About internet cookies, web privacy and online tracking
In this article:
- A quick history of internet cookies
- How Internet cookies work
- How Cookies are used in advertising
- How Apple, Google and Mozilla handle privacy in 2022
- How privacy restrictions affect digital marketing
“One day in June 1994, Lou Montulli sat down at his keyboard to fix one of the biggest problems facing the fledgling World Wide Web – and, as so often happens in the world of technology, he created another one”.
The technology, once created to allow websites recognising your device as you browse between web pages, is now the centrepiece of almost every online privacy protection initiative.
With multiple tracking restrictions and privacy regulations constantly arising, we need to know what they mean for digital marketing and why almost every word with “cookie” in it turns into a buzzword.
Accept all Cookies
Cookies were created 28 years ago by Netscape, the company that built one of the Internet’s first widely used browsers. Ironically, the original idea behind cookies was to find a way for websites to remember visitors without enabling cross-site tracking.
The reason itself was that Netscape needed to build the cart functionality into the shopping server that they were working on. Cookies were implemented in Netscape’s browser as a technology to allow the shopping cart’s content to follow the user from page to page.
Were there any other ways to give the Web a “memory”?
Prior to cookies, there was no way to identify that a person visited a website before. For users this means that their shopping experience was more like Groundhog Day – having to introduce themselves every time they visit a website or open a new page.
Ecommerce website experience before cookies
As for online advertising, publishers were only able to target users by the context of a website and on little pieces of information passed by a browser, i.e. the language and the operating system that was set on the visitor’s computer.
Outside of cookies, there were a few other proposals, however for the most part they involved a unique identifier that allowed a website to personally “recognise” each user.
Eventually it became apparent that cookies were the reliant choice and this technology was implemented in the Netscape browser in 1994, following by Internet Explorer a year later.
What exactly is a cookie?
A web cookie itself is a file that website owners use to store information about the visitor. When you visit a website, it leaves a text file on your computer – this is a cookie. It contains a unique ID that helps a server remember who you are, keep you logged in, and help website owners analyse their site traffic.
Even though cookies have a mixed reputation, they are useful for a lot of what we do on the web. However, there are two sides to every story, and as for cookies, they can also act as cross-site trackers.
But cookies are tied to a domain name, meaning cookies set by one website cannot be read by another.
Well, how then can they be used for cross-site tracking?
Let’s find out.
There was a problem that the inventors of this solution didn’t foresee - that cookies can be also used in a third-party context.
It’s possible trough referrals to a third-party domains, embedded in a website that user is currently visiting. These referrals are usually ads, chats, or social media like/share buttons, that pulled from another domain.
For example, when I’m on a site that has an ad pulled from the advertiser’s side, I not only get cookies from the website I’m on, but I also let this advertiser drop its cookie on my computer.
This is where good user experience ends and privacy concerns begin.
Here’s an example:
I’ve searched for: “The best holiday places” on Yahoo and clicked on a few pages. Then I opened a website where I can probably catch a display ad, but which has nothing to do with travel industry and belongs to Yahoo’s ad network.
As you can see, there is an ad suggesting booking a tour to Dubai. Although it’s not the best season for going to Dubai, so I’m not going to click on it. it is still a good example of how 3rd-party cookies are used in advertising.
Let’s jump into a more detailed view of how it works.
Before visiting TechCrunch, I was reading an article about SegmentStream on Yahoo Finance. Yahoo created and assigned me a unique ID, since I was visiting Yahoo’s network site for the first time. Then Yahoo stored this ID in a cookie in my browser.
Now Yahoo ad network knows that I’m an iPhone 12 Pro user with IOS 15.5 and the visit comes from IP XXX.XXX.XX.XX.
The network still doesn’t know my name, email or any other personal information, until I log into one of Yahoo’s apps or services. And when I do, Yahoo will again use the cookie to store my hashed credentials.
Login with social media platforms
Next, over time, I will be leaving a trail of digital breadcrumbs, visiting Yahoo’s advertising network products, 3rd-party websites and apps that they partner with. The information Yahoo will gather varies from basics like gender and age to my search queries and info from my social media, if I use them as a log in method.
