Billed by some as a 'cookie-less future' - what do the planned changes really mean and how will it affect your organisation?
You may need to re-think your marketing strategy or re-negotiate the contracts you have with any marketing agencies. The summary below explains the changes and the current concerns.
Cookies are small files of data that are stored on a user's computer.
Some are 'essential' for the website to work - for example shopping cart cookies. Without a cookie to remember what you have placed in the basket you wouldn't be able to buy anything online.
Some are optional. They help to inform website operators how the website is working, how many visitors they have, how long they stay on the site and the websites they visit next.
The reason people take issue with some cookies is because of the perception that they are privacy intrusive as they allow a detailed profile of an individual's browsing habits, likes and interests to be built up. This data is then used to place targeted adverts on the user's browser.
Cookies can also be set by the website that the user visits, these are known as first party cookies. Cookies can also be set by a third party, this often happens if a website includes features from another website, for example, a social media plug-in or advertising.
Google - Google plan to phase out third party cookies on Chrome browsers in 2023/24.
Google released a statement in March setting out their position. They don't think third party cookies meet either the expectations of consumers or regulators. The current proposal is to use Application Planning Interfaces (the software that allows different platforms to work together) with what they call a 'privacy preserving' mechanism called Federated Learning of Cohorts (FLoC) to enable targeted advertising to continue without following users around the web.
In a white paper Google explain that they want to preserve the ability to target adverts but to do so in a more "privacy preserving" way - based on advertising to a cohort of users with similar browsing histories. Google acknowledge that sites could piece together cohort information to reveal identities but they plan to take steps to prevent this practice.
Apple - Apple recently made a change to their privacy settings which allows a user to switch off tracking and makes it a requirement of using the Apple app store to gather user consent to target. When people opt out, they will still see adverts but these won't be personalised.
Although Google are currently trialling FLoC elsewhere, they are not doing so in Europe. There is concern that the approach breaches the GDPR. German, French and Belgian regulators are concerned that FLoC is an act of processing personal data and users need to be given transparency information and be allowed to choose to use FLoC rather than having it as a default setting. The French regulator wants GDPR level consent (specific, informed and unambiguous) to be in place for this use of information.
There is a further concern that FLoC will enable advertisers with bad intentions to discriminate (for example targeting vulnerable individuals with high interest loans) or cause disturbance (for example using it for political campaigning) with certain cohorts, but it will be harder for platforms to police because it is harder for users and regulators to understand.
Why are those in advertising worried? Without third party cookies, those placing adverts won't be able to target them at specific users or to cap the frequency with which a person sees the advert. The assumption is that the efficacy of advertising campaigns will decrease, although Google are claiming that FLoC will be 95% as effective as third party cookies.
If you are using an agency for your advertising or apps, you may wish to review the key performance indicators that you're paying for to make sure that you still get value for money when some of the tools they rely on are no longer available. Cost per click or cost per purchase agreements are likely to be a sensible choice going forward.
It's likely that your agency will want to cross refer to your 'first party data' ie your clients' phone numbers, addresses, email addresses and the ways in which people navigate your own website, sales data, loyalty scheme data to find their own trends and build on other forms of advertising. Make sure your first party data is accurate and has been collected appropriately under the UK GDPR (or GDPR where relevant) requirements.