The Third-Party Cookie Lives to See Another Year
An easily digestible overview of Google's latest shift in the timeline for the phaseout of third-party cookies, plus a pause on FLoC testing.
We’re looking forwards, not backwards, and continuing to test and prepare for the future of first-party, first.
It turns out that third-party cookies are sticking around a little bit longer after all.
This is per Google’s June 24th blog An Updated Timeline for Privacy Sandbox Milestones, where the company dropped a fairly significant change in the originally expected timeline for the death of the cookie – “by 2022” has been replaced with “starting in mid-2023 and ending in late 2023.” Additionally announced is that all FLoC testing, which has thus far been available to a small number of supply-side tech vendors and publishers, will pause on July 13th.
The news has been buzzing around our agency, and the industry trades have had their rightful fun covering the delay. But for those like us who’ve been keeping an eye on some of the skepticism surrounding Google’s proposed Privacy Box solutions, and more recently, on the growing pressure of the UK’s Competition and Markets Authority (CMA) investigations, the news isn’t entirely surprising.
It also doesn’t change the strategy we’re discussing with our clients. We still embrace the privacy-centric direction that Google (and the larger industry) is moving in, and we’re proactively helping clients clean up and strengthen their first-party data infrastructure, while testing, learning and continuing to prepare for the future.
If you’re looking for a take on the “Why”, “What’s Next?” and some key recommendations, we’ve prepared that below:
Why the Change:
Google points to the need for a “responsible pace” when it comes to the phaseout of third-party cookies and the testing and adoption of its Privacy Sandbox solutions like FLoC (Federated Learning of Cohorts). Google also addresses the active discussions being had with the UK’s CMA, who has been investigating those same solutions for potential antitrust violations.
Our SVP of CRM & Martech, Michael McVeigh, added some thought-provoking points on this:
“For a change, the regulatory environment is actually influencing the status quo to stay in place, at least for a little longer. For several years, we’ve had the privacy regulatory environment driving Martech/Adtech change and limiting how we operate. But here, we have the anti-trust regulatory environment stepping in and influencing, as a counterweight, the extension of the current status quo and third-party cookie paradigm.”
We’ve learned that the CMA’s concern revolves around whether the removal of third-party cookies and the launch of FLoCs will effectively wipe out the competition – meaning it could significantly hurt smaller tech companies’ and publishers’ abilities to earn ad dollars, and direct more of those dollars at Google.
What else is going on?
Privacy regulators in Europe have raised questions over whether FLoC is GDPR-compliant. As a reminder, FLoC buckets people into groups (cohorts) based on browsing behaviors, and each cohort is assigned a specific ID that can be targeted. The idea is that targeting a cohort comprising of a group of individuals essentially “hides” the individual person, compared to targeting cookies that are assigned to unique users. But, regulators question whether the act of web browsers bucketing individuals based on their behaviors still qualifies as using personal data for ad targeting without proper user consent, thus potentially violating GDPR.
Additionally, other tech vendors, specifically those who build cross device maps, have begun testing ways to use FLoC IDs to actually improve targeting of individuals, which goes against why they exist in the first place.
Finally, adoption of FLoC has been notably low, with many reputable browsers and publishers (Firefox, all Amazon properties, The Guardian across all global properties) opting out of enabling FLoC.
What’s Happening Next & What We Recommend:
Like we mentioned earlier, agencies and advertisers who were next in line to begin testing FLoC will now have to wait. The new timeline for third-party cookie phaseout suggests a slower and perhaps somewhat more methodical approach, with Stage 1 beginning at the end of 2022 and Stage 2 in mid-2023, concluding towards the end of the year.
Right now, we’re staying as nimble and flexible as ever, and we’re recommending the same to our clients. Digital always requires a significant level of flexibility, and we expect that the changes that were already put in motion will continue to evolve – like Google’s Privacy Sandbox, The Trade Desk’s UID solution, and other new solutions that tech vendors will undoubtedly test and release over this time.
Our Head of Consultancy Europe, Femi Taiwo, added:
“It’s worth examining FLoC as a framework rather than just Google’s product. There’s no reason why publishers and brands can’t begin to build their own privacy-compliant, cohort-based systems for their audiences. If you invested in a Martech team while the pandemic raged, then this is the project they’ve been waiting for. If you didn’t, this is the business case you’ve been waiting for (whether you choose to outsource or not).”
With the additional breathing room, we’re continuing to help clients test different approaches for planning, measurement and optimization. And equally as important, we’re continuing to work with clients to understand how to improve the relationship and experiences for customers in order to encourage the sharing of permissioned first-party data.
We can’t know exactly what will happen in the future, but you can bet we’re looking forwards, not backwards, and we recommend that anyone reading this do the same.