How the Cookie Crumbled: Marketing in a Cookie-Less World

How the cookie crumbled: Marketing in a cookie-less world

1. What’s happening? A summary • Personalisation will still be possible • Investment in audience data technologies In January 2020, Google announced its with other currently available solutions (such as DMPs and CDPs) will not be plans ‘to phase out support for third-party (such as first-party data, location and wasted, as there will still be multiple cookies in Chrome… within two years’. In two time-based messaging, and contextual sources of audience data (even if first- years’ time, all major browsers (Google targeting) across all the main digital party) that benefit from consolidation. Chrome, Firefox, Safari) will have blocked channels (display, video, social, search). • Advertisers are expected to benefit the use of third-party cookies. This may • Audience data will be available as first- from greater customer confidence over alter the landscape for digital advertising party (advertiser-owned) and second- time in consuming online content and which currently relies extensively on party (tech or publisher-owned) cookie purchasing online safely. third-party cookie data for personalisation. data, and will likely be supplemented Businesses need to prepare and adapt by clean, fully GDPR-compliant, and So, do not worry. In our view, this decision to changes in personalisation solutions. transparent non-cookie-based third- is best for customers and brands. Here we However there is no need to panic. party data. outline our key thoughts on the topic. How the cookie crumbled: Marketing in a cookie-less world

In addition, content publishing 2. Cookies: Key concepts All types of cookies are intended to provide organisations can make their owned a targeted and/or personalised experience data (collected through their first-party What are cookies? to anyone using the internet, or to gather cookies) available directly to marketers Cookies are small pieces of code that are user behaviour for aggregated insights that purchase advertising space on their placed in your browser when you visit a into user behaviour. These are applied website. This is second-party data from the website. They usually contain at least two to various decision-making processes, perspective of the marketers. pieces of information – a site name and including those around user experience unique user ID – but they may also capture and even product design. other details such as website configuration (e.g. language preferences), login details, or First-party cookies are used to understand products added to a basket. the behaviour of visitors to a business website, remember their preferences and What are first- and third-party personalise the overall user experience What are the cookies? with the brand. First-party cookies are cookies that are benefits of cookies? owned, stored and dropped by the website First-party cookies can also be used to domain that the user visits. These cookies remember for example the contents of Both first- and third-party cookies are used by the website owner to collect your basket on a website, the articles you enable a person’s experience on analytical data, remember preferences and last read or the progress of a video you the internet to be personalised provide personalised experiences. First- are watching. This data can be utilised for with interesting and engaging party cookies will not be blocked or phased personalisation of the website content and content. Cookies ensure that when out by Google. also for targeted messaging through paid you revisit a website, you don’t advertising. have to alter the language Third-party cookies are created and settings, your basket is still there, stored by organisations other than the First-party data, collected by first-party and any preferences you have one that the user is visiting. These cookies cookies, can be shared with or sold to other shown are still in place. They also are dropped by the website you visit but organisations as third-party data. allow businesses to target users are not necessarily stored or owned by through paid advertising channels the website or its parent company. They Organisations can benefit from aggregated with products and messages that are used for cross-site ad tracking, wider data collected by third-party cookies are particularly relevant to their audience profiling and targeting, and wider whenever their first-party data is non- individual interests. personalisation in advertising (especially applicable or insufficient. For example, when prospecting for new users). Third- a telecom brand may be interested in Third-party cookies are also used by party cookies will be blocked or phased targeting individuals moving to a new businesses to build an in-depth out by Google on its Chrome browser home, but not be able to collect relevant understanding of consumers and to from 2020 to 2022, and have already been user data using their first-party cookies, so target them better with advertising, blocked by default within other browsers that behaviours cannot be tracked from as well as understanding the such as Safari and Firefox. their own website. In such circumstances performance in general of their purchasing third-party data may be very advertising activities. How are cookies used? useful for prospecting new users within a Cookies are used to collect user data, target audience. which can be on both an aggregate and anonymised level, such as clicks on page, However, not all third-party audience pages viewed, engagement elements, data is generated by third-party cookies. and also on a PII (personal identifiable Organisations may gather granular user information) level, such as device IDs, data using first-party cookies within names, addresses, passwords and credit their websites (e.g. through a detailed card numbers. personality and behavioural questionnaire, or tracked consumption of news articles in different subjects), then aggregate the data within audiences and offer it for sale to marketers for targeting and personalisation.

