Your Guide to Quitting Third-Party Cookies

How to Improve Your CX, Sales and Digital Marketing Using Zero- and First-Party Data

Add bookmark

a chocolate chip cookie with a bite taken out of it and crumbs all around it, on a white background, symbolizing the unhealthy customer relationships created by using third-party cookies

I hate to break it to you, but it’s time to quit. This isn’t just a privacy issue, and it’s bigger than the GDPR. Third-party cookies are unhealthy for your customer relationships, and soon they’ll be discontinued altogether. This isn’t breaking news, nor is it happening tomorrow, but it’s something many marketers and customer success professionals still don’t fully understand. And your full understanding could be the difference between surging business success and falling flat in front of your audience. For years now the vast majority of tracking cookies have been rejected by browsers, and every day more and more consumers are blocking them on their own. In fact, nine in 10 consumers are “concerned” or “very concerned” about the privacy of their data online, and just as many said they’ll disengage with a company that breaks their trust. With 83% of brands still (ignoring their customers wishes and) relying on third-party cookies, this means you have a lucrative opportunity to distinguish yourself simply by listening — and embracing the alternatives: first-party data; and zero-party data. If you do, and do so now, you might not only survive ‘the end of digital advertising as we know it,’ you might revolutionize your customer experience. And brands that provide superior customer experience produce 570% more revenue than their competitors.

How, you ask? Well, first we must dissect the why. So, before we tell you how to leverage zero- and first-party data to strengthen your customer relationships and improve the effectiveness of your marketing and sales efforts, here’s a breakdown of online tracking cookies and the history of data protection efforts.

a large crowd partying at a concert, symbolizing customer first-party data and zero-party data

Cookies 101 (FAQs)

What is a tracking cookie?

A tracking cookie is a small piece of code stored in your browser that collects data based on your activity on a website, browsing history, geographic location, online purchases and more. Cookies track your preferences, where you go, and what you look at. The data is used by companies to inform audience profiling, targeting and personalization.

What are third-party cookies and why are they bad?

Third-party cookies are tracking codes placed on a user’s browser after being generated by another website other than their own. When someone visits a website, third-party cookies track the user and deliver the data to the third party that created the cookie (often, a digital advertiser). If you’re an online advertiser or marketer, third-party cookie data has historically allowed you to learn about your website visitors’ overall online behaviors — on and off your website — and build robust customer and prospect profiles. For consumers, third-party cookies can be “bad” because they collect personal information that can be used unethically by businesses or, worse, hackers.

What’s the difference between third-party cookies and first-party cookies?

First-party cookies are codes generated and stored on your website visitors’ computers, by default when they visit your site. As a result, first-party cookies can provide detailed information on your users’ behaviors while on your owned properties — and with Google Analytics and most CMS dashboards, you can view and analyze session duration, pages per session, bounce rate, conversions and conversion rate, geographical demographics and even referring sources (such as other websites, or social media platforms). You cannot, however, obtain any insights on your users’ activities elsewhere.

What is zero-party data?

Unlike first-party data, which consumers provide without directly interacting with a brand on its website, zero-party data is intentionally and proactively provided by the user. Also known as explicit data, zero-party data is considered the most trustworthy as it contains key information on the individual and how they want to be recognized by the brand. Whereas third-party cookies only benefit the advertiser/marketer, zero-party data benefits the consumer by empowering brands to provide truly consistent, transparent, empathic and personalized communications and experiences.

a gold lock on an old, chipped, blue metal receptacle, symbolizing data protection

Data Protection: A Brief History

One recent study, conducted a month after the 2018 GDPR legislation took effect, found that only 11% of website visitors accept cookies — and 76% ignore the cookies pop-up banner completely, even despite its adverse effects on user experience. But the data safety conversation began long before the late 2010s. 

June 2017: Apple Intelligent Tracking Protection (ITP) 1.0

A feature of WebKit, the open-source browser engine that powers Apple’s Safari browser, Intelligent Tracking Prevention is released with Safari 12 and iOS 11, designed to better protect users’ online privacy by changing the way Safari handles first-party cookies.

