The web is constantly evolving, but these changes are happening more rapidly than ever before—especially when it comes to consumer privacy and data.  At Tinuiti, we help marketers understand everything from the building blocks of web browsing to the upcoming regulations and guidelines that will forever alter the digital advertising landscape.

In the following blog article, we take a deep dive into how cookies work, why they are important, and how advertisers should prepare for a future without (or with severe limitations on) cookie tracking.

What is a cookie?

A cookie is a small text file in the browser that websites can write to, specific to a device (sometimes referenced as the user). Cookies have been around since 1994 with the initial goal of improving the e-commerce experience.

What are the types of cookies?


First Party Cookies

First-party cookies are created, published, and controlled by the website you visit and help with things like remembering your shopping cart, items you viewed, and preferences to improve the user web experience. First-party cookies collect behavioral data to help the website owner improve their services. This type of data collection only relays data back to the owner of the web domain.

Third-Party Cookies

Third-party cookies are set by a third-party server (ad-tech) via a code placed on the web domain by the owner of that domain. The data collected on third-party cookies are accessible on any website that loads the third-party server’s code. Third-party cookies allow advertisers to track users across the internet (cross-site) and target advertising wherever that user goes.

Pro-tip: Cookies sometimes get mixed up with other nomenclatures such as pixels, tags, and scripts, but it’s important to understand that they are not the same thing. 

How do cookies in ecommerce work?

Cookies have evolved in a third-party context; many companies use cookies from websites to track user activity for advertisers to use targeted ads. 

Today, many digital marketing capabilities are powered by cookies. We use them to track website visitors, improve the user experience, create personalized onsite experiences, and collect data to help target ads to the right audiences. We also use cookies placed by advertisers to better understand users when they are not on our website; this is the part that’s going away.

Advertisers use third-party cookie data to learn about a visitor’s overall online behavior. Without third-party cookies we lose the ability to understand what websites a user frequently visits, what purchases they make or interests they have shown on other websites.

Marketers should be prepared that attribution, measurement, frequency capping and suppression, insights, segmentation, activation and retargeting are in for a shake-up in 2021.

Privacy-first web browsers such as Firefox, Safari & Brave already block third-party cookies and Chrome has announced that they are deprecating third-party cookies this year. This change will be the final shoe to drop that will kill the cookie as we know it.  You can learn more about it in our recent blog post, “Google Phasing Out Third-Party Cookies: What You Should Know“.

In a blog titled “Building a more private web,” Google announced that its Privacy Sandbox and other privacy initiatives will gradually make third-party cookies “obsolete.”

“After initial dialogue with the web community, we are confident that with continued iteration and feedback, privacy-preserving and open-standard mechanisms like the Privacy Sandbox can sustain a healthy, ad-supported web in a way that will render third-party cookies obsolete,” writes Justin Schuh, Director of Chrome Engineering.

Why are cookies going away?

Cookies power all the ways we track, target, and measure performance in digital advertising. Cookies track users silently. As an industry, we didn’t do a great job of educating users how and why we use cookies. And we didn’t give people a way to opt-out.

As a consumer, you have little control over who is collecting this information or where it is going—you are able to clear cookies from your own browser, but you’ll never be able to manage or delete servers holding third-party data that has already been gathered.

In response to the perceived lack of transparency and control for individuals, data breaches, and “creepiness” in advertising, privacy legislation from the EU and California now give users control over their data. Effectively, these policies give users the ability to block various tracking technologies or request the deletion of their data. Tech companies have also responded by giving users control of how their data is used both within browsers and devices. 

Third-Party Data vs. Third Party Cookies

Something important to note is that although third-party cookies might be going away, third-party data is not. Businesses will have to find other ways to access this information through membership cards, loyalty programs, email subscribers, social media insights, and more.  

Next Steps for Marketers in a Cookie-less World

Make no mistake: cookies are an important tool for advertisers to track and gather data that is critical to informing user behavior and targeting across the web.

Reducing advertisers’ ability to track and understand user behavior will no doubt affect the efficacy of cookie-based targeting practices.

From the fallout of the Cambridge Analytica data controversy to Apple’s iOS 14 update to the wide-reaching data consent and controls of GDPR in Europe and CCPA in California; we’re in the midst of an industry-wide crackdown on third-party data practices that were once taken for granted by advertisers.

“This is good for consumers and companies who recognize the need for privacy and trust.  For companies to really explain what’s happening on their sites,” Jodi Daniels, Founder and CEO at Red Clover Advisors said in a recent interview with Tinuiti.

“It will impact advertising, however. Middle ad tech players may have smaller pools of data. CPMs for quality data will likely rise. Many advertisers will need a more sophisticated approach to make ads more relevant instead of just chasing down what they think is the right target.”

It’s one of the many reasons advertisers need to place more emphasis on creative performance to create relevant and high-quality experiences tailored to the user.

“We should see this as an opportunity to engage with those customers in an improved way. Create compelling content and engaging videos across digital platforms to create a solid, trust-based relationship,” explains Daniels.

“It will impact Google Analytics and it will increase our reliance on first rather than third-party data and our direct relationships with consumers.”

Experts Chime in: Workarounds Are Less Sustainable As Restrictions Mount


“The Safari and Firefox updates have led ad tech to develop workaround solutions. The more ‘obstacles’ that are put in place, the less sustainable the existing workarounds become. The previous updates have hampered third-party data platforms such as Criteo.”

– Jesse Math, VP of Planning & Platforms and OTT Lead at Tinuiti



“While there are already cookie-less tracking solutions in place for some platforms (and some that rely on multiple methodologies), they are generally all server-side. Additionally, some platforms specialize in event-based tracking, often coupled with CDP products (Tealium, Segment, Amplitude are all competitive in the space). The landscape is going to change before they actually make the switch. Developing and implementing some of these solutions are not trivial – server-side and cookie-less tracking can require significant development in many cases, which Tinuiti can strategically advise. They will also vary pretty widely based on the platform.”

– Tom Clinton, Manager of Analytics Engineering at Tinuiti


tom clinton


 “Marketing companies that rely on third-party pixels nowadays are going to need to spark up conversations with the partners they work with (think Facebook, Criteo, Snapchat, etc.) about how those marketing publishers plan on or suggest to attack this. Brands without tagging and dev resources will be in bad shape if they don’t plan server-side tracking accordingly.”

 – Andrew Richardson, Vice President of Analytics and Marketing Science at Tinuiti


andrew richardson vp of analytics at tinuiti


“Most platforms (Facebook, Google, Snapchat, TikTok, DSPs, MMPs, etc.) are still working through how to adapt to the major changes with iOS users on web & apps. Initial conversations indicate that most players are leaning towards updating their SDK to support the SKAdNetwork option. Apple’s SKAdNetwork enables privacy-safety to install attribution and measurement. This framework appends attribution parameters upon the ad click, so when the app is installed and opened for the first time it will send an install postback to the ad network including information such as campaign ID.”

– Liz Emery, Senior Director of Mobile App Strategy at Tinuiti



Above all advertisers should remember: First-party data is king

“Our advice to all advertisers is to start the process of creating a usable identity graph of customers and prospects with an email address and/or phone numbers as your primary key to ensure your organization can continue to market on a 1 to 1 level across ad products”

Nii Ahene, Chief Strategy Officer at Tinuiti

nii ahene

For more information on how to navigate the changes with third-party cookies and tracking, contact us

Get the latest digital marketing insights and trends delivered straight to your inbox.

*By submitting your Email Address, you are agreeing to all conditions of our Privacy Policy.

Share This