From Cookies to Consent: Addressing Advertiser Challenges in the Era of Privacy Changes

It’s January 2024, which means that Google Chrome has started to unroll its plan to deprecate third-party cookies from the browser.

Google’s plan is to roll out its Tracking Protection within the Privacy Sandbox feature to 1% of Chrome users at random. For this group, third-party cookies will be restricted by default, which limits the ability to track their behaviors across different websites.

Relied on for decades, third-party cookies are used to track a user’s website activities, and can help with log-ins and showing relevant ads. But under scrutiny for years, companies and governments are trying to crack down on the reliance of third-party cookies as they fear the cookies reduce privacy of users.

Cookies and deja vu

No, you aren’t having deja vu. Apple already blocked third-party cookies on Safari by default.

The implementation of GDPR in Europe introduced stricter regulations and required websites to obtain explicit user consent before using cookies or other tracking technologies. This means that websites need to inform users about the use of cookies and give them the option to accept or decline. As a result, users have more control over their personal data and can choose to block third-party cookies if they prefer not to be tracked.

First-party vs. Third-party cookies

We’ve written about this a lot, but it’s always worth a refresher.

First-party cookies are those created and stored by the website itself and are information provided by the user themselves. They are generally accepted by users because they help the website remember preferences like password to enhance the user experience. First-party cookies track the history and basic analytics from the website visited, and they are stored in the web browser's database.

Third-party cookies are served to websites by scripts of tags from a separate domain. They teach the history of overall online behaviors across websites and are often set up and stored by AdTech vendors.

Note that only third-party cookies will be removed from Chrome in their Privacy Sandbox initiative.

Bad News for Advertisers

Your average Chrome user likely won’t notice much of a difference in their day-to-day experience. They’ll likely see less targeted ads that are kind of vaguely based on their persona. 

It’s the advertisers who are going to have to adapt quickly.

The Trade Desk’s Vice President, Product Bill Simmons argued that the Privacy Sandbox will limit audience targeting by hiding the identity data of individual users, making it more difficult to coordinate advertising across devices and measure and optimize performance.

“Furthermore, I foresee Privacy Sandbox creating on-device auctions that will add even more latency to page loads and ad rendering, degrading the user experience while ads populate more slowly on the page.”

The deprecation of third-party cookies is creating a lot of hurdles for advertisers.

How Segment helps

The elimination of third-party cookies, requires advertisers to get crafty. They can implement complicated APIs (difficult for startups) that would leave them dependent on Google, explore privacy-preserving alternatives like the aforementioned Privacy Sandbox, or select another cumbersome method.

Alternatively, advertisers can rely only on first-party cookies to show relevant ads, track their impact, and remain compliant with the Privacy Sandbox.

A Customer Data Platform like Twilio Segment only deals with first-party data, and in the following section, we’ll share how it works.

Segment's technology is designed to respect user privacy and comply with data protection regulations. It provides tools to manage user consent, handle data deletion requests, and ensure data is used responsibly.

Twilio Segment has several features that will ensure user safety and data privacy even after Chrome eliminates third-party cookies:

Consent Management: Allows businesses to collect and store consent decisions alongside customer data, ensuring compliance with privacy regulations and respecting user preferences.

Whether customers want their data deleted, modified, or no longer collected, Segment's Consent Management feature ensures businesses can honor these requests.

Data Deletion Requests: Offers features to handle data deletion requests, enabling businesses to comply with data privacy regulations.

This means that when a user requests their data to be deleted, businesses can easily delete that user's data from Segment, their data warehouse, and any other supported tools they use, such as Mixpanel, Braze, and Intercom.

In 2022, Segment successfully processed over 23 million user deletion requests in order to uphold user privacy.

Identity Resolution: Helps businesses unify user data into a single profile, even when third-party cookies are not available. This is done using data from user interactions across different platforms and devices.

Identity resolution is the process of connecting multiple identifiers across different channels and devices to a single individual or entity. This allows businesses to create a unified view of each customer, tracking their interactions across various touchpoints in real time.

It merges the complete history of each customer into a single profile, no matter where they interact with your business. It supports cookie IDs, device IDs, emails, and custom external IDs, allowing you to understand a user's interaction across web, mobile, server, and third-party partner touchpoints in real time.

For example, a customer might interact with a business through its website, mobile app, and customer service. Each of these interactions might be associated with a different identifier, such as a cookie ID for the website, a device ID for the mobile app, and an email address for customer service. Segment's Identity Resolution feature can link these identifiers to create a single, unified customer profile.

Secure Data Handling: Ensures that data is encrypted at rest and protected by TLS in transit. It also uses robust security measures during product design and testing, including regular penetration tests and a public bug bounty for continuous assessment.

In the absence of third-party cookies, businesses will need to collect and manage more first-party data to understand and engage their customers. This data often includes sensitive information, such as email addresses, device IDs, and custom external IDs, which must be handled securely to protect customer privacy and comply with data protection regulations.

Segment's secure data handling practices help businesses build trust with their customers. By demonstrating that they can handle customer data securely, businesses can reassure their customers that their personal information is safe, which is particularly important in a world without third-party cookies.

Linked Profiles: Enables brands to understand each individual's relationships to others by linking any customer information from any part of the business to a profile. This allows for modeling beyond the individual to multi-user accounts, households, and more.

It provides a more comprehensive view of the customer journey which includes data collected both before and after a user is "known" to the system, stitching together all historical user data, including data from anonymous interactions, into a profile that provides a richer picture of users' unique journeys.

This approach respects user privacy while still providing businesses with the insights they need to improve user interactions and their products. It's a powerful tool for businesses to continue to deliver personalized experiences in a world without third-party cookies.

Profiles Sync: Allows users to automatically sync the comprehensive, identity-resolved customer profiles created by Segment to your data warehouse. These profiles include the complete activity history of each customer across web, mobile, and other digital touchpoints. With Profiles Sync, you can enrich these profiles with additional data in your warehouse, power advanced analytics, build data models, and create personalized experiences across different channels.

Conversion API: allows businesses to send server-side events directly to advertising platforms like Google Ads or Meta, bypassing the need for cookies and ensuring accurate tracking of conversion data. This is particularly useful for tracking offline conversions or events that occur in your mobile app.

Profile API: allows businesses to retrieve unified customer profiles in real-time. These profiles, built from data collected across various touchpoints, can include predictive attributes like a customer's likelihood to churn or their predicted lifetime value. This data can be used to personalize experiences across channels and to create more precise, predictive audiences for advertising campaigns. Users can also define a target audience to be synced with advertising platforms like Facebook or LinkedIn to create lookalike audiences.

Sanofi Case Study

We offer a case study that showcases Linked Profiles and Profiles Sync in action. Sanofi, a global healthcare company, partnered with Twilio Segment to create a comprehensive, real-time view of its healthcare providers. 

They used Segment's Profiles Sync to combine customer data from multiple sources in their Snowflake data warehouse, creating "golden profiles" of their customers. This provided a complete view of customers' interests and behaviors, enabling Sanofi to create complex, omni-channel marketing campaigns. These campaigns effectively educated healthcare providers about new drugs and treatment plans, leading to improved patient outcomes.

Summary

The removal of third-party cookies from Google Chrome is just the latest in a drive for customer privacy. But that doesn’t mean customers must forego relevant, personalized advertising. Companies who rely on first-party cookies, and a CDP like Segment, can build customer trust, provide customized marketing campaigns, and ensure compliance with browser and government regulations.