The Cookie is Crumbling. So What Comes Next?

Written by Ben Morrisroe

16 Jul, 2019

Industry News


Cookies have been the backbone of the internet since the early days of online browsing and shopping, helping to improve the user experience for site visitors, allowing websites to understand who their audience is and making sure that advertisers deliver the most relevant messages possible.

But the prediction of the cookie’s demise has long been floated in the programmatic industry due to the explosion in mobile web browsing and the inherent difficulties with tracking users across devices, leaving cookies inefficient at building a full picture of a user.

Couple this with an awakening in users around the value of their own private data and demand for privacy, it does look like the cookies’ days are numbered. Though many have declared the cookie dead, like the immortal cockroach of the internet, it just never seems to go. It appears cookies will have some kind of role in digital advertising moving forward and are still a fundamental backbone of the web.

So what exactly are cookies and how will publishers and advertisers look to track users around the web in the near future in a way that will allow for targeted and useful content whilst keeping user experience and privacy at the forefront?


What are cookies?

Well, besides a delicious little biscuit, a cookie (or HTTP cookie as they are formally known) is a small bit of data stored as a text file in a browser that allows websites to keep track of users and help them to customise the experience. They are used for core website functionalities like shopping carts, remembering login details and your preferred language and location.


First Party Cookies

First party cookies are used to help websites keep track of your visits and activity which is not really a bad thing. Many online retailers can use cookies to keep track of your login details, what you have put in your shopping cart or the language you were last browsing in. Skyscanner uses them to show you your last flight searches and dates, for example. It all helps with improving the user experience and making your internet browsing more seamless.


Third Party Cookies

Third party cookies are used for ad retargeting and behavioural advertising. By adding tags to a page, advertisers can track a user across the web as they visit different websites. This allows advertisers to build a profile of you based on your search habits so they can serve more relevant content. Advertisers have very sophisticated targeting for their campaigns to make sure they are reaching the right potential buyers and use cookies to do this. These cookies have long been shrouded in controversy and are seen by many as an invasion of people’s privacy.


A New Privacy-Focused World

Third party cookies are on the ropes these days. It seems everywhere we look they are under scrutiny.
Regulators are changing their tune on the wild west, free-market ideals of the early days of the internet and are attempting to tip the balance of power back into the hands of the consumer. GDPR in the EU is enforcing strict new rules on the handling of user data and enforcing some significant penalties this year against some of the biggest players in online advertising like Google and Facebook.

With anti-trust regulators from Europe to the US also breathing down the necks of the big tech companies for everything from Russian election interference to accusations of monopolies, the tech giants are leaning into privacy as much as possible. Facebook's new encrypted messenger and cryptocurrency Libra, Google’s new privacy tool to prevent third-party tracking and Apple’s ITP (intelligent tracking prevention) have all been released to try and sway public perception back in their direction. All of which promise more privacy and less unwanted tracking around the web.


"Third party cookies are on the ropes these days. It seems everywhere we look they are under scrutiny."


The Problems with Cookies

Other than public perception and the years of misuse and abuse from advertisers, cookies were becoming increasingly inefficient and ineffective for advertisers to target users and track performance. Users are now spread across multiple connected devices and use them interchangeably. Cookies are unable to transfer across device or even between apps meaning it is very hard to track the full buyer journey of a customer.

This causes issues with correctly attributing conversions and budget to the right channels, ultimately causing wastage. It also means users do not get a seamless experience with incorrect or out of date cookie data being fed to advertisers.

Advertisers guided exclusively by cookie data get an incorrect view of performance with users being counted multiple times and purchasers on one device being hounded by retargeting campaigns on another.

On top of this, many browsers like Firefox, Safari and Internet Explorer no longer accept third-party cookies with Google recently following in their footsteps. All of this means time is running out for the third party cookie and the industry must seek out a new alternative.



Other ways to deliver targeted ads


Device fingerprinting

Device fingerprinting is another technique marketers use to follow potential customers around the internet. You may have come in contact with this before if you have ever signed into Gmail or your Apple account from a new device. It is a technique for identifying a computing device right down to the individual and effectively deanonymize us and monitor our actions online. Device fingerprinting will look at the device you use and a number of other related data points like your location, time zone settings, plugins, apps and operating system version.

All this allows marketers to follow you around the web. Again this falls down where cookies have done since the introduction of smartphones to the market. Google reports that 70% of users connect through at least two different devices each day. In order to make this leap across devices, marketers would need an email address or payment details. Until then, they are viewed as two different users, one who may have just purchased a pair of shoes on his phone after researching them at work on his desktop. He will end up being flooded with unnecessary retargeting ads hoping to bring him back to his waiting basket.

The data points used for device fingerprinting change all the time and so it becomes a very intensive process in terms of bandwidth to continually check and cross-reference in order to operate effectively.


Pixel Syncing and Universal ID’s

Cookies worked well when there was a limited number of companies using the information for transactions but as the programmatic industry has exploded, there are now thousands of different companies that create and use cookies to buy and sell advertising. Since each player creates its own cookie ID, if these companies want to share data, they need to be matched to the other providers.

This sync is the only way to follow users across the web and ensure they are targeted with the correct ads but it isn’t foolproof and very often there can be mistakes in this syncing of different user IDs. Not only that, but the process means a large number of third-party requests take place on webpages, slowing down the user's experience.




Initiatives like the IAB lab’s Digitrust look to improve this bloated cookie syncing by creating a universal user token which stores the conventional cookie data within it and allowing members to share this data without the need for syncing.

“Hundreds of billions of unnecessary daily third-party pixel sync requests will eventually be removed from web pages — improving the web experience for consumers — while publishers and their partners continue to be able to work together to deliver consumers rich, personalized content and advertising.”


ID5 Universal ID Solution via Prebid

Just this week ID5, an independent identity solution for digital advertising released its Universal ID which is available in Prebid.js to publishers and ad tech platforms globally. Publishers can retrieve the ID5 ID, store it on a first-party cookie and pass it to their demand partners via a simple on-page configuration. Bid adapters in Prebid can listen to the ID5 ID and send it to their RTB demand partners on 100% of impressions. For the first time, SSPs, DSPs and DMPs can trade with each other using a common currency in the form of a scaled, neutral, shared user identifier.


But Are We Solving the Problem?

But all of these workarounds to third-party cookies may be missing the point. Users no longer want to be hunted around the web so we must acknowledge this and try to find another, better solution to this problem. The Digitrust consortium is a good first step in seeking to develop a solution for both the demand and supply sides whilst attempting to improve the experience for consumers.

  • Pieter de Zwart, CTO at Eyeota suggests we could look to browsers to implement mobile application device IDs into the browser itself, allowing for a number of potential benefits:
  • Users would gain more control over how their data is shared and used
    Page load times would increase due to fewer tags
  • The advertising ecosystem would be able to more consistently serve their target audience, increasing ROI in the subset of opted-in users.

Whatever becomes the replacement for cookies, it should aim to provide a balanced value exchange both for consumers and vendors. We should look to provide users with their desired control, privacy, relevance and speed, without impacting on publishers and advertisers profits too heavily.


Related Posts



Level 9, 46-56 Kippax Street
Surry Hills NSW 2010


Level 2, 696 Bourke Street
Melbourne VIC 3000

San Francisco

227 Valencia Street, San Francisco, CA 94103
United States

Share This