Google has announced its decision to block third-party cookies from Chrome in two years. In June 2021, Google announced that it is delaying its plans to phase out third-party cookies in the Chrome browser until 2023, a year later than initially planned. Starting January 4, 2024, Chrome has begun restricting third-party cookies by default for 1% of Chrome browsers.
However, in their first-quarter report of 2024, Google and the UK's Competition and Markets Authority (CMA) announced a further postponement of the phasing out of third-party cookies to the beginning of 2025. The delay was due to diverse feedback from the industry, regulators, and developers and a thorough examination by the CMA.
In practice, this will significantly change user data collection and advertising targeting, as Chrome controls nearly 70% of the desktop browser market.
After Google's announcement, speculation started immediately about how it would affect programmatic buying of advertising and third-party data audiences, which are currently mainly based on cookies. Google's announcement was not surprising in itself, as it has been rumoured for a long time. The positive thing is that there is a time limit now, and the future can be prepared with time. The need for targeted advertising is not going away, so we believe that new ways will replace the need for third-party cookies in building audiences.
We believe that the news will focus more on marketers' data sources, so-called first-party data, which is easier to scale and utilise. However, Google has promised that cookies will not be deleted until other ways exist to target advertising and measure performance. This is where advertisers and technology producers come together to think, and cooperation will certainly be needed. So far, the world has not changed yet, and everything will continue the same until further notice.
Attention should now be turned to more urgent matters first. Indeed, on 4th February, Google announced that Chrome will support cookie sharing between sites only when cookies are protected. In practice, the site must have a valid HTTP protocol and the correct definition of the same site attribute for cookies to be passed from one site to another. Google has said it will primarily implement the change as a security measure to prevent the spoofing of cross-site requests. However, in light of the previous announcement, it is clear that this is the first step in disabling third-party cookies.
The SameSite attribute gives Google an easy way to identify third-party cookies and their purpose. Marking cookies as "SameSite = strict" restricts cookies to the same site they are created on. Also, the attribute "Same Site = lax" in the same way restricts sharing between sites but allows certain exceptional cases, the sites sharing third-party cookies. The "Samesite = none" attribute, on the other hand, is most permissive. It allows third-party cookies to be freely transmitted between sites as long as they are secure.
Starting February 4th 2020, the “lax” setting will become the default setting for Chrome for all third-party cookies that do not have the SameSite attribute. With the promise of a change in two years, Google is anticipated to block cookies transmitted with the None attribute. Thus, the changes that came into effect with the '80s browser version of Chrome are now considered a deliberate move towards a future plan.
The sameSite update deadline is around the corner and cannot be ignored. It is wise for everyone in the supply chain to check the cookies that they read and write. Of course, it is not enough to be awake to the need for change, but all partners must be. Otherwise, the effectiveness of cookie synchronisation in the operating chain will be significantly reduced. Also, remember that the “Samesite = none” attribute will not work unless the cookie is marked secure (HTTPS). There will be no error messages that will warn you if the cookies do not pass, so you have to make sure everything is fine.
For the future, keep your eyes and ears open. Cookie-related updates to Chrome may likely take place before the 2025 deadline. Because Chrome has such a large user base, each change to the browser will usually impact advertising, media business, and website monetisation.