May 2018: General Data Protection Regulation (GDPR)

Europe’s latest data privacy and security law, the General Data Protection Regulation is the most strict privacy and security law in the world. Drafted and passed by the European Union and containing hundreds of pages of requirements, the GDPR “imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU.”

October 2018: Firefox Enhanced Tracking Protection (ETP)

Firefox launches Enhanced Tracking Protection to protect user privacy and the integrity of their computing systems by automatically blocking trackers and scripts, including social media trackers, tracking cookies, fingerprinters, cryptominers, and trackers hidden in ads, videos and other on-page content. 

February 2019: Apple ITP 2.1 blocks third-party cookies by default

Released with Safari 12.1 and iOS 12.2 in response to organizations “using redirects to masquerade as first-party cookies,” Apple’s second release of ITP introduces a new set of measures. Most significantly, ITP 2.1 purges most first-party cookies after only seven days and blocks all third-party cookies by default, “rendering device fingerprinting and long-tail measurement nearly impossible.”

May 2019: Google Chrome announces new cookie controls

As Google writes in its May 2019 announcement

Unfortunately, to browsers, all of these different types of cookies look the same, which makes it difficult to tell how each cookie is being used — limiting the usefulness of cookie controls. For instance, when you clear all of your cookies, you’re logged out of all sites and your online preferences are reset. Because of this, blunt solutions that block all cookies can significantly degrade the simple web experience that you know today, while heuristic-based approaches—where the browser guesses at a cookie's purpose—make the web unpredictable for developers.

As a result, Google explains, it’s updating Chrome to:

  • Provide users with more transparency about how sites are using cookies
  • Include simpler controls for cross-site cookies
  • Eventually limit cross-site cookies to https connections

September 2019: Firefox ETP blocks third-party cookies by default

Firefox expands the breadth and depth of its Enhanced Tracking Protection by making ETP the standard default setting for all users worldwide and blocking all third-party cookies identified by Disconnect.

A red fox, with the forest in the background

January 2020: California Privacy Rights Act (CPRA)

Expanding on the California Consumer Privacy Act of 2018 (CCPA), the CPRA creates new and extended rights for California residents, new compliance obligations for businesses, and a new agency, the California Privacy Protection Agency, tasked with implementing regulations and conducting investigations and enforcement actions.

January 2020: Google announces plan to eliminate cookies by 2022

Google says it’s “confident that with continued iteration and feedback, privacy-preserving and open-standard mechanisms like the Privacy Sandbox can sustain a healthy, ad-supported web in a way that will render third-party cookies obsolete,” and announces its plan to “phase out support for third-party cookies in Chrome… within two years.”

July 2020: The Court of Justice of the European Union issues verdict on Data Protection Commissioner v Facebook Ireland Limited, Maximillian Schrems (“Schrems II”)

The Court of Justice of the European Union issues a long-awaited verdict on the case colloquially known as Schrems II, ruling that the EU-US Data Protection Shield, on which many companies rely to transfer data between the US and EU in compliance with GDPR, is invalid due to concerns about surveillance by US state and law enforcement agencies. The decision “reinforces the importance of data protection to global commerce,” while creating hurdles for European businesses now required to conduct individual assessments of each data transfer to a non-EU nation.

March 2021: Virginia Consumer Data Protection Act (CDPA)

Virginia Governor Ralph Northam signs into law the Virginia Consumer Data Protection Act (CDPA), the second most comprehensive consumer privacy act enacted in the United States (behind the CCPA/CPRA). Like the law established earlier in California, the CDPA gives Virginians the right to: 

  • Determine whether their data is collected
  • Request a copy of their data
  • Correct inaccuracies in their data
  • Request the deletion of personal data
  • Opt out of the processing of personal data that may be used for consumer profiling or targeted advertising

March 2021: Google announces plan to cease support of individual-based tracking and targeting

Google ‘makes explicit’ that once third-party cookies are phased out the company will not build alternate identifiers to track web users. Instead, Google will use a technology derived from Google’s Privacy Sandbox: Federated Learning of Cohorts, or FLoCs, which target individuals based on larger groups of people with similar interests and behaviors. 

