"Data-Driven Thinking" is written by members of the media community and contains fresh ideas on the digital revolution in media.
Today’s column is written by Daniel Jaye, CEO and co-founder at Aqfer.
As the world grapples with the impact of the coronavirus, businesses are struggling to figure out what life will look like once the pandemic is over. With COVID-19 creating delays and postponements, advertisers have learned that Google has no plans to postpone killing third-party cookies in Chrome. Third-party cookies are on the way out, but there’s confusion as to what extent first-party cookies can be used in this new era.
Browser-enforced privacy rules are bringing nuance to the previously held understanding of cookies and what was classified as “first party.” An inability to grasp these subtle differences could leave brands unjustly beholden to tech behemoths or severely injure access to their own first-party data, just as first-party data begins to accrue more value.
Since these cookies have widely been considered first party up until now, this change has sown confusion across the ecosystem. Even sophisticated publishers and brand marketers are falsely under the impression that all first-party cookies now have a 24-hour shelf life.
Why are these cookies allowed, but other “first-party” cookies are not? Think of it this way: If you received an incoming call from Bank of America, the standard safety practice is to not give out any sensitive information or account numbers. That is only to be done via an outbound call directly to your bank or credit provider. That’s basic safety against phishing.
The HTTP approach allows brands to recognize users outside of their site if they can read the first-party cookie in a third-party context. For example, if you have a server-side first-party cookie, you can determine if a consumer visits your site and then sees your ads later on.
Browser changes impact the ecosystem; techniques such as server-side first-party cookies are sustainable, and they build on the solid policy foundation that the brand has a legitimate interest in data about its own interactions with consumers.