August 24, 2023
Part one of a three-part series on customer acquisition. Here we clarify common misunderstandings associated with online cookies. Parts two and three explore new data-driven approaches to acquisition and look at the future of marketing campaigns.
The story of invention is not short on irony. The glue later used on Post-it Notes was supposed to be a super-strong adhesive. Viagra was designed to lower blood pressure.
Website cookies add to the irony.
Their original purpose was to protect online privacy by letting websites remember visitors without the need for unique internet user IDs that could be tracked across sites. Their unexpected evolution, as detailed by their inventor Lou Montulli, was that enterprising ad agencies then figured out how to add “third party” cookies to websites and then track users across all sites that used their ad platforms.1
Data privacy laws, most notably the EU’s 2009 update of its ePrivacy Directive or “Cookie Law” in tandem with the explicit consent requirement of the 2016 General Data Protection Regulation (GDPR), precipitated the demise of third-party cookies. Many web browsers already block their use. Google Chrome, the world’s most popular browser, plans to follow suit.
The demise of third-party cookies is no longer newsworthy. Yet 50% of chief marketing officers in the US and UK claim to be unprepared in a 2022 survey.2 The preparedness comes down to a question of reliance. Customer acquisition campaigns built around cookies undoubtedly need to adjust, but truly effective digital marketing campaigns never really relied on third-party cookies in the first place.
The loss is by no means trivial, but third-party cookies have never been a panacea. They are device specific, unable to separate real relevance from basic personalization, and often make customers feel stalked rather than courted. Any marketer overly concerned about the loss has likely been missing out for years. Marketers with the most to lose are likely also to benefit the most as they belatedly adopt more effective alternatives.
First-party cookie: Data, created by the website a user is visiting, that is placed on a user's device to enable device identification on the website.
Third-party cookie: Data, created by an entity other than the website a user is visiting, that is placed on a user's device to enable device identification across websites.
What about first-party cookies?
In Montulli’s original design, the private sharing of information between a website and its user is sacrosanct. Third-party cookies appeared to violate that relationship, and the original versions adopted the moniker of “first party” cookies to avoid confusion.
Web browsers now acknowledge the distinction between first and third party. It stands to reason that regulators would do the same. The reality is not so simple. Despite the distinction, the loss of third-party cookies also affects how marketers may use first-party cookies.
As if the very existence of third-party cookies was not ironic enough, some of the ramifications of data privacy laws add to the irony. The laws are designed to rein in third-party cookies, but they often cramp the functionality of ostensibly privacy-protecting first-party cookies too.
The situation is less a clash of shared goals and more a reflection of unforeseen consequences. First-party cookies were not supposed to engender third-party cookies; concerns over third-party cookies were not supposed to impinge on first-party cookies.
The Cookie Law understandably only exempts “strictly necessary” cookies that are required for basic site functionality. Yet many first-party cookies do not fit the criteria. Their ability to remember user preferences and activity is helpful for improving user interfaces and experiences, such as providing product recommendations, but none of it is strictly necessary. Still, much like a shop assistant in a physical store, first-party cookies are generally appreciated.
The appreciation is shared by customers, who want their needs tended to, and marketers, who want to tend to those needs. The difference is how much it matters to each party. Customers passively enjoy the benefits but may not always care or understand enough to select anything other than “reject all” on a cookie consent popup. Marketers actively care but cannot readily influence the selection.
The imminent demise of third-party cookies could make some customers more willing to “accept all” without fear of being tracked, and the intrusiveness of popups means alternative approaches to consent management will likely emerge in any case. Yet more importantly for now, first-party cookies have tended to operate in the shadow of their third-party counterparts. They might not be able to track potential customers across websites, but they arguably do not need to either.
First-party cookies constitute one of several emerging data sources for customer acquisition, which include the depth of businesses’ customer data and the breadth of independently anonymized global transaction data. All are often underused. All may be used together for better customer acquisition across the board.
Find out how in part two: A new source for customer acquisition. Or download the consolidated report: Customer acquisition's three-act play.
2 “2022 CMO insights survey.” Iterable, 2022.