This is an example of how cookies can be used for cross-site tracking – exactly what ITP in Safari and other web privacy initiatives are aiming to stop. To learm more about these restrictions and regulations, let’s take a closer look at how the browsers handle cookies in 2022.
How Apple, Google and Mozilla Handle Cookies in 2022
In 2017 Apple released the Intellectual Tracking Prevention (ITP) framework. It is a feature in Safari that prevents cross-site tracking in order to deliver a more privacy-focused experience for its users.
It automatically blocks third-party cookies and limits the lifespan of first-party cookies (expire after 1 or 7 days in some cases). ITP also set a 7-day limit on all non-cookie storage data, which includes LocalStorage – a method that allows sites to store data directly in the browser, usually with no expiration date.
App Tracking Transparency
For the past years, app developers have been relying on IDFA – an Apple’s ID for Advertisers to measure clicks and compare them to installs. But by introducing iOS 14.5 in 2021, Apple significantly impacted mobile marketing measurement and attribution. Starting with the iOS 14.5 update, app developers need to ask users to opt in to tracking in order for advertisers to access IDFA. App Tracking Transparency pop-up
From 2019 Mozilla blocks third-party cookies in its browser by default. Firefox’s users already had a possibility to block 3rd-party cookies before, but this had to be done manually.
But that’s not all, in 2021 Firefox rolled out Total Cookie Protection, calling it the most powerful cookie blocking technology ever.
With this solution, each website a user visits gets its own “cookie jar”. Now, a cookie for a given site must be put in its dedicated cookie jar. It restricts cross-site tracking in a case when third-party content is embedded on a website, such as a Facebook like button: because the technology doesn’t allow a site to access any jar besides its own.
Total Cookie Protection in Firefox
We’ve heard that Google is going to phase out third-party cookies soon, but the more news we hear, the more it becomes a story about a boy who cried wolf.
Firstly we were promised “a more private web” in 2020, however recently Google announced it’s pushing back this plan to the latter half of 2024.
In a nutshell, what Google is planning is called the Privacy Sandbox. This initiative aims at capping cross-site and cross-app tracking. How? By phasing out 3rd-party cookies and giving up using user-level identifiers to track individuals across the web. It plans to use Privacy-preserving APIs and FLoC (Federated Learning of Cohorts) instead to group users based on shared interests.
How privacy restrictions affect digital marketing
After we’ve seen how many limitations are put on cookies in both: first-party and third-party context and how restricted app and web tracking is now, it’s time to talk the impact.
Let’s take a look at how today’s privacy affects digital marketing in a context of measurement and attribution.
How IOS 14.5+ affects marketing measurement
As I’ve mentioned before, now app developers need to ask users to opt in to tracking.
As a result, we now have Meta’s Aggregated Event Measurement and Apple’s SKAdNetwork for measuring events from people using iOS 14.5+. Which is basically yet another “black box” that became darker. For marketers, Meta’s AEM resulted in reduction in audience size, limited learning and fewer data points in general.
Attribution after ITP
Capped lifespan of 1st-party cookies to 1-7 days means that conversions happened outside this window will not be attributed to the right source. Since tools like Google Analytics and Adobe heavily rely on first-party cookies.
One more thing that privacy initiatives have resulted in - is shrinking attribution windows.
Take Facebook Ads for example, historically an attribution window in Facebook ad ecosystem was 1 day after seeing an ad or 28 after clicking. In October 2020 as a response to Apple capping first-party cookies lifespan to 7 days in Safari, Facebook has slashed the default attribution window for ad Conversions to 7 days.
It’s also a hard hit in numbers on the upper-funnel campaigns for businesses with consideration cycles longer than 7 days. In these cases, a part of closing Conversions (e.g. Purchases or Leads) fall out the 7-day window and not being attributed to the right source.
On the other hand, lower-funnel campaigns get more credit than they deserved, which may lead to inaccurate budget allocation decisions and significantly put the brakes on growth. Conversions attributed using cookies
It falls not only on the measurement, optimisation is also affected.
Facebook’s algorithms learn and communicate by the means of Conversions. When you want more sales, you choose to optimise towards a particular Conversion – Purchase. Facebook shows your ad to many groups of people and based on whether their interaction with your ad result in a Conversion (Purchase), it learns to select the right ad for the right audience.
Meaning that conversions play a role of feedback signals for the ad platforms’ algorithms.
