The Cookieless Future begins -
What Companies need to do to Continue
to be Successful in Digital Marketing
What are Cookies and why do we need them?
A cookie is a data package generated by web browsers and websites to store individual user data. A website recognizes who is visiting it by using a cookie and can therefore better adapt to the user's needs.
We distinguish between first-party cookies and third-party cookies:
First-party cookies are usually generated directly by the website operator. Only the creator (first instance) can read the cookie later, e.g. short-lived cookies to store shopping baskets locally or to pre-fill search bars. The primary focus of first-party cookies is the user experience and the comfort of the website visitors.
In addition, the use of first-party cookies allows the website operator to store and make better use of the collected data.
The use of first-party cookies offers various advantages. One major area of application is the usage of social network login data. Since the data is collected by a domain, you gain more data control and remain in possession of the user’s data. Furthermore, first-party cookies are not automatically blocked by adblockers, so you have a greater chance of tracking relevant data.
Mert Can Sahin ConsultantThird-party cookies are not generated directly by the website operator, instead, they are set by a third party. For example, if an advertisement is not hosted on the operator's server, the page view generates a third-party cookie from the external provider in addition to the operator's first-party cookie. If the cookie is now activated by the same advertisement on other pages, it is possible for external parties to better track the user's online behaviour. In contrast to first-party cookies, third- party cookies are more difficult to control, but they allow valuable conclusions on consumer behaviour.
Third-party cookies are particularly affected by the following changes:
Nevertheless, the disadvantages outweigh the advantages. Third-party cookies are prevented by Adblockers, etc. which means that tracking cannot proceed properly. This form of tracking is also strongly criticized for its lack of data protection, as the anonymity of users is not guaranteed and third-parties are also granted access to the data.
Alexander Lohse ConsultantChronology of Cookie & Tracking Restrictions
Changes in cookies & tracking are taking place at high speed. The following list shows legal influences and those of big tech companies. The timeline starts in 2018 and gives an outlook into the future.
May 2018
The EU GDPR imposes restrictions in the field of permission & consent
The introduction of restrictions in the area of permission & consent: "Privacy by default" is one of the most important principles. An opt-out, i.e. an already pre-set checkbox for a continuous processing of data, is no longer permitted. Instead, an opt-in, i.e. an explicit consent of the user to continue to process his or her data, is required.
March 2020
Safari browser blocks third-party cookies
Apple is the first major browser provider to block third-party cookies by default. From now on, advertisers will have a hard time tracking Apple users through the web.
May 2020
"Planet49" verdict - pre-ticked checkboxes on cookie consent banners are invalid
The "Planet49" ruling states that there is no effective consent to cookies through a pre-set opt-in. From now on, when visiting a website, users must first confirm the cookie pop-ups in order to proceed.
April 2021
Apples users must opt-in to cross-app tracking
With the new AppTrackingTransparency guidelines (ATT), iPhone users have the option to opt-out of tracking across apps. Before running an app for the first time, users must actively consent to tracking.
Fall 2021
New user activity encryption feature in Safari browser
With iCloud Private Relay, Apple offers a feature to disguise IP addresses, locations and activities while browsing. In this case, the retrieval of websites is realized not directly from user to server, but through nodes called relays. These ensure that the actual origin of the request remains hidden from the server and user profiles can no longer be created.
December 2021
The introduction of the TTDSG could make central cookie management possible
The Telecommunications Telemedia Data Protection Act (TTDSG) will solidify practices that have been common since the "Planet49" ruling. A new regulation postulates that users can also give their consent for cookies to be set via Personal Information Management Systems (PIMS) and browser preferences. Therefore, users can manage where and in what form they consent to cookies in a central location. The PIMS can then automatically pass on this instruction to the websites and set the correct checkmarks - cookie banners would then be obsolete. However, these PIMS services do not yet exist.
Summer 2023
Deactivation of marketing cookies in Google Chrome
Google originally planned to abandon third-party cookies in its Chrome browser as of 2022. However, the company needs more time to develop possible alternatives.
One of these alternatives could be FLoC (Federated Learning of Cohorts), which is currently under development. With this, Google no longer wants to assign individual identifiers to users, but rather group them in cohorts of hundreds or thousands. This way, it would no longer be possible to identify a single individual in a cohort.
It remains to be seen whether it will be possible to establish a similarly precise tracking system as that of the third-party cookies with a higher level of data protection at the same time.
Alexander Lohse Consultant2023 / 2024
ePrivacy regulation to replace TTDSG
The EU ePrivacy Regulation is to replace the old ePrivacy Directive of 2002 (also known as the EU Cookie Law). It will also override national laws such as the TTDSG, which are currently under development.
