Download this must-have guide to start your marketing automation journey.

Blog
The new cookie management rules: a thunderclap for software and web app publishers
5 min read

The new cookie management rules: a thunderclap for software and web app publishers

The new cookie management rules: a thunderclap for software and web app publishers

The anti-tracking protection feature first launched as a simple way to browse in private mode has recently been changed by Firefox. Indeed, in the recent Firefox 70 version, this protection is now strengthened in order to increase control by the user by blocking third-party cookies by default (Standard mode) (third-party cookies). Google Chrome is doing the same as of March 2020. Discover the latest news on the security of your data

It may not sound like much, but it’s a revolution. Blocking these cookies to protect users’ privacy, prevents many third-party software tools and web apps that rely on this technology from working properly (Facebook, Google Ads, etc.).

A cookie is a small text file generated by the website you are visiting or by services external to that website (ad networks, website traffic analytics software, social integrations, etc.). It contains multiple pieces of data.

The most common use of a cookie is that it allows recognizing a user when they return to a website for all sorts of reasons. They make it possible to keep your preferences, keep you signed in from one session to the next, or show you personalized content. Its primary goal is to make it easier for the user to browse a site during their new visits.

How do we use it?

Each cookie, at the moment it is created by a site/service, is associated with a domain name where it can be used. It then contains information such as parameters or an identifier that allows a site/service to work. Among these cookies, there are two types: “first” and “third” party cookies.

Cookies placed by the site itself, the “first-party cookies”

These cookies are generally used to keep users signed in, remember their preferences, and handle site analytics. They are accessible only by the domain that placed them. The site reads/writes inside the cookie to store information in case you switch sites and then come back to it.

These cookies are accepted by all browsers and are not affected by the update we’re talking about. Generally, if they are deleted or disabled, the result is a malfunction of the site or a poor user experience.

Cookies placed by third-party services, the “third-party cookies”

These cookies are generally used to deliver targeted advertising, services such as a Chatbot or social sharing buttons. They are accessible on all websites that use the same third-party service that placed the cookie (Google Ads, Facebook, etc.).

These are the ones targeted by the new browser updates.

Who uses them and for what?

As explained, first-party cookies are used by (almost) every website or web app, if only to keep you signed in when you’re logged in to your account, or to keep the language and currency you selected for displaying products on a shopping site, for example.

Those that generate controversy and are targeted by these new restrictions are the third-party cookies because they can be used across many websites to track your preferences.

The advantage of using third-party cookies is that the owner of a website wanting to use a third-party service could do so simply by adding it to the code of their website (a snippet of JavaScript), and the installation was finished without any further changes on their side. So we were targeting ease of use.

The problem is that some cookie providers use this feature to collect information across many different sites for their own purposes by monetizing it.

Read also: GDPR 2018: what obligations apply to marketers?

Read also: The new cookie management rules: a thunderclap for software and web app publishers

Social media sharing button

Most social sharing plugins that let users share/like content on third-party sites use this technology. This enables behavioral tracking of the user, even if you’re not signed in to your account! And when you return to your favorite social network, don’t be surprised to see relevant ads matching everything you’ve visited (Facebook, Twitter, LinkedIn, Instagram, etc.).

Advertising network

When you browse a shoe website for example, if an ad network places a cookie and tracks the fact that you were searching for boots, it’s highly likely that when you go to another site using the same ad network (Google Ads, for example), it will offer to take you to buy those boots you looked at earlier. Yet these two sites don’t work together! Using all the data collected from the visited websites that use its script, the ad network can show you targeted ads that match your profile. This is what’s called retargeting.

What the new rule changes, concretely

From now on, when you visit a site with Firefox (±10% of market share in Europe) and soon Chrome (±70%!), cookies that don’t belong to the website’s domain (so, third-party cookies) will be blocked outright before they are even placed, without you being asked.

As a result, the features offered by these third-party services for publishers/hosting providers will be disabled. They will no longer have any visibility into what the user does on the website.

How to get around it

This change is unavoidable if you use cookies to track users across many websites in order to personalize their visit. To sum it up, those who make money off visitors when they visit other sites are going to be a bit inconvenienced.

However, it can be worked around if you use third-party cookies, with the goal of setting up a widget or tracking for only a specific website! The user experience is not yet something to throw in the trash!

The only way to do this currently is to turn the third-party cookie into a first-party cookie by placing it on a subdomain of your site or of your client’s site (using a DNS redirection mechanism, we use the subdomain to load external scripts).

And marketing automation in all this?

It is subject to the same rule as Google and Facebook. Those who offer a web tracking solution, forms, or web notifications coming from a third-party domain will be penalized by this update.

So get informed quickly with your software vendor, if they don’t have a quick solution, you’ll need to consider separating from it. A marketing automation software without tracking on its site and without a form… becomes an email router.

For those who had the good idea to choose Webmecanik, we have implemented tools and interfaces to turn third-party cookies into first-party cookies! Learn more through our article specifically dedicated to this topic!

Read also: The alternative offered by Webmecanik on the new cookie management rules

Continue exploring articles

EMAIL-TRACKING-RGPD

GUIDE: Marketing email tracking and CNIL compliance (GDPR)

Understand everything about email tracking and the CNIL's new recommendations to remain GDPR compliant while continuing to effectively manage your campaigns.

GDPR

Strategic guide: master Lead Nurturing for conversion

Lead nurturing is not just a sequence of automated emails. It’s the art of keeping a relevant conversation with your prospects until they’re ready to buy. This guide gives you the keys to structure campaigns that turn interest into revenue. 1. The diagnostic phase: lay the foundations Before writing a single line, you must define […]

How to track the performance of your marketing messages?

Introduction  You’re already well established in your market. Your target is clearly defined, your marketing channels are in place, and you may have even carried out an audit of your past activities. But one question remains essential: are your marketing messages truly performing? Whether it’s email, WhatsApp messages, SEA campaigns, social ads, or SMS, every […]

Why email statistics are essential to your strategy?

Let’s be honest: when we talk about email marketing, we often think about the subject line, design, the header, or even the famous CTA. But statistics? They’re sometimes pushed into the background… until the moment you ask, “But did someone really read this email?” This is where an analysis of open rates, clicks, bounce rates, […]

Statistics

CRM and marketing automation: how to (finally) align Sales and Marketing teams?

The opportunity nobody was asking for In 2025, the crisis of trust persists in our economies. This crisis of trust makes acquiring new customers a long, complex, and uncertain process. As in every crisis cycle of a system based on the continuous growth of sales of goods and services. In too many French companies, the […]

How to increase your ARR with marketing automation?

In an ultra-competitive SaaS environment, growing ARR (Annual Recurring Revenue) is more than an objective: it’s a matter of survival. Yet most efforts are focused either on sales teams or on paid acquisition. What if your ARR also depended on your ability to automate and intelligently orchestrate the customer journey? Marketing automation is not limited […]