Understanding Chrome’s third-party cookie restrictions and their impact

On January 4th, 2024, Google Chrome stopped allowing third-party cookies for 1% of its users, and it’ll be extended to all users by the end of the year. Everyone in the industry has the same question: how will the end of third-party cookies affect online advertising? These changes require a rethink of marketing strategies that depend on third-party data.

This article offers insights and strategies to adapt to this new situation.

On this post
Understanding Chrome's third-party cookie restrictions and their impact

Third-party cookies and first-party cookies

Cookies, specifically HTTP cookies, have been in use since the late ’90s. First-party and third-party cookies both aim to collect data by monitoring user behavior. However, there are differences.

First-party cookies are placed by a website owner to collect data to remember site configuration, such as user settings and preferences. Their purpose is to give users smoother site access and a good user experience. On the other hand, third-party cookies are placed on a website by a third-party server, not the website owner, for usually online advertising purposes. These cookies track the same information as first-party cookies, but sometimes more. They are mostly used for personalized ads based on user behavior to targeted and retargeted advertising.

But after a while, third-party cookies have sparked privacy concerns due to the extensive tracking they allow without explicit user consent. Therefore, new regulations have been introduced

  • The General Data Protection Regulation (GDPR) in the European Union
  •  The California Consumer Privacy Act (CCPA) in the US

With these regulations, advertisers and marketeers now have to be transparent. They should inform users about the existence of cookies, the data they collect and with whom they share the data. Additionally, users should be able to disable the collection of cookie data at any time. Otherwise, websites may face legal and criminal sanctions if they aren’t transparent.

Impact on targeted and retargeted marketing

Is it the end of personalized ads? No. But that’s the fact that at the shifting process, without third-party cookies, it’ll be more difficult to personalize ads based on users’ behavior. Therefore, publishers will face a reduction in ad revenue and advertisers will lose the accuracy in targeted advertising.

Now, advertisers must rely on first-party data to collect directly from users with consent. So, companies will need to find ways to collect first-party data, for example, customer surveys or direct communication via email.

For targeted advertising, advertisers must focus on demographic information, using data willingly shared by customers. For retargeting, advertisers need to try new ways, like using customer lists that are based on previous purchases. This helps them target users without using third-party cookies. 

Nowadays, using people-based targeting methods allows marketeers to gain deeper insights for better user profiling. People-based targeting tracks online user behavior across devices as part of behavioral advertising. However, it does not store any information that could identify the user, thus maintaining some level of internet security.

Preparing for a cookie-less future

If these new changes put you in a panic, relax. By respecting privacy, you can be prepared for a future without third-party cookies. How? 

  • Enhance First-Party Data Collection: Start collecting data directly from customer interactions.
  • Adopt New Technologies: Use privacy-compliant technologies for customer behavior tracking.
  • Ensure Privacy Compliance: Align marketing practices with privacy regulations to build consumer trust.
  • Stay Updated: Follow industry changes and adjust strategies accordingly.

Alternatives and solutions

Digital marketeers are realizing that shifting towards privacy-preserving technologies and strategies is a necessity. Here are the ways for the post-third party cookie area.

  • First-party data uses data collected directly from customer interactions.
  • Google’s Privacy Sandbox provides aggregated data insights by ensuring privacy.
  • Contextual advertising places ads based on content context, not user history, for privacy-friendly targeting.
  • Conversion-Based Customer Lists use lists of users who completed a conversion to effectively retarget them.

The Privacy Sandbox is an initiative led by Google to create web standards for websites to access user information without compromising privacy. 

How to collect first-party data with walker.js

With walker.js, it’s possible to implement cookie-free tracking by collecting anonymized session IDs or campaign-based associations without collecting personal data. Cookie-free tracking allows you to measure key campaign performance without associating that data with an individual user. To learn more about how to collect first-party data with walker.js, take a look at our step-by-step guide.

Use Google Ads Data Manager to simplify managing your first-party data

When it comes to simplifying the first-party data collection, Google Ads Data Manager will be your handy tool. It helps to improve campaign targeting and personalization by integrating first-party data into Google Ads. This integration allows businesses to tailor their advertising efforts based on genuine user insights.

  • Easier customer data processing
  • Easier measurement
  • Relevant advertising distribution
  • Maximize advertising ROI
  • Leverage data-driven strategies

The future of GCLID and its relevance

The Google Click Identifier (GCLID) is a unique tracking parameter automatically appended to URLs when users click on a Google Ad. However, GCLID’s future is uncertain, with rumors about its discontinuation. Despite uncertainties, its role in measuring ad performance remains crucial. That’s why, marketeers must adapt to potential changes in tracking mechanisms, staying informed to maintain effective campaign measurement in a privacy-centric landscape.

Using Google Analytics 4 without third-party cookies

Although GA4 (Google Analytics 4) is designed to work without cookies, it uses third-party cookies by default. Besides, Google is using machine learning and statistical modeling to fill data gaps as the world becomes less dependent on cookies. They call this “blended data”.

However, how does cookieless tracking work in Google Analytics 4? Google Analytics 4 Server-Side Tracking.

GA4 server-side monitoring tracks user behavior and activities on a website’s server, as opposed to the user’s browser. It doesn’t place a cookie on the front end of a website to collect data. It also improves data accuracy because tracking occurs on the server side. GA4 server-side tracking works by transferring data directly from the website’s server to the Google Analytics server. This is accomplished using an HTTP request sent from the server to the Google Analytics Measurement Protocol. The request includes data such as the user’s IP address, user agent string, event information, and custom dimensions.

What are FLoC and Cohort?

FLoC is an advertising technology that lets you target ads to users by including them in groups or communities of other users who are similar to you.

Cohort refers to a group or community of individuals who share a defining or identifying characteristic. In the cohort structure, groups, not users, are targeted. Thus, adverts can create segments to target while user privacy is protected.

Besides, the FLoC algorithm uses the SimHash algorithm to group users who access similar content with each other, unlike third-party cookies that use information about previous visits to a website. It then assigns it to a common group (cohort) with people with similar browser history, that is, interests.

Moreover, FLoC doesn’t allocate any unique identifiers to users. Identifies the browser/user as part of a community of interest (cohort). FLoC assigns a user a group (cohort) ID based on their history of website visits, and this information never leaves the browser.


We’re stepping into a new era, where privacy takes center stage. This transition requires marketeers to innovate with first-party data, embrace cutting-edge technologies, and comply with privacy laws. It’s a journey that offers more than just a path to success.


GDPR compliance means an organization meets the European Union’s General Data Protection Regulation standards for handling personal data. This involves lawful, transparent processing, securing data, and upholding individuals’ rights over their data.

Yes, Google Analytics cookies can be GDPR-compliant if end-user consent is obtained before their use, as required by the EU’s General Data Protection Regulation (GDPR). This is because GDPR necessitates consent for cookies that are not strictly necessary for the basic functioning of the website.

Yes, you generally need cookie consent for Google Analytics, as it involves collecting data from website visitors. This must align with applicable data protection regulations, such as the GDPR or the CCPA.

Under GDPR, people must give their permission to track their personal information unless it’s necessary for providing a service or product they requested. 

More Similar Posts