And a result of ITP, ad platforms often don’t receive enough of those signals (conversions) for accurate learning and optimisation. Which results in “limited learning” status and lower performance.
The solution is to think differently
People can go searching for workarounds, but it typically results in getting caught up in a game of whack-a-mole with companies like Apple, that will keep closing up loopholes.
What marketers need now is not to keep pace with constantly changing rules, but to stay ahead of the curve.
This is exactly why we at SegmentStream solve tracking restrictions and privacy regulations by looking at things differently.
Our approach is based on a simple fact that knowing your customers’ complete path to conversion is no longer possible. ITP, IOS 14.5+, other privacy initiatives described above plus the complexity of customer journeys in a world where people have more than one personal device, hence more than one set of cookies, result in:
- Marketing teams struggling tomeasure true CPA, ROAS, Revenue and Conversions at channel or campaign level.
- Ad platforms being restricted in their optimisation and targeting capabilities due to incomplete feedback about the true value of each paid click.
How do we at SegmentStream approach marketing measurement and optimisation in this context?
We use Conversion Modelling – a next-generation solution to outdated attribution and conversion tracking tools that are no longer suitable for modern cookie restrictions.
After ITP, when a conversion happens after 7 days post-click, any attribution tool will see two different visitors and will credit only the last touch (Direct), while the paid click from Facebook will not receive any credit at all. How Conversion Modelling Handles ITP
Conversion Modelling, on the contrary, will show the contribution of each touch, even if cookies are wiped or expired.
Sure, SegmentStream will also see two different visitors, because the point of getting an accurate picture on how your channels perform is not through stitching the unstitchible customer journey, but in getting relevant and accurate value. Value that we measure according to the visitor’s probability to convert in the future.
How does it work?
It refers to the use of machine learning to evaluate the incremental impact of each visit, based on the visitor’s behaviour, even if a final conversion can not be observed as a result of cookie limitations.
It works by evaluating each website visit and predicts the user’s probability to convert in the future. When this probability is sufficient enough — SegmentStream creates a “Modelled Conversion” which is immediately attributed to the traffic source.
This guarantees that each traffic source gets the value it deserves, even if the real conversion happens from another device, browser, or cookie.
To sum up
In the light of a rapidly changing online privacy landscape, marketers are now constantly re-evaluating their tools, approaches to address new game rules.
We believe that existing marketing attribution and conversion tracking tools are no longer reliable in today’s digital marketing ecosystem. That’s why we’ve developed Conversion Modelling to help you measure and optimise your ad performance in a privacy-first world. Switching to SegmentStream will give you the following advantages:
- Understand the impact of upper-funnel campaigns. It allows you to accurately measure the value of upper-funnel and mid-funnel campaigns and make better budget allocation decisions.
- Improve performance of automated bidding strategies. With Conversion Modelling you can quantify true value of each session and send it to Facebook and Google Ads as Modelled Conversion in real-time. Even if the final conversion is not observed or can not be attributed to the click due to ITP, cross-browser or short attribution windows.
Increase Retargeting efficiency using audiences based on Modelled Conversions. You will also have the ability to focus your retargeting spend on visitors with the highest future conversion value and reduce spend on visitors unlikely to buy.
An example of predicred audiences
- Scale Prospecting using lookalike audiences based on Modelled Conversions. In addition to the above, you can target a new audience that is similar to your website visitors with the highest future value and improve your prospecting campaign results.
- Faster understand how newly launched campaigns are performing. Measure the traffic quality of newly launched ads and campaigns when there are not enough conversions yet. Modelled Conversions will give you insights into which ads and campaigns drive the most valuable users to your website with the highest likelihood to convert in the future.
To learn more, request a trial to find out how Conversion Modelling can help to tackle your current challenges in marketing.
You might also be interested in
Watch the recording: SegmentStream at DigiMarCon about marketing in the cookieless worldLearn more
Cross-device marketing attribution: is there a solution?Learn more
How does ITP in Safari affect performance marketing and what can we do about it?Learn more
Never miss an article
Get the latest articles, event invitations and product updates delivered straight to your inbox.
Thank you! You’ve been signed up for our newsletter.
Get started with SegmentStream
Request a personalised demo with our team!