and rush to put processes in place to adhere to the new regulations. For many, it was a race to beat the clock.

This type of seismic shift is set to happen again in 2024 when Google completes its long-awaited deprecation of third-party cookie use on Chrome browsers. The final and biggest of the browser giants to make the switch, chrome holds a 65% share of global web traffic.

The majority of marketers rely on third-party cookies to understand customer behavior, build audience segments, target ads, and measure campaign effectiveness. What happens when user tracking goes dark?

First-party data can pave the way forward for brands to build their marketing strategies on a sustainable basis that’s close to the customer — if they have the right tools to use that data beyond their four walls. Read on to find out what’s changing and whether your organization is ready.

The demise of third-party cookies: a timeline

While the phase-out of third-party cookies isn’t news, we’re at the end of the road. When Chrome joins Safari, Firefox, and Edge as the biggest and last of the four major browser providers to move away from this style of tracking, over 90% of web and mobile traffic is affected. Brands will lose the connection they relied on to link their customers to ad platforms in order to plan, deliver and measure campaigns.

  • Sept 2017  
    Safari introduces the first tracking protections for users with ITP 1.0
  • Jun 2018    
    Apple eliminates 3rd-party cookie tracking from Safari browsers with ITP 2.0
  • Aug 2018    
    Firefox introduces Enhanced Tracking Protection
  • Sept 2019    
    Apple releases ITP 2.3 preventing tracking via link data
  • Sept 2019    
    Firefox makes Enhanced Tracking Protection default for all users
  • Jan 2020    
    Google announces plans to phase out 3rd-party cookies in 2 years
  • Jan 2020    
    Microsoft releases New Edge browser with stricter tracking protections
  • Jun 2021    
    Google delays 3rd-party cookie phase-out in Chrome to 2023
  • Jun 2022    
    Mozilla makes “Total Cookie Protection” default for all Firefox users
  • Feb 2023    
    Google schedules final phase-out of 3rd party cookies for the end of 2024
  • Now               
    Marketers transition to first-party data as a basis for advertising and insights

What’s set to change for marketers in the cookieless future

The phase-out is a big deal for brands because adtech stacks are built around the use of third-party cookies. In the past, brands could simply place a snippet of code on their site from each of their adtech providers, whether Google itself, a DSP, or any number of other tools. This code, or cookie, would not only track what a customer did on that brand’s site — it would also freely share that information with integrated adtech providers and often across the wider web.

For marketers, these third-party cookies made it easy to run ad campaigns without worrying about the details of data sharing. A programmatic platform, for example, could simply pull your customer data, find that customer on another site, and serve them a retargeting ad. Or, they could pull web behavior data from other users and compare it to your customers to create lookalike targeting models for ads. It was the unifying thread that made online advertising seamless.

Concretely, what will change for those trying to run advertising in a (3rd-party) cookieless world? Here are the 3 core tasks that are set to change most.

1. Media planning

In the past, ad platforms combined information collected through freely-shared third party-cookies to build rich audience segments. They made it easy to find your target group across media, compare them, and plan where to book the most promising inventory with the highest potential ROI.

Now, the quality of those segments is eroding with the lack of third-party data. They’ll also lose the direct connection between users across the open web and a brand’s own customers — the key piece they need to make automated recommendations for media booking.

“Walled garden” providers like Google and Meta will continue to support media planning as usual on the basis of their own rich datasets, but this is limited to their own properties and will not address cross-channel planning challenges.

2. Audience activation

Activation on ad platforms will also be less effective than before. Retargeting and exclusion campaigns will no longer be an automatic job. With the 3rd-party data link missing, brands will need to find new methods to match their customers with a publisher’s audience. Cross-channel activation becomes even tougher: third-party cookies allowed ad platforms to freely track users across the web, identify if a customer responds to a certain ad, and set frequency caps.

Other common targeting models like lookalikes will also suffer from the gap in connection: How will ad platforms find users that look like a brand’s most valuable customers if they can’t connect brand data to audience data?