2 How the cookie crumbled: Marketing in a cookie-less world

3. Third-party cookie data: What are the pros and cons?

Pros Cons Third-party cookies allow ads to be ‘hyper- Data privacy is an issue. Users have no targeted’ or personalised for individuals visibility about which companies are even when they have not yet engaged with processing their data, beyond those that the advertiser, providing a more engaging own the websites they visit. The GDPR and relevant user experience across includes cookie consent mechanisms, but the internet, and encouraging discovery once users have consented, they have little of targeted products or services. Data or no visibility about which organisations technology companies aggregate user data are directly collecting their data. From through third-party cookies, and these are a user perspective, this can lead to widely available at market rates. hyper-targeted and persistent messages by unknown – and sometimes perhaps disreputable – organisations, which can be seen as invasive rather than helpful and interesting.

3 How the cookie crumbled: Marketing in a cookie-less world

4. What will happen now? The main For publishers Short-term implications implications from the change Large digital publishers typically generate In the short-term there will be minimal a large proportion of their revenue by impact on digital marketing, as Google For consumers partnering with third-party data providers has set a two-year timeline for phasing The ban on third-party cookies will who collect data via their pages. With the out the use of third-party cookies on give consumers more control over the third-party cookie ban, this will no longer the Chrome browser. Targeting and data they share with companies online. be possible, possibly resulting in a large personalisation through third-party Consumers will be better able to manage loss of revenue for digital publishers in the data on both owned media (on-website) and understand which companies short term and requiring them to develop and paid media (advertising on other capture their behavioural data, since new strategies for revenue generation from websites and channels) may continue for they must give explicit consent for it to the large audience data they produce. the time being. However data privacy and be collected: this should avoid cases of transparency have been brought into ‘hidden’ data collection. The downside is For demand side platforms (DSPs) and focus, and there will be more visibility for that personalisation of a web experience ad tech providers in general consumers about who collects their data (outside a specific brand’s owned website) Many DSP vendors will need to revise and how it is used. There is a need for the could become less common, with more their strategy for the marketability of their entire digital community at all levels to find irrelevant or ‘boring’ ads being shown. products, which typically emphasise the solutions that allow the same (or similar) However consumers who have visited the availability or differentiated use of third- levels of personalisation and targeting that website of a specific brand are still likely to party data for targeting, in response to the third-party cookies have been providing, be targeted with personalised messaging threat from media giants such as Google whilst also addressing concerns and the from that brand (or other brands owned by and Facebook, which offer their first-party new mandatory practices around privacy, its parenting company). audiences free-of-charge for targeting transparency and data ethics. within their media buying platforms. For internet users in general The universal block on third-party cookies The appeal of DSPs should not be will lead to greater rigour in data privacy for diminished drastically. Most of them all internet usage. Other browsers including enable granular targeting and campaign “ The downside Firefox, Internet Explorer and Safari have management through other parameters already announced or implemented a (e.g. site whitelists, content categories, is that ban on third-party cookies.. This will keywords, location, time-of-day and day-of- give internet users much greater clarity, week, device and browser, and first-party personalisation of confidence and assurance when using audiences), as well as the vast access to the internet, especially about who they inventory through partnering ad exchanges a web experience are giving their data to and what those for display and video advertising. companies are doing with it. (outside a specific Other ad tech or ad buying solution For advertisers providers, such as social platforms, will brand’s owned As an immediate effect after the need to adapt their standard tactics implementation of the ban, most third- on collecting user data on advertisers’ website) could party audiences (those whose data is websites for performance tracking and collected via third-party cookies) will targeting. Until now these have been become less diminish in size due to cookie expiry, until implemented through the insertion of they are no longer sufficiently scalable for cookies on websites. It is unclear at this common, with most media buying activities. This means point what will be the implication of that advertisers will need to develop new the third-party cookie bans for ’cookie more irrelevant or strategies for prospecting and rely more piggybacking’ or other indirect ways of heavily on other tactics. Advertising data appropriating or transferring first-party ‘boring’ ads processing and selling organisations will cookie data usually practised for need to develop new ways to collect and ad serving. being shown.“ aggregate audience data that do not require third-party cookies.