According to the current draft of the ePrivacy Regulation, end-user consent is required before any kind of data is processed from users' computers or smartphones. Currently, the regulation is under negotiation and further changes are to be expected.
Alexander Lohse ConsultantHow do the increasing restrictions affect businesses
What does a personalized and efficient customer approach look like in an increasingly regulated future?
What you need to consider now:
"As privacy concerns intensify, companies face the end of easy & consistent access to consumer data, but it is possible to obtain the data your business needs without breaching privacy: A redesigned data strategy, a new approach to customer trust, and an innovative technology toolkit."
"Companies can no longer rely on cookies to track and understand customers. Thus, proprietary data is gaining importance. A customer data platform, for example, can help. It enables a 360-degree customer view and helps to use proprietary data in the best possible way for a segmented customer approach."
Recommendations
- Login
- Contextual Targeting
- Trust
CUSTOMER DATA PLATTFORM (CDP)
Due to continuous changes, it is crucial to develop a strategy that is tailor-made for your company. If you don't want to be dependent on these changes, you need to ensure that you remain in touch with your customers by implementing CRM systems combined with new data platforms. A customer data platform (CDP) offers one possible solution. It is a customer-centric database that enables a 360-degree customer view and the connection of all available data sources. It combines the disciplines of customer database, analysis/selection, and campaign management. A CDP enables a unified customer view through connectors and identity matching, which can select specific segments and target groups relevant for campaigns. Thus, in addition to a better organized customer data management, it also enables insightful customer analytics. Furthermore, a CDP offers improved data protection and data security, which customers benefit from.
A CDP is a software collection that creates a unified customer database which is accessible to other systems. Data is taken from various sources, cleansed, and combined to create a single customer profile. This structured data is then made available to other marketing systems.
Mert Can Sahin Consultant
Early Login ensures stable and long-term identification capabilities
Cookies have a temporary lifespan, “tracking-blocking” tools are widely used, and browser “incognito-modes” do not use the stored cookies. Hence, tracking for a longer period is becoming challenging consequentially. In the future, tracking approaches that provide stable and long-term identification capabilities without the use of cookies will gain importance. Early user log-in will enable companies to do just that. To facilitate the log-in, more and more providers are relying on single sign-on (SSO) authentication services from Facebook or Google, for example ("Login with Facebook / Login with Google"). In the B2B sector, popular alternatives are login with LinkedIn or Microsoft-365. Other organizations and providers such as Prebird and Criteo are developing an SSO identification option via an e-mail address. Therefore, users do not have to register again for each provider and operators are enabled to have a stable identifier as early as possible in their customer relationship. ensures stable and long-term identification capabilities
Next-Generation contectual targeting
Contextual targeting works autonomously from third-party cookies. Contextual targeting delivers relevant ads by analysing the content being consumed rather than the individual user consuming it. Ad personalization is based on semantic analysis of a website. Contextual targeting goes much further than simple keywords. Through natural language processing (NLP) as well as machine vision, video, and audio processing, the mood, relevance, and safety of a website can be determined automatically. Contextual targeting is enriched by look-a-likes based on first-party data. For this purpose, the company's customer base and its actions are analysed before a transaction is carried out. In the process, commerce signals are made visible, which are required for the creation of look-a-likes.
Trust for customer relationships
In addition to the changes within the IT infrastructure, customer relationships need to be rethought. Customers are increasingly questioning the way personal data is handled. Yet the necessary transparency beyond legal requirements is often lacking. The good news is that companies can create a better online experience - and more effective advertising - by engaging with consumers in an increasingly personal and human way, offering them more control, transparency, and respect for privacy needs: Focus on first-party data. With constant changes in the availability of third-party data and evolving customer privacy considerations, it is increasingly important to invest in owning and mastering first-party data. Combined with first-party cookies and non-cookie identifiers, brands can begin to personalize advertising, website experiences, and permission-based channels like email while gaining customer trust and long-term loyalty. In the post third-party cookie world, high-quality customer data is becoming one of the most important strategic assets of companies. The next few years will likely be a bumpy ride for many companies to find the best path to a world without third-party cookies. Significant changes are needed to provide consumers with the privacy they demand and the emotionally engaging, contextually relevant experiences they desire. As trust and transparency increase, consumers will likely be more willing to share data with companies.
The time to act is now
"The time to act is now. Similar to the introduction of the GDPR, the changes in the framework conditions are foreseeable and progressing rapidly. However, they are not yet sufficiently perceived and addressed in many companies. As Iskander Business Partner, we are happy to provide you with our expertise in Identity and Consent Management. Contact us."
