What the latest changes to cookie policies mean for eCommerce

Gingerbread, chocolate-chip, third-party – everyone’s got their own favorite kind of cookies. And it’s impossible not to notice when the recipe suddenly changes. Well, almost impossible. Because right now we are at a moment when massive, industry-shaping changes are being made in the role of this familiar online treat.

Cookies have been around for about as long as the internet and have played a huge role in the way that we use it and how online marketers operate. But growing privacy concerns and a general public uneasiness with the idea of being tracked online have led some of the titans of the online space to take a new approach to user data, how it’s collected and how it can be used to personalize experiences.

So let’s figure out what’s going on together. Where does Google’s crusade against third-party cookies leave eCommerce owners? What is the future of digital advertising and how do other big players, like Apple and Microsoft, fit in the picture?

It might be a little complicated and it’s not getting the mainstream coverage it deserves but, believe us, this is one of the biggest stories you’ve probably never heard of.

But let’s take things slowly and start with a simple review of some useful definitions.

What are cookies, anyway?

We all do it — mindlessly click on “accept all” before checking what exactly that “cookie policy” is and what kind of info they are going to track. We just know that it tracks something. But there’s no harm in that, right?

For an average internet user that’s true and for most people cookies represent just another obstacle on the way to all that the web has to offer. But for site operators and business owners, especially those dealing with eCommerce, cookies are essential for proper performance.

Most contemporary marketing strategies, advertising campaigns, and digital budgets are dedicated to improving the personalization that can only be possible with, you guessed it, cookies. They are an effortless way for companies to collect and leverage personal data for business purposes.

Essentially, cookies are the tracking codes that make it possible to gather information about user activity, pass it to different websites, store it, and utilize it for a better, more convenient, and personalized online experience.

Cookies identify individual users, which makes it possible to track when those users return to a site (or if they return at all), what they look at, what they click on, etc.

That’s pretty straightforward but here’s where it starts to get more complicated.

First-party vs Third-party cookies

There are two types of cookies: first- and third-party. Both function the same way and rely on the same technology, with the key difference being on who is using them and what for.

First-party cookies work directly for the site you are visiting, e.g. once you’re logging in to your Facebook account and it asks you to accept cookies, it does so to store this valuable information and help you log in faster in the future. They’re also used to make your feed more engaging, thus generating more revenue and time spent on the page, but those are the details.

In this scenario, the site is using information to provide users with a better experience and greater customization. Do you really want to log in your Facebook account every time you go there? Do you want to see suggestions based on someone else’s browsing history when you go to Amazon? Do you want to have to reconfigure your preferences every time you visit a particular site? Of course not, and cookies make it so you don’t have to —  they recognize that it’s you returning to the same page.

Some examples of the uses of first-party cookies include login details, cart status, website configuration specifics, such as language or currency, etc.

Meanwhile, third-party cookies are those working for sites other than the one you’re visiting. They are used for personalized ad placement, social media targeting, and additional services like live chats. Thanks to third-party cookies you see jeans ads for a week after browsing the Levi’s store. Just about every ad you see online is based on the information collected by third-party cookies.

Big Brother is watching you and is ready to advertise. It’s a fact. If that thought makes you uncomfortable or gets you thinking about using that incognito tab a bit more often, you’re not the only one. In fact, you’re one of hundreds of millions of internet users who have grown uncomfortable with the tracking power of advertisers. And that, in turn, is why tech giants like Google and Apple have decided to put an end to third-party cookies once and for all.

At least, that’s the plan.

Updates to cookies policies

There is a lot going on with cookies right now and some fundamental changes are on the way but most of the issues come down to the same source: compliance with GDPR laws (General Data Protection Regulation), which were updated back in 2018.

Many officials agree that the ideal rule would be to eliminate third-party cookies whatsoever, however, the pro-cookie side has its own heroes, like Facebook. Online marketers, especially those operating for ecommerce, agree that the inability to gather data will be their greatest challenge. That’s why most of the changes introduced to third-party cookies policies won’t eradicate the data-gathering completely.

Instead, they will make it harder for unethical businesses to gain access to information that wasn’t intended for them in the first place. There are several processes of various levels of complexity that will eventually contribute to the overall change in the cookie-free landscape, and we are going to take a look at the most crucial ones right now.

Google and its “Death of third-party cookies”

Google’s announcement to remove support for all third-party cookies in 2022 was shocking for many industries, but its impact on the eCommerce industry has been the greatest of all. This privacy-first innovation is amazingly user-friendly on paper, however many companies speculate as to real motives Google might have.

