Tips & Tricks

The end of third-party cookies does not mean the end of tracking

The need for true end-user consent to process personal data will remain long after third party cookies and the technologies replacing them.
Google announced in early 2020 that they will stop the use of third-party cookies in Chrome before 2022, joining a growing list of browsers stopping with the notorious tracking technology.
What are the implications around the end of third-party cookies in Chrome, the misunderstandings, and why consent is the platform for compliant tracking now and in the future.

Google killing third-party cookies in Chrome and what this means for your website.

Let’s make no mistake: 

  1. The end of third-party cookies is not the end of tracking.
  2. Google ending Chrome’s support of third-party cookies is also not the end of tracking in Chrome.

Third-party cookies are not the only technology used for persistent and pervasive tracking of users across the Internet, and it won’t be the last either.

Existing technologies that can track users just like third-party cookies include:

  • Local Storage
  • IndexedDB
  • Web SQL
  • and any other technology that makes it possible to save data on a user’s device from browsers (as cookies do).

Safari and third-party cookies

Other browsers like Safari have been blocking third-party cookies for years, and we’ve seen repeatedly that trackers simply resort to workarounds, other methods and new technologies that make them able to track users just the same.

If you want to learn more about third-party tracking on EU government and health websites, you can refer to this article from Cookiebot from 2019. It revealed that Facebook bypassed third-party cookies by instead using first-party cookies combined with a pixel tracker to ensure continued, unconsented surveillance of EU citizens.

First-party cookies will still function by default in browsers that block third-party cookies (also in Google Chrome), and they will continue to require consent in most cases, unless the purpose of a cookie is ‘strictly necessary’ to the basic operation of a website. Google’s plan to phase out third-party cookies in Chrome is part of a larger strategy of creating a privacy sandbox with open standards for tracking users while protecting their privacy (e.g. through new browser APIs like “trust tokens”).

Tracking technologies are changing, but data protection laws require the same: end-user consent.

Some of these new standards are likely to strengthen tracking, since the new technologies (like trust tokens) will ensure an even greater level of certainty around reidentification of users. It will help to fix issues in tracking precision and ad fraud by bots that remain two major headaches for the adtech industry today.

Determining a user’s identity

There are numerous ways for trackers to determine a user’s identity across sites. Unless Chrome and other browsers not only discontinue support of third party cookies, but also of any other kind of similar tracking techniques, trust tokens will most likely not provide a greater level of privacy protection. It will benefit the AdTech industry.