Google held its annual developer conference I/O, earlier this month in Mountain View. Apart from the bigger announcements, the company revealed its plans to introduce new privacy controls for Chrome—a change with serious repercussions for ad tech. In this post, we’re going to look at the changes in store and how they might affect web publishers.

Cookies and Tracking Prevention

At the core of the changes Google is proposing lie enhanced cookie management controls. Cookies have many uses—they handle log in sessions, save form information, and remember user preferences. In addition, third-party cookies are also used to track users across websites for delivering targeted ads, something that is viewed by many as a privacy violation. Tracking prevention has therefore become a hotly-debated ad tech issue.

Other browsers such as Safari and Firefox already have tracking prevention features in place. For instance, Safari’s Intelligent Tracking Prevention (“ITP”) blocks all third-party cookies by default, something Google refers to as a “blunt solution”. Indeed, CPMs for Safari traffic have plummeted since ITP came into effect, the only thing that cushioned the blow for publishers was that Safari does not have dominant market share.

Changes to How Chrome Handles Cookies

Let’s start with some good news first, contrary to what many feared, Google has given no indication that it will block all third-party cookies by default. Instead, the company is taking a more measured approach to tackling the privacy issues related to cookies.

When you clear all of your cookies, you’re logged out of all sites and your online preferences are reset. Because of this, blunt solutions that block all cookies can degrade web experience, while heuristic-based approaches—where the browser guesses at a cookie’s purpose—make the web unpredictable for developers.

Improving privacy and security on the web

So, what is Google’s solution? Here are the details revealed so far:

Explicit declaration for same-site cookies

Going forward, developers will need to explicitly declare cross-site cookies for them to work in Chrome, by using the SameSite cookie attribute. That way, users can clear all cross-site cookies while leaving same-site cookies unaffected, preserving user logins and personalization settings. Eventually, only HTTPS-enabled websites will be able to use cross-site cookies, providing additional security.

Stronger protection against fingerprinting

Since tracking prevention made it difficult for ad tech vendors to track users, some started working on developing alternate methods for user identification. One such method is called fingerprinting, where users are identified based on their unique setup of device and software. Since fingerprinting is neither transparent nor under user control, Google has announced that it will “aggressively restrict fingerprinting across the web”.

Ads transparency browser extension

Google has also promised to release an open-source extension that will provide users with information about the ads that they are viewing on the page. This will include information about the ad tech vendors involved in the delivery of the ad, and the presence of trackers, if any. Extensions like this already exist in the market though, for instance Ghostery, so you don’t have to wait to get one.

How this Might Affect Web Publishers

At this stage, it’s hard to predict the level of impact these changes will have on publisher revenues, since the features were just announced, and Google plans to roll this out by the end of 2019. Based on what we know so far, some questions can be answered.

How does Chrome’s anti-tracking compare to Safari’s?

Safari’s ITP blocks all third-party cookies by default. Since Google has categorically stated that it intends to stay away from this nuke option, the impact of these changes is likely to be less severe than Safari. Then again, Chrome’s market share of 60% (Safari’s has 12%) means that its overall impact could be significant. What it comes down to is how Chrome presents the control options.

Is this the end of third-party cookies?

Not yet, but we seem to be headed in the direction. Third-party cookies are the mainstay of targeted advertising on the internet right now, and Google itself is an advertiser, therefore, it cannot afford to take a hard stance like Apple. Even so, users are becoming increasingly wary of third-party cookies and browsers are responding by providing privacy features that are likely to increase cookie blocking rates.

How can publishers prepare for this change?

Since cookie blocking rates are expected to grow in the near and possibly long-term, advertisers spend may shift from cookie-based targeting to contextual targeting. In that scenario, publishers who have a well-defined niche, audience segments, and first-party data, will stand to benefit the most in terms of commanding a higher rate, both in RTB environments and in direct deals with buyers.

---