New rules on cookie management, major change for software and web apps editors
The tracking protection feature, first launched as a simple protection for private browsing, has recently been modified by Firefox. In fact, in the recent version 70, this protection is now reinforced in order to increase control by the Internet user by blocking by default (Standard mode) third-party cookies. Google Chrome will do the same in March 2020.
It may not seem like much, but it's a revolution. The blocking of these cookies in order to protect the privacy of Internet users, blocks the proper functioning of many third-party software and web apps dependent on this technology (Facebook, Google Ads, etc.).
But what's a cookie for?
A cookie is a small text file generated by the website you visit or by services external to this website (advertising sales house, internet traffic analysis software, social integrations, etc.). It contains several data elements.
The most common use of the cookie is that it allows us to recognize a web user when they return to a website for a variety of reasons. They offer the possibility to keep your preferences, keep you logged in from one session to another or to offer you personalized content. Its main goal is to make it easier for the user to navigate a site when they return.
How do we use it?
Each cookie, at the time it is created by a site/service, is associated with a domain name on which it can be used. It then contains information such as parameters or an identifier allowing a site/service to function. There are two types of cookies: "first" and "third" party cookies.
The cookies set by the website itself, the first-party cookies...
These cookies are generally used to keep users logged in, remember their preferences and support site analytics. They can only be accessed by the domain that set them. The site will read/write inside the cookie to remember information in case you change sites and then return to it.
These cookies are accepted by all browsers and are not impacted by the update we mention. Generally, if they are deleted or deactivated, it results in a malfunction of the site or a bad user experience.
The cookies set by third party services, the so-called "third-party cookies"...
These cookies are generally used to provide targeted advertising, services such as chatbot or share buttons for social networks. They are accessible on all sites that use the same third-party service that deposited the cookie (Google Ads, Facebook, etc.).
These are the ones that are affected by new browser updates.
Who uses it and for what?
As explained above, first-party cookies are used by (almost) all websites or web apps, if only to keep you logged in when you are logged in to your account, or to keep the language and currency chosen to display products in a merchant site for example.
The ones that are targeted by these new restrictions are third-party cookies because they can be used across many websites to track your preferences.
The advantage of using third-party cookies is that the owner of a website wanting to use a third-party service could do so simply by adding it to the code of his website (a piece of javascript), and the installation was completed without any further modifications on his side. So the focus was on ease of use.
The problem is that some cookie editors use this feature to collect information from many different sites for their own purposes by monetizing it.
Share button on social networks
Most social sharing plugins that allow users to share/love content on third-party sites use this technology. This allows the user's behavior to be tracked, even if you are not logged into your account! And when you return to your favorite social network, don't be surprised to see relevant ads corresponding to everything you've visited (Facebook, Twitter, Linkedin, Instagram, etc.).
Advertisement
When you browse on a shoe website for example, if an advertising agency sets a cookie and tracks the fact that you were looking for boots, chances are that when you go to another site using the same advertising agency (Google Ads for example), it offers to buy the boots you were looking at earlier. However, these two sites do not work together! The advertising agency can from all the data collected on the visited websites and using its script, offer you targeted ads corresponding to your profile. This is called retargeting.
What the new rule actually changes
From now on, when you visit a site with Firefox (±10% of the market share in Europe) and soon Chrome (±70%!), cookies that do not belong to the site's domain (third-party cookies) will be blocked purely and simply before they are deposited and without asking you the question.
As a result, the functionalities offered by these third-party services for publishers/hosters will be disabled. They will no longer have any feedback on what the user does on the website.
How to deal with it
This change cannot be bypassed if you use cookies to track users across multiple sites in order to personalize their visit. In short, those who make money off visitors when they visit other sites are going to be a little annoyed.
However, it is possible to bypass it if you use third party cookies, in order to set up a widget or tracker only for a specific site! The user experience is not yet a theme to be thrown away!
The only way to do this at the moment is to transform the third-party cookie into a first-party cookie by placing it on a sub-domain of your site or of your client's site (using a DNS redirection game, the sub-domain is used to load external scripts).
What about marketing automation in all this?
It is subject to the same rule as Google and Facebook. Those who propose a web tracking solution, forms or web notifications from a third party domain will be sanctioned by this update.
So check with your editor quickly, if it does not have a quick solution, you will have to imagine to get rid of it. A marketing automation software without tracking on its site and without forms... becomes an email router.
For those who had the good idea to choose Webmecanik, we have been working on it for several months already! And in a few weeks, you will hear from us :-)