April 2021: Apple App Tracking Transparency

Released with iOS 14.5, App Tracking Transparency allows users, for the first time, to opt out of being tracked by third-party apps. 

June 2021: Google delays blocking third-party cookies until 2023

With domination comes responsibility, Google finds, announcing that the company needs to work more closely with regulators before cutting off third-party cookies on Chrome for good. According to the press release, Google will deploy the key technologies to the developer community by late 2022 and then — “subject to our engagement with the United Kingdom’s Competition and Markets Authority and in line with the commitments we have offered” — phase out third-party cookies during a three-month period beginning mid-2023.

The Google Privacy Sandbox logo
The Google Privacy Sandbox logo

Making Zero-Party Data and First-Party Data Work for You

According to Google, 90% of all consumers today expect consistency in their interactions, no matter where they are. Of course, the only way to know who to target, and when, where and how to target them, is data — but not data they don’t want you to have, and not data that regulations prevent you from having. So what does this mean? 

It means you need to demonstrate customer centricity through the entire customer lifecycle, only using data collected directly from your customers and prospects (and not through third parties). In other words, with increasing customer sophistication, massive corporate and government data breaches and increasingly stringent global regulations, the ‘cookiepocalypse’ is upon us, whether we like it or not. 

Practicing good data etiquette entails sourcing and utilizing your data respectfully, ethically and lawfully; distinguishing between your data wants and needs; and using only the necessary data in the most responsible manner to demonstrate accountability and transparency and deliver poignant, personalized experiences to your customers.

As CDP provider Segment explains, “If a company uses these values as its north star, they can effectively navigate the shifting privacy landscape, including compliance with global, national, and state regulations and laws, and ultimately build more trusted relationships with customers.”

How to Maintain Compliance with Privacy Regulations and Requirements

To meet privacy regulations and prepare for future requirements from Google, Apple and other browser, platform and app providers, all you have to do is think like a consumer. Ask yourself: How would I want my data treated? And then:

Man from behind typing on Macbook, using Google Analytics, with his iPhone and glasses on the table to the side of the laptop, symbolizing the types of zero-party data and first-party data that can replace third-party cookies

How to Enhance Your Digital Marketing, Sales and CX with Zero- and First-Party Data

Instead of resisting changing regulations and industry standards, the successful company of the future will embrace them by future proofing — not only cleaning up historical data obtained through third parties but shifting ongoing digital marketing and CX strategy to focus exclusively on using customer data derived from direct interactions between company and user. 

Fortunately, first- and zero-party data is the data your customers want you to have, as well as the data that can best inform the messages, moments, products and services you provide. 

Just ask Adobe: “Understanding the benefits of first-party data versus third-party cookies is critical for organizations to provide superior customer experiences, [particularly] as support for third-party cookies in browsers declines.”

Here’s how it works:

Example: Using Third-Party Cookies vs. Zero- and First-Party Data

You post on TikTok an engaging new video from one of your influencers about your latest product. A TikTok user searching that influencer on the social media platform finds your post, follows your account, and clicks the link to visit your website. 