4 How the cookie crumbled: Marketing in a cookie-less world

5. How to manage the change? Our recommendations. There is no need to panic. The changes are not due to be implemented until 2022, and Google has yet to provide details about what will change. There are other examples of technologies that were discontinued with little to no impact on advertising performance, such as Flash, and the market evolved and adapted adequately to avoid disruption. In the meantime, there are a number of practical things you can do:

First and foremost, amplify your owned Apply ’unusual’ personalisation tactics. data: improve first-party data collection. A Campaigns applying deep personalisation 01 precise, careful and thorough implementation of 05 through clever geo-targeting and time-parting data capturing mechanisms will ensure robust (often called ‘moment marketing’) typically data is available as granular input for targeting generate high engagement and even lead to and personalisation of users who have already advertising awards, but are still not widely used engaged with your brand. But bear in mind that in the industry! starting early is key, as you may need time for data to build up sufficient data volumes. Stay tuned for clean third-party audiences. Not all third-party audiences rely on cookie Implement best-in-class cookie consent 06 data. Some of them are already available for management solutions, if you haven’t already targeting, such as VisualDNA, which aggregates 02 done so, to ensure that your first-party data is its audiences in a transparent manner based fully compliant with regulations and future-proof. on direct personality quizzes. More of these Also, clearly communicate to your customers non-cookie-based third-party audiences should how you process and protect their data, to emerge within the next two years after the third- increase trust. party cookie ban.

Explore second-party data from tech leaders. Use the opportunity to rethink your Google and Facebook, for example, offer marketing tech ecosystem. Take the chance 03 aggregated but granular audience data collected 07 to re-strategise your data and tech ownership, across their respective platforms (including so you can obtain the most control, visibility and Google Search, YouTube and all websites within usability of your own data. First-party data is now the Google Display Network, and Facebook and more important than ever, and owning all your Instagram) through their respective media buying data will act as a safeguard in the event that you platforms (Google Ads and Display & Video 360, need to change agencies or tools, which could and Facebook Ads Manager), completely free of otherwise result in loss of data. additional charge (unlike third-party data).

Enjoy higher expected returns from the Explore second-party data from publishers. elevated customer experience, based on The main publishers typically offer display, 08 greater customer trust, coupled with cleverly 04 video and native buys overlaying their owned personalised messages to reach them when they data, when contracting directly or through are most likely to do business with you! programmatic private auctions.

So times are changing, but one person’s problem is another’s opportunity. There is time to adjust to the changes and the benefits from the increase in consumer trust they will generate. With our deep understanding of consumers and the data, technology and vendor landscape, Deloitte Digital will be leading clients through this transition, helping to optimise current activity, introduce new systems and processes and elevate the customer experience.

This publication has been written in general terms and we recommend that you obtain professional advice before acting or refraining from action on any of the contents of this publication. Deloitte LLP accepts no liability for any loss occasioned to any person acting or refraining from action as a result of any material in this publication.

Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and its registered office at 1 New Street Square, London EC4A 3HQ, United Kingdom.

Deloitte LLP is the United Kingdom affiliate of Deloitte NSE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”). DTTL and each of its member firms are legally separate and independent entities. DTTL and Deloitte NSE LLP do not provide services to clients. Please click here to learn more about our global network of member firms.