7 reasons you can’t rely on third-party cookies

Posted On 22 Oct 2024
By :
Comment: Off

Cookie-reliant measurement is falling short. It’s time to diversify your marketing strategy for more accurate attribution and insights.

All the drama around Chrome and third-party cookies (for now, kind of revived but marching toward zombie-land) is missing one important point: Third-party cookies are not good enough to stand alone as a measurement approach.

They’re still helpful in their current form, but only as part of the picture. This article lays out seven reasons – some new, some longstanding – you need to diversify your approach.

Those include:

  • The impending Chrome opt-out feature.
  • Attribution limitations.
  • Current and future privacy regulation.
  • Non-Chrome browser cookie tracking.
  • Cookie deletion time frames.
  • Vulnerability to browser shifts.
  • More important measurement challenges.

Each of these reasons alone could justify the need to diversify your measurement resources immediately. Together, they should create a clear sense of urgency for anyone relying solely on third-party cookies to build a more robust measurement strategy.

1. The Chrome opt-out feature

This is the most urgent (although least defined) reason to find alternatives to third-party cookies: At some point, Google will give users a front-and-center option to decline cookie tracking.

Here’s what we don’t know: when exactly it’s coming or what the UX will look like.

Here’s what we can reasonably assume: it won’t be brand-new functionality (you can already opt out of Chrome), and it will lead a significant percentage of users to block cookie tracking.

If your company’s measurement depends on in-browser third-party cookie tracking, it’ll have less data to work with. For comparison’s sake, several analyses of user behavior shortly after the iOS 14 update showed that between 80% and 96% of users opted out.

2. Attribution limitations

Third-party cookies are fundamentally limited in accurately attributing conversions across different devices, browsers and domains.

Attribution reliant on third-party cookies is typically oversimplified and leans on models like last-click, which represents an incomplete picture of the marketing journey and opens the door for ad platforms to over-credit themselves.

Dig deeper: Advertisers react to Google keeping cookies on Chrome

3. Current and future privacy regulation

Even if changes spurred by GDPR and CCPA didn’t take a big bite out of your data, they should be considered a warning that similar regulations will be coming for you at some point.

Government regulation doesn’t happen overnight, but user privacy is a hot topic with proponents on both sides of the aisle. Check the FTC’s recently publicized stance on hashing if you need more evidence that user privacy is in the crosshairs.

If you don’t own your data (more on that later), you need to be ready for regulations – whether state, federal, international or a mix of all three – that could severely limit your access to it.

Yes, Chrome dominates the browser landscape. Over the last year, it accounted for just over 50% of the U.S. browser market.

But if you look at its competitors, you’ll see that Safari and Firefox account for over a third of the same market. Both of those (and other browsers, including Brave) have already removed cookie tracking.

In short, cookie-reliant measurement strategies are missing a third of the picture even if everything else is working perfectly (which it’s not).

Each browser has different protocols for tracking protection mechanisms and how long cookies in first- and third-party contexts can store user data (cookiestatus.com is a reference I recommend). By and large, third-party cookies expire before first-party cookies.

Apple’s Intelligent Tracking Prevention (ITP) limits first-party cookies to a seven-day expiration in Safari browsers. If a user returns to the site within seven days, the cookie’s expiration date is extended by another seven days.

However, if Apple determines that a click-through is from a tracker, the cookie expires after 24 hours. Third-party cookies set on tracker origins without first-party interaction expire in one hour.

Chrome limits third-party and first-party cookies to a maximum of 400 days if a user doesn’t return to the site.

Other browsers typically cap first-party cookies at a seven-day expiration unless the user interacts with the site with more severe restrictions on third-party cookies.

6. Vulnerability to browser shifts

As of this writing, you can still access third-party cookie data from Chrome. But can you say for certain that Google and the IAB won’t get on the same page faster than expected about a viable Sandbox cookie alternative? I can’t.

While it’s unlikely to happen in 2024, the key point is that we have no control over the situation. If you don’t own your data, you remain vulnerable to the actions of those who do.

As for owning your data, I highly recommend researching your options for moving to server-side tracking.

Essentially, you’d move from this mode of data collection (third-party cookies):

Third-party data collection

To this:

Server-side tracking

To do this, you’d need a tagging proxy and some martech resources like Stape.

Dig deeper: Thanks, Google – but we’re keeping these 5 post-cookie initiatives

7. It keeps the attribution focus too narrow

In their most intact form, cookies are effective for measuring single-channel activity. This means you’re asking how much credit a particular channel should get. But that’s not the best question to ask.

A better approach is to focus on the user, not the channel. Which engagements (whether on SEO, LinkedIn, TikTok, YouTube, etc.) actually influenced the purchase decision? That answer depends on much more than cookie tracking.

Cookies give you just enough data to avoid tackling that bigger picture, but a cookie-reliant strategy leaves you open to things like inflated platform attribution.

It also does nothing to answer the question of incrementality – in other words, whether that conversion would have happened without the engagement the cookie recorded.

If you are considering a user-centric measurement approach, the Attribution App is a tool that uses server-side data models to provide a more comprehensive view of user activity and its impact on business outcomes.

Shifting to a user-focused measurement approach

One reason people have clung so tightly to cookies for so long is that they’re familiar, easier to set up than ever and don’t require transformative shifts in your martech stack or team reporting structures.

Keeping things status quo also means you’re not accidentally sparking new internal politics or a budget tug-of-war. But none of that means sticking to cookies is a safe move.

There is no perfect, one-size-fits-all measurement solution (we’d all be using it if there was).  Supplementing cookies is a complicated initiative with some messiness involved. And it’s high time for marketers to get their heads out of the sand and start getting their hands dirty.

About the Author