3. Campaign measurement

Finally, measuring the effectiveness of ad campaigns — especially cross-channel — will be a struggle. Third-party cookies were also the main method for tracking whether a user who clicked on an ad proceeded to make a purchase — the basis for calculating the ROI of campaigns. Ad platforms and analytics and measurement tools also won’t be able to present the same quality of insights about how ads are performing across channels for the same reason — linking a single customer’s response to ads across inventory will be much more challenging.

The renaissance of first-party data

The adtech industry is undergoing a transformation, building new tools and workflows to solve the cookieless crunch, from a proliferation of new ID solutions to a resurgence of contextual targeting. The IAB Europe created a helpful guide on how to prepare for the third-party cookieless era that compares various identity-matching solutions. But first-party data — the data a company collects about its own customers — provides the most reliable, direct insights into who a customer is and what motivates them.

Brands are often sitting on a wealth of valuable first-party data about their customers, like purchases they made, personal preferences, and even demographic data. Also, the “cookieless future” isn’t totally cookie-free: First-party cookies that track user behavior on a brand’s own properties are still alive and well.

Many publishers also have first-party data about their audience’s preferences and demographic and how they interact with ad inventory. Combining first-party data across publishers and brands could form a new basis for seamless advertising — so long as the methods respect user privacy and are compliant with regulations.

While first-party data is valuable, it’s also incredibly sensitive — it connects behaviors and preferences to personally identifiable information like names and email addresses, and so it falls under numerous data protection regulations including GDPR, CCPA, and more. It can’t be shared like third-party cookies without the appropriate security and compliance controls.

Finding new ways to collect, enrich and use first-party data while respecting customer privacy should be a top priority for brands who want to get ahead on their marketing strategy, and not just run out the clock.

Data clean rooms: making secure first-party collaboration part of the adtech stack

Data clean rooms (DCRs) are a crucial component in this new, first-party-centric adtech stack because they enable brands to combine and match their first-party data with publishers, retailers, or other data partners.

In Confidential Computing-based DCRs like Decentriq, they can do so without sharing the actual data.

In Decentriq data clean rooms:

  • Two or more parties upload encrypted data
  • They agree on what models or analyses are allowed to be run
  • The clean room keeps data protected while it’s being analyzed
  • Agreed-on insights like audience segments are exported

When a brand uses a data clean room, for example, to connect their customer data with a publisher’s audience data, they’re the only party to ever see their own customers’ personal information. But they can use the clean room to analyze the joined data and build insights or even develop models for insights, targeting, and measurement.

Different clean rooms have varying levels of data protection, which can affect requirements on compliance for using sensitive data. Decentriq’s Media Clean Rooms use Confidential Computing, an advanced encryption-in-use technology that also provides hard proof that data remains protected throughout its lifecycle. This unique approach reduces compliance hurdles for brands to use first-party data, unlocking the use of more customer data and making data partnerships for advertising scalable.

You can learn more about our Media Clean Rooms in our white paper.

Checklist for first-party data readiness

Are you ready for the shift to first-party data as a basis for your advertising strategies? Here’s a list of questions you should ask to find out if you have the right elements in place to start using first-party data for media planning, targeting and activation, and attribution.

  • Do you collect first-party data on your customers?
  • If not, do you have a partner (like a retailer) that could provide first-party data on customers of your products?
  • Does your first-party data include personal identifiable information (PII) required to match and collaborate with your ad partner?
  • What use cases do you want to cover with first-party data, e.g. planning, targeting, activation, and measurement?
  • Are you collecting the right data to inform those strategies?
  • Are you collecting the right level of consent for what you want to do with the data?
  • Do you have tools in place to run this collaboration in a compliant and privacy-preserving way?
  • Which adtech platforms do you rely on, and do they have an approach for compliant use of first-party data?
  • If you work with an agency, do they have a way to work with your first-party data without directly accessing it?

If you want to learn more about how data clean rooms can help you solve the challenges of the first-party marketing era, feel free to get in touch with us.

This is an updated and expanded version of an article with the same title previously published on the Decentriq blog.