  • With third-party cookies, you can gain information about this user based on their online history, but you can’t be certain if this information is accurate, valuable or anything the user wanted you to know 
  • When you implement mechanisms on your website to obtain zero- and first-party data you can be sure it’s information you can use — because you dictated the data sourcing yourself

Fortunately, in this example, you’ve prepared for the end of third-party cookies:

  • On your homepage is an interactive questionnaire experience designed to gather user data and direct the user down the right path for an optimal user experience based on their pain points, needs and goals
  • For the user who has completed the questionnaire and proceeded to an area of your website that would best serve them, you have a library of value-add content that they can download by completing a form, providing you with additional data
  • For the user who downloaded your content, you’ve developed an email drip campaign to nurture the lead into a paying customer
  • In your email drip campaign and on your website, you offer a free demo of your product(s) or service(s), and collect additional, more specific information
  • With all of this first-party data provided by the user, as well as any zero-party data you may have been able to gather, your sales team is equipped to not only pitch the right offerings but use the right messaging
  • Once a purchase has been made, you’re able to obtain additional data on user preferences and behaviors
  • With all of this first- and zero-party data gathered through marketing and sales, the customer success and technical support teams are equipped to provide the best customer experience
  • Any conversations between the user and support teams are also documented and incorporated into your data warehousing, enabling marketing to continue to develop the customer relationship and potentially create a brand evangelist, who will then promote on your behalf, bringing new users to your website (and social media accounts)

Woman social media influencer with long, curly brown hair, sitting sideways on a burnt yellow chair, wearing tight light blue jeans and a white, off-shoulder crop top, holding her iPhone up to cover her face and take a photo

Okay, Now What?

To succeed in 2023 and beyond, you must become proficient at precision marketing, acquiring, retaining and developing long-lasting relationships with customers without third-party cookies. To get started:

  • Collect zero- and first-party data on your existing web properties now, using giveaways like ebooks and discounts for lead generation, as well as surveys and interactive experiences to expand and enhance customer data for better personalization
  • Obtain authentication as soon as possible, across sources
  • Redesign your website to focus on user experience and collecting zero- and first-party data
  • Leverage existing and new, authenticated zero- and first-party data to build audience lists for direct communications as well as retargeting across ad platforms
  • Reduce and then eliminate the use of all cross-app site tracking
  • Acquire new customers through lookalike audiences
  • Develop stronger relationships with high-value customers by using zero- and first-party data to deliver more targeted, individualized experiences
  • Measure performance via server-side conversion tracking
  • Actively work toward better data sharing and collaboration among your marketing, sales and CX departments

So, what’s the best way to collect, store and leverage zero- and first-party data? The CDP, or customer data platform.

The CDP: The Best Way to Manage and Use Customer Data

A CDP is a marketing and CX technology designed to unify your data across online and offline sources; it allows marketers, salespeople and CX professionals to use data for modeling, segmentation, targeting, testing and more, improving the performance and efficiency of your lead generation, nurturing and conversion efforts. 

CDPs have four core functions:

  1. Data collection and unification: gathering, standardizing, validating, deduplicating and consolidating data from all sources
  2. Profiling: producing and updating a single profile for each and every customer and prospect
  3. Segmentation: creating custom groupings of customers/prospects to enable smarter targeting and personalization
  4. Implementation and optimization: integrating CDP data with end channels, like email marketing or digital advertising platforms, and developing and deploying the best experiences online and off

The best customer data platforms allow you to combine these capabilities within a single, easily accessible digital hub, expediting progress from idea to execution, from execution to measurement, from measurement to iteration and optimization, and from one successful campaign to even more successful future campaigns. 

The best part: CDPs make it easy to build privacy into your operations by incorporating a variety of data automation tools.

To learn more about CDPs, read our guide.

 


Image Credits (in order of appearance)

  1. Photo by Vyshnavi Bisani on Unsplash: https://unsplash.com/photos/z8kriatLFdA
  2. Photo by Danny Howe on Unsplash: https://unsplash.com/photos/bn-D2bCvpik
  3. Photo by Markus Winkler on Unsplash: https://unsplash.com/photos/3LVhSjCXRKc
  4. Photo by Qijin Xu on Unsplash: https://unsplash.com/photos/fJyO0eo6_aI
  5. Photo by Campaign Creators on Unsplash: https://unsplash.com/photos/pypeCEaJeZY
  6. Photo by Laura Chouette on Unsplash: https://unsplash.com/photos/IivFrTVUpEw

RECOMMENDED