Third-party cookies are about to expire. Will server-side tracking help? - Stape

Third-party cookies are about to expire. Will server-side tracking help?

By the end of 2024, Chrome and Chrome-based browsers will be done with third-party cookies. Safari and Firefox already implemented Intelligent Tracking Algorithms that can block trackers. That leads to the next point: digital advertising methods that rely on third-party cookies to target consumers might become ineffective or even stop working altogether.

This change in how advertisers track users will hurt many publishers and ad networks that rely on these third-party companies to display ads and collect data from site visitors to understand their audience.

In this blog post, I will explain what a third-party cookie is, why it matters, and how server-side tracking can help businesses transit to the world without third-party cookies. 

What are third-party cookies?

Cookies allow websites to remember and track user actions. This way, they can provide a more personalized user experience and provide valuable tracking information to companies.

Third-party cookies specifically are created and placed by websites other than the website you’re visiting. Let’s say that you are visiting a website called example.com. It means that cookies set by Google or Facebook will be considered third-party since they were placed by google.com or facebook.com. And the website you are currently browsing is example.com. 

Third-party cookies are widely used for advertising and user profiling purposes.

What is the difference between third-party and first-party cookies?

Cookies are used to store important information about websites and how they operate. Website owners use cookies to provide personalized user experiences, such as remembering what items people have in their shopping carts or login credentials for the site. First-party cookies are generated by hosts themselves, whereas third-party ones come from external sources like advertisers, who help provide more detailed data on the browsing habits of users.

First-party cookies work best when dealing with simple interactions involving remembering things like your username and passwords.  In contrast, third-party cookies can be helpful if you’re looking to track specific website activity. The only problem is that they cannot identify which sites contain these sensitive pieces of personal info. So oftentimes, they end up collecting all sorts of innocent details.

How are third-party cookies used?

Remarketing. A third-party cookie from a retargeting ad service must be saved in your browser to find out who you are. These cookies can also tell ad platforms what websites you visited and show ads for those sites wherever you go. It is referred to as “the third party” because it is stored by the company that provides the content for these advertisements rather than where they appear. The best examples would be Facebook and Pinterest. 

Behavioral targeting. Third-party cookies track users across sites. With third-party cookies, the advertiser can figure out what a specific person has been viewing or reading on other sites.  And then send them an advertisement about the product they might be interested in according to their browsing history. Hence, data brokers have access to information from many different sources making for a richer picture of user behavior and interests.

Why are third-party cookies going away?

Governments are creating laws and regulations designed to encourage tracking transparency. These laws are geared towards preventing companies from unethical or unregulated user tracking. In a nutshell, it’s all for the sake of user privacy. As a result of GDPR, CCPA, and ePR, websites that don’t reveal which user data is collected or how it’s used can face civil penalties.

Governments want websites to be transparent about cookies and other personally identifiable information like IP addresses that may identify someone online when visiting a site with anonymous browsing enabled.

What had already been done?

Unfortunately, there is no golden standard for protecting user’ data. That is why each browser has its tracking protection technologies and sets of rules. As a result, we have different features and restrictions in each browser. 

To be on top of all changes in the cookies world, I suggest using this site. It consolidates information on the most popular browsers.

Though third-party cookie blocking is a hot topic during the last couple of years, it all started a long time ago. Firefox announced a third-party cookie block in 2018. And one year later, they began to block the third-party cookie by default. 

Safari blocked third-party cookies in 2017 by implementing Intelligent Tracking Prevention 1.0. After that, each year, Apple makes new updates and restrictions to ITP.

Google Chrome – which controls two-thirds of global browsers market share – has followed the crowd and announced that it would phase out third-party cookies by the mid-2023.reviously, they promised to do it by the end of 2022.The change was delayed by a year.

Third-party cookies and server-side tracking

One of the ways that help website and advertising industries adapt to the world without third-party cookies is server-side tracking. With server-side tracking, you use a cloud server to send data to the advertising platforms. For now, there are clear instructions on how to set up server-side tracking for Universal Analytics, Google Analytics 4, Google Ads, Facebook. A lot f other platforms like TikTok, Snapchat, Bing, etc., support server-side tracking but do not yet have clear guidance on how the server-side tracking works and how to set it up. 

The easiest way to implement server-side tracking for your site is to use the Googe Tag Manager server container. Though the setup is done inside the GTM server container (that looks similar to the web container), ss tracking will require good knowledge of Google Tag Manager, development skills, and a decent number of hours. 

For now, Facebook is the most aggressive proponent of server-side tracking. Facebook has been in a battle with Apple over its ongoing restriction of cookie connectors. To deal with these restrictions, Facebook released Conversions API (CAPI or Facebook server-side tracking). This allows advertisers to connect users and customers without restrictions from browsers or devices, which Apple policy restricts. You send event data from your server to the Facebook server. 

How server-side tracking can help you adapt to the world without third-party cookies

First Party Cookies From Your Domain

With server-side tracking, you don’t need to use third-party cookies and client-side JavaScript libraries that can slow down your site. Cookies are set from your cloud tagging server URL that is located with the main website domain. 

SS tracking is new, and realistically, it won’t altogether remove browser tracking in the next year. We will have the combination of browser and server tracking since not all platforms started developing their ss API. 

In theory, server-side tracking should work like this: instead of zillions of different scripts sent from the browser, you should have only one request to the tagging server with all the relevant data. Then, the tagging server will process this data and send only relevant information to each vendor. 

Control over the data flow

You can control what data you send to each vendor. While with the browser tracking, pixels can use any user or product information they find on your site. 

It’s challenging to verify tracking pixels is only collecting essential information it needs and not pulling all the data they can find on your site. In browser tracking, any user information on your website may be available to other tracking scripts. 

Privacy is an essential issue for many of us, especially now, when we start to realize the implications of having our data shared with third parties and using it in ways that might not even come close to initial intentions.

So ultimately, even if you use server-side tracking, make sure you ask for user consent before sending any user data to the third-party platform.

Data accuracy

Ad blockers can’t block requests you send from your domain. The server-side tagging with configured custom URL can keep all requests first-party. 

Let’s say that you are using Universal Analytics. With the browser tracking, all UA requests will go to https://www.google-analytics.com/j/collect. Google-analytics.com is a third-party domain. Therefore, it sets third-party cookies since it’s different from your domain. 

If you are using server-side tracking with the configured custom subdomain, let’s say that your website domain is example.com and the tagging URL is ss.example.com. In this case, all requests sent to the server container will load using the custom subdomain. It means that they will be considered first-party. The UA requests will be loaded from https://ss.example.com/j/collect

Ultimately, this type of request can’t be locked by AdBlockers or ITPs because it’s sent from your domain. Hence, it is not a third-party request.

Conclusion:

Will server-side tagging fix the issues we might face when the third-party cookies go away? We do not have a solid answer yet. The technology is new but looks very promising.

The browser-based way of tracking site visitors does not comply with modern policy standards and regulations. We recommend adopting server-side tracking as soon as possible because it has many advantages over the old, cumbersome browser method. 

Getting used to server-side tracking may take some time, but the benefits are well worth any initial adjustment period or learning curve. 

If you need help implementing this new technology, let us know. We have a team of experts eager to assist  you with making this transition happen!

Want us to implement server-side tracking on your site?
Find out how much it'll cost!