Google Cancels Third-Party Cookies Phase-Out: Key Insights for Privacy Teams

Google has reversed its decision to end support for third-party cookies in Chrome, after years of working to develop a more privacy-friendly tracking alternative. This move underscores the continued need for consent management solutions to protect your customers’ right to privacy.

Let’s break down the news and help you navigate this conversation within your privacy or marketing team.

The industry is addicted to cookies

Over the last few years, Google and some of its top ad publishers have been developing new technology to preserve user tracking while following the example set by Mozilla (Firefox) and Apple (Safari), both of which have added built-in mechanisms to block third-party cookies. These cookies are an essential tool used by ad publishers to serve personalized (and sometimes unnerving) ads to people as they move around the internet. We’ve all seen that pair of shoes we like on one site and then they start showing up…everywhere.

As pressure rose from the public to stop invasive tracking, Google opted to pilot a solution that would preserve how tracking worked while also continuing to enable personalized ads across the web, dubbed the Privacy Sandbox. Google has been testing the Privacy Sandbox for years, delaying their push to end third-party cookie support until they made their advertisers happy.

In a recent update, Google finally conceded that the change would be too big of an effort for their ad publishers. Instead, they are proposing a much smaller change. As of July 22, Google is saying they will build new opt-out signals into Chrome that will manage whether Google specific services are able to track personal user data.

Consent continues to move into universal, browser-based mechanisms

Google’s new proposal echoes the functionality of the Universal Opt-Out Mechanisms (UOOMs), furthering the US-centric push to honor consent at the browser level, rather than via a “banner” notice on your website. When the California Privacy Rights Act (CPRA) was first introduced, the framework specifically called out the need to respect the Global Privacy Control (GPC) signal, a type of UOOM. This makes it easy for users to provide their consent choices once and have them respected everywhere.

Unfortunately, our latest DataGrail Privacy Trends Report suggests many companies are not compliant with Universal Opt-Out Mechanisms, exposing them to the risk of costly litigation and legal challenges by state attorney generals. We found that 75% of websites executed tracking despite sending an opt-out request via the Global Privacy Control signal setting. This suggests privacy and marketing teams need to take a second look at how they honor a user’s right to privacy.

DataGrail Consent ensures your site honors each users’ right to privacy, building trust with your brand and providing an important shield against legal headaches.

DataGrail Consent takes a modern, automated approach to consent management by recognizing UOOMs and handling all tracking services. This includes sending consent signals to Google Tag Manager with our foundational, no-code integration.

For privacy teams, consent management is now elevated in importance

The latest news from Google now enshrines cookies as a central part of the way the internet and advertising work, but the story doesn’t end there.

While third-party cookies are particularly offensive in the data they expose to advertisers, other cookie types and tracking alternatives commonly used by popular SaaS apps need more attention to properly respect user privacy. For example, many of the apps installed by marketing teams use first-party cookies to track users. Some apps even use server-side APIs to directly retrieve and store user information.

This news underscores the importance of having a consent management platform (CMP) in place to ensure all the tracking employed on your site is respecting user consent preferences.

While cookies have dominated the privacy discussions for years, handling scripts—or the code that stores cookies on a user’s browser—has actually become far more important from a privacy risk standpoint.

The good news is, DataGrail Consent handles blocking at the script level, interrupting non-essential trackers at the source, so you can have confidence that each users’ preferences are always respected.

Take a tour of DataGrail Consent here and if you’d like to chat with a DataGrail privacy expert about how this news will impact your business, or learn more about our modern consent management platform, we’re here to help!