“They're going to get rid of the infrastructure that allows individualized tracking and profiling on the web,” says Bennett Cyphers, a technologist at the civil liberties group the Electronic Frontier Foundation. “They're going to replace it with something that still allows targeted advertising—just doing it a different way.”Google’s plan to replace third-party cookies comes from its Privacy Sandbox, a set of proposals for improving online ads without obliterating the ad industry. Aside from getting rid of third-party cookies, the Privacy Sandbox also deals with issues such as advertising fraud, reducing the number of captchas people see, and introducing new ways for companies to measure the performance of their ads. Many Google critics say parts of the proposals are an improvement on the existing setup and good for the web.
Change is necessary. The online advertising industry is, to put it mildly, unwieldy. It comprises billions of data points about all of our lives that are automatically traded every second of every day. Such a substantial change to this system will impact a raft of businesses, from brands advertising products and services online to the ad tech networks and news organizations that propel those ads to every corner of the web.The Privacy Sandbox proposals are complicated and technical. Google is already testing some, while others remain firmly at the development stage. Privacy Sandbox is documented online, and Google has altered its plans based on feedback and counterproposals from rivals. But, ultimately, when it comes to Chrome, everything is controlled by Google.
The removal of third-party cookies from Chrome, first announced in January 2020, has been a long time coming. “Third-party cookies were awful,” Cyphers says. “They were the most privacy-invasive technology in the world for a while.” When Google does remove them in 2022, it won’t be first—but its huge market share does mean it will have the biggest impact. Apple’s Safari, the second-biggest browser behind Chrome, limited cookie tracking in 2017. Mozilla’s Firefox blocked third-party cookies in 2019; the problem is so vast that the browser is currently blocking 10 billion trackers per day.
If you’re using Chrome at the moment, then the websites you visit, with a few exceptions, will add a third-party cookie to your device. These cookies—small snippets of code—are able to track your browsing history and display ads based on this. Third-party cookies send all the data they collect back to a different domain than the one you’re currently on. First-party cookies, by comparison, beam data back to the owners of the domain you’re visiting at the time.
Third-party cookies are the main reason why the shoes you looked at two weeks ago are still stalking you around the web. All the data gathered by third-party cookies is used to build user profiles, which can include your interests, the things you buy, and your behavior online, and this can be fed back to murky data brokers. “The intention really was to initiate a certain set of proposals about how older technologies like third-party cookies, as well as others, can be replaced by privacy-preserving API alternatives,” says Chetna Bindra, a product lead on Google’s ads business.