Cookie notices have become ubiquitous ever since GDPR came into effect. But have you ever wondered what cookies are and what they do? Cookies are essentially pieces of code saved by websites onto the user’s web browser when a session is initiated. They have a lot of uses but the most important ones are session management, user personalization, and tracking.
Cookies are not programs, they do not perform any functions. These are simple text files that can be opened using Notepad. In ad tech, cookies are used to track users across the web. For instance, if a user visits a website, then the cookies of that website will be saved on the browser. Now when the user visits the website again after a few days, the website will know it is the same user. Some cookies can track users across websites and devices.
Here are the different types of web cookies:
First-party cookies are set by the website visited by the user. The data collected using first-party cookies is used for purposes like calculating pageviews, sessions, and number of users. Primarily, publishers have access to data collected using first-party cookies, which can later be shared with advertisers or agencies for ad targeting. Apart from that, analytics tools use first-party cookies to understand user behavior and present it in tabular or graphical form for the publisher’s understanding.
Third-party cookies are set by domains that are not directly visited by the user. This happens when publishers add third-party elements (like chatbot, social plugins, or ads) on their website. Once installed, third-party cookies also track users and save their information for ad targeting and behavioral advertising. For example: Let’s say that you added a YouTube link to one of your blogs. Whenever this YouTube link gets a click, a YouTube cookie will be added to the user’s browser. This cookie can track him/her until it expires.
Session cookies either expire immediately or within a few seconds of the user leaving the web browser. Among other uses, these cookies are used by e-commerce websites to remember the product placed in cart by the user, to keep users logged in, and to calculate each user session for analytical purpose. For example, if an e-commerce website does not use session cookies, then the items added in cart will be removed by the time user reach to the checkout page. And the server will forget the user and treat him/her like a completely new visitor.
As the name suggests, persistent cookies stay on the user’s browser for a very long time. Generally, persistent cookies are required to have an expiration date which could be anything between a second to 10 years. Persistent cookies are used by publishers to track a single user and his/her interaction with their website. To check whether your browser has persistent cookies, try this. If you are logged in to Gmail on the browser, then close the tab(s) and restart your device. When your device turns back on, open the same browser and visit the same service or account, if you are still logged in, then you have persistent cookies saved on browser.
Only HTTPS websites can set secure cookies, i.e., cookies with encrypted data. Mostly, the checkout or payment pages of e-commerce websites have secure cookies to facilitate safer transactions. Similarly, online banking websites use secure cookies for security reasons.
An average website has 23 cookies. And most of these are third-party persistent cookies. Ad industry will collapse without cookies. Imagine this, without cookies, no advertiser will be able to target users, reducing their chance of getting better leads. On the sell side, publishers will see a major decrease in their CTRs.
Cookies are used for demographic and behavioral targeting by creating an elaborated user profile. However, numerous data breach cases have made users grow wary of cookies. This is the reason we now have regulations like GDPR and CCPA to make user data more secure. Hence, ad tech is looking for means to improve ad targeting without putting the user’s data at risk, while still using cookies.
Then, of course, we have non-cookie tracking, web beacons, and tags to measure and track users. Yet, cookie tracking is the primary technique used by ad industry to track users. However, it will still be interesting to see whether cookies make their way to survive data privacy laws. Or a better alternative joins the industry.