The announcement by Google that it will stop using third-party cookies in Chrome by the end of 2023 should come as no surprise – many other browsers have already ditched the notorious technology.

However, don’t make the mistake of thinking that removing third-party cookies means removing all tracking. The need to gain user consent to process their data is more critical than ever – and it will continue to be long after third-party cookies are removed.

What is happening?

Google announced it would phase out third-party cookies in late 2023 in response to new laws and regulations that came into play in June 2021 – such as the Privacy and Electronic Communications Regulations (PECR).

Google’s plan to phase out the use of third-party cookies in Chrome is just one part of their larger strategy covering the creation of a privacy sandbox that will enable them to track users while simultaneously protecting the user’s privacy. However, Google is facing severe challenges against this sandbox in the form of antitrust investigations by the EU Commission and the UK’s Competition and Markets Authority (CMA).

This removal of cookies has implications for anyone who uses Chrome, although it is not just Chrome that has announced this change – other browsers have since followed suit.

What does the removal of cookies mean?

To understand more about what the removal of cookies means, you need to understand the four basic data types:

  • Zero-Party Data – this is data that a user intentionally and proactively shares with a brand, e.g. giving you their date of birth in exchange for an exclusive offer.
  • First-Party Data – data that a brand collects directly from users and which they then own. It can only be gotten from the website the user accessed. Examples of first-party data include purchase history and email engagement.
  • Second-Party Data – data acquired from a trusted partner or behavioural data shared between companies, e.g. customer loyalty data sold by a grocery store to a credit card company.
  • Third-Party Data – data collected by companies that don’t directly relate to the user or identity and behaviour data they have bought, e.g. public demographic data or weather data.

Browsers like Chrome can store up to 8 types of cookies, although the first-party and third-party data cookies are the most common.

Kaspersky defines a cookie as “text files with small pieces of data that are used to identify your computer as you use a computer network.”

Once browsers have removed third-party cookies, you will still be able to reach users and serve them with personalised ads, BUT you won’t be able to do this without each visitor’s consent to your website.

Why is consent so important?

Consent has been and will remain the core element of all of the primary data protection laws around the globe – from the EU’s General Data Protection Legislation (GDPR) to Brazil’s General Data Protection Law (LGPD).

The removal of third-party cookies does not mean the end of consent.

Consent becomes even more critical, as your website will need to ask for and obtain the consent of its users before you can store any data – regardless of what technology is used.

Your website will also need to inform users about whatever technology you use to collect their data. You will be required to document that consent and renew it annually.

Consent is not only vital to data privacy; it is also central to the ad tech industry – and has been since the launch of Google Consent Mode in September 2020. This mode lets websites run all of Google’s services based on the consent of their end-users – balancing tracking and compliance on the grounds of consent.

Google’s introduction of the Consent Mode is a clear signal from them that they want the world of adtech to move in the direction of consent, meaning digital advertising should be balanced with data privacy.

Although third-party cookies in Chrome will disappear in the next few years, consent will move to centre stage.

What does this mean for pharmaceutical marketing?

Third-party cookies have been used extensively in digital marketing, as they are used to track website activity when running a digital advertising campaign to target social media advertising more closely. But as we said above, removing third-party cookies is not the removal of tracking – there are other options.

One option is to move from third-party data to zero- or first-party data – which is ‘customer provided data’ so it is gained from the customer rather than their devices. So instead of running a retargeting programme, we run a lead generation programme – where the user downloads some gated content in exchange for their personal information.

However, if we do move to first-party data, we will still need to review this data every 12 months to ensure it is accurate, consistent and usable.

We all need to start thinking about this now, as the change will be here before we know it, so we must be prepared. If you are unsure what this means, please reach out to us, and we can talk you through what it means.

 

What does Google’s policy to end third-party cookies mean?

  /  

The announcement by Google that it will stop using third-party cookies in Chrome by the end of 2023 should come as no surprise – many other browsers have already ditched the notorious technology.

However, don’t make the mistake of thinking that removing third-party cookies means removing all tracking. The need to gain user consent to process their data is more critical than ever – and it will continue to be long after third-party cookies are removed.

What is happening?

Google announced it would phase out third-party cookies in late 2023 in response to new laws and regulations that came into play in June 2021 – such as the Privacy and Electronic Communications Regulations (PECR).

Google’s plan to phase out the use of third-party cookies in Chrome is just one part of their larger strategy covering the creation of a privacy sandbox that will enable them to track users while simultaneously protecting the user’s privacy. However, Google is facing severe challenges against this sandbox in the form of antitrust investigations by the EU Commission and the UK’s Competition and Markets Authority (CMA).

This removal of cookies has implications for anyone who uses Chrome, although it is not just Chrome that has announced this change – other browsers have since followed suit.

What does the removal of cookies mean?

To understand more about what the removal of cookies means, you need to understand the four basic data types:

  • Zero-Party Data – this is data that a user intentionally and proactively shares with a brand, e.g. giving you their date of birth in exchange for an exclusive offer.
  • First-Party Data – data that a brand collects directly from users and which they then own. It can only be gotten from the website the user accessed. Examples of first-party data include purchase history and email engagement.
  • Second-Party Data – data acquired from a trusted partner or behavioural data shared between companies, e.g. customer loyalty data sold by a grocery store to a credit card company.
  • Third-Party Data – data collected by companies that don’t directly relate to the user or identity and behaviour data they have bought, e.g. public demographic data or weather data.

Browsers like Chrome can store up to 8 types of cookies, although the first-party and third-party data cookies are the most common.

Kaspersky defines a cookie as “text files with small pieces of data that are used to identify your computer as you use a computer network.”

Once browsers have removed third-party cookies, you will still be able to reach users and serve them with personalised ads, BUT you won’t be able to do this without each visitor’s consent to your website.

Why is consent so important?

Consent has been and will remain the core element of all of the primary data protection laws around the globe – from the EU’s General Data Protection Legislation (GDPR) to Brazil’s General Data Protection Law (LGPD).

The removal of third-party cookies does not mean the end of consent.

Consent becomes even more critical, as your website will need to ask for and obtain the consent of its users before you can store any data – regardless of what technology is used.

Your website will also need to inform users about whatever technology you use to collect their data. You will be required to document that consent and renew it annually.

Consent is not only vital to data privacy; it is also central to the ad tech industry – and has been since the launch of Google Consent Mode in September 2020. This mode lets websites run all of Google’s services based on the consent of their end-users – balancing tracking and compliance on the grounds of consent.

Google’s introduction of the Consent Mode is a clear signal from them that they want the world of adtech to move in the direction of consent, meaning digital advertising should be balanced with data privacy.

Although third-party cookies in Chrome will disappear in the next few years, consent will move to centre stage.

What does this mean for pharmaceutical marketing?

Third-party cookies have been used extensively in digital marketing, as they are used to track website activity when running a digital advertising campaign to target social media advertising more closely. But as we said above, removing third-party cookies is not the removal of tracking – there are other options.

One option is to move from third-party data to zero- or first-party data – which is ‘customer provided data’ so it is gained from the customer rather than their devices. So instead of running a retargeting programme, we run a lead generation programme – where the user downloads some gated content in exchange for their personal information.

However, if we do move to first-party data, we will still need to review this data every 12 months to ensure it is accurate, consistent and usable.

We all need to start thinking about this now, as the change will be here before we know it, so we must be prepared. If you are unsure what this means, please reach out to us, and we can talk you through what it means.