After all, as the dominant web browser, it doesn’t serve their own processes right to completely eliminate the greatest revenue generator. Google depends on retailers about as much as retailers depend on Google.

But Google is not banning all cookies completely. Instead, it’s encouraging everyone to move to its own FLoC framework, aiming at providing better fraud prevention and personalization based on users’ digital privacy. Basically, FLoC will allow advertisers to continue targeting “for the right reasons” while also blocking invasive content.

Will it make digital marketing strategies more complicated for ecommerce? Most definitely.

But does it mean you will no longer be able to benefit from all the user data generously shared online? Not quite yet.

Apple’s Intelligent Tracking Prevention (ITP) for Safari and iOS 15

Apple was waging war on cookies way before Google’s announcement, and now it’s taking its pro-privacy movement a step further with the next series of updates to Apple’s ITP. Safari is known for its intolerance of unwanted tracking. This year, it’s also going to hide users’ IP addresses from trackers, among other changes.

What does this mean for eCommerce? Well, first of all, you will no longer be able to use IP as a unique identifier to connect various activities from different websites to one account.

But, once again, Safari was never the number-one choice for ecommerce tracking. Apple’s closed system makes it far less marketer-friendly than Google, Mozilla, or other browsers. However, it also doesn’t eliminate the possibility of third-party tracking completely. Just like Google, it simply makes it harder to use.

Which brings us to the real question: what does it all mean for ecommerce?

The future of cookies in ecommerce

Third-party cookies paved the way for online marketing, but their journey is coming to an end. And, while the entire privacy-versus-tracking story is not yet over, it’s sure to see some serious changes. Fortunately, we are already able to predict some of them.

Growing popularization of privacy-first frameworks

We’ve already briefly touched upon the subject of third-party-free tracking frameworks when discussing Google’s FLoC. Yet, it’s worth mentioning that there are far more options to choose from here. The most noticeable proposals and alternatives to FLoC on everyone’s mind these days are:

• TURTLEDOVE (Two Uncorrelated Requests, Then Locally-Executed Decision on Victory) by Google
• PARAKEET (Private and Anonymized Requests for Ads that Keep Efficacy and Enhance Transparency) by Microsoft
• SWAN (Secure Web Addressability Network) by SWAN community
• SPECTACLE (Sensible Privacy Enablement by Clustering Targeting Attributes in Client) by the creators of Adblock Plus
• And many, many more

More transparency in data collection and further use

Regardless of the proposal and framework taking over the world once Google’s ban of third-party cookies eventually comes through, they all share one goal in common: enhanced transparency.

Basically, this means that regardless of the solution, businesses will still have a chance to gather user data online, as long as they are ethical about it. And given the recent drops of effectiveness display ads, this might be for the best.

The rise of explicit data storage and processing consent

After the latest update of EU’s GDPR regulations, data storage and processing consent has been on everyone’s minds either way. Well, after the disappearance of third-party cookies, it might be taken to the next level.

One of the key problems with tracking these days is that users don’t usually know what they are agreeing to exactly. First- and third-party cookies are offered as a bundle and not many people are eager to go through the hassle of deciding which part of their personal information is less relevant than others. In the future, however, it is likely to be specified and several steps of user consent might be needed in order for them to proceed to the website.

No more guest checkouts and/or mandatory account creation

Guest checkout is among the most effective strategies for cart and checkout optimization. Unfortunately, due to the restrictions imposed by the upcoming changes to cookie policies, this might be the end of an era.

Forcing a user to create an account in order to shop online is one of the most certain ways to gather their personal data as well as the consent to process it. So it’s about time to start thinking about which fields you would make mandatory for completing registration.

Growth of email marketing

Email marketing, especially the automated kind, is set for a revival. Its effectiveness originates, mainly, from high levels of personalization. Yet, we all know that there’s a thin line between an effective email marketing strategy and spamming.

It’s likely that with the death of third-party cookies (at least for Chrome users), ecommerce companies will get more active in their email advertising efforts. And only the future will show whether it will somehow affect the already limiting privacy-first regulations for contacting prospects.

Are cookies dead?

With all the speculation circulating in the digital air, it’s only natural to worry about the future of your online business. But let us reassure you — it is going to be fine.

First of all, not all cookies are the ‘bad’ kind targeted by Google and Apple’s restrictions – most of the processes will only affect third-party tracking, meaning that your store will be able to gather precious user data from its direct traffic just as effectively as it used to.

Also, it’s important to understand that this is not the end of tracking – it’s just a new approach to it, which, hopefully, might turn out more beneficial for all the parties involved.