World without cookies

A World without Cookies

Though this sounds like the name of a Sesame Street episode, we are not going to be talking about those yummy, delectable chocolate chip, gingerbread, oatmeal raisin or even fortune cookies.


We are going to be talking about those nasty, invasive little pieces of code that get added to your web browser, and then stick to you like cockleburs wherever you browse.

Google Chrome has announced their move to block third-party cookies by 2022, which has now been extended to 2023. This article aims to understand why this is such a big deal, and how the web will change if there are no cookies.

Read on to find out more.

So what are Cookies?

Cookies are small pieces of code that are sent by the server to your browser when you visit a website. Any browsing activity you do generates a request to the server which will give you [a response + the cookie.]

Basic information contained in a cookie is a name-value pair, specifying what is being measured, and the value for what is being measured.

It can be as simple as this:

setcookie(“cookie_name”, “cookie_value”);

But there are more parameters that can be specified in a cookie like

setcookie(name, value, expire, path, domain, secure, httponly);

  • Expire - Specifies when the cookie will expire. Default value is 0 which means that the cookie will expire when the session ends.

  • Path – This denotes the path the cookie will be available. If it’s set to “/”, the cookie will be available throughout the domain. Default is set to the directory that the user is in, when the cookie is set.

  • Domain – Specifies the domain or sub-domain of the website that owns the cookie.

  • Secure – If this parameter is set to TRUE, the cookie will be transmitted over a secure HTTPS connection only. Default value is FALSE, which means that it can be transmitted over HTTP or HTTPS connections.

  • Httponly – Specifies that the cookie will be transmitted only over HTTP protocol and not any other scripting languages.

First and Third-party cookies

 

It is essential to understand the differentiation here, since Google Chrome is talking about blocking third-party cookies, and not first-party cookies.

So what are these:

First-party cookies

These are owned, managed and placed on your browser by a website when you browse THAT SPECIFIC website.

For example, when you browse Amazon, they can place a cookie on your browser that helps Amazon identify your preferences, and browsing behavior. This will make your shopping experience on Amazon better, when you visit them again.

These cookies can only be read when you are on Amazon, and not when you are browsing other websites.

Third-party cookies

This code is inserted into your browser by some website, other than the one you are browsing, or by third-parties that you have no connection with. It is usually uses for advertising, retargeting, tracking and analytics.

Third-party cookies follow your browsing pattern across multiple websites and relay that information back to the owner of the cookie, giving the owner a fairly good idea of who you are, what you do, what your preferences are, and your innermost secrets.

You know that feeling when Amazon follows you when you visit other websites, to show you ads of products you searched for.

Sometimes, you are thrilled that Amazon remembers what you want. And sometimes you are spooked that Amazon remembers what you want.

Privacy Concerns across the globe

The more people were retargeted and spied upon, the more concerned they grew about privacy.

GDPR (General Data Protection Regulation) was implemented in 2018 for the European Union and European Economic Area.

After GDPR:

  • Companies need to have strict guidelines on what would be done with the data collected from customers.
  • No data can be collected without express consent from the customers. And that’s the reason why most websites ask you to accept cookies when you enter their website.

Who has blocked third-party cookies already?

  1. In 2019, Mozilla Firefox implemented Enhanced Tracking Protection blocking third-party cookies.
  2. On Feb 23, 2021 Firefox 86 introduced Total Cookie Protection that allows cookies only on the sites that they were created in, and cannot follow the visitor to any other site.
  3. Safari introduced Intelligent Tracking Prevention, ITP in 2017 that blocked cookies for cross-site resources.
  4. Safari 13.1 started blocking all third-party cookies by default.
  5. Google had announced in Jan 2020 that it would block all third-party cookies on Chrome from 2022.
  6. But in June 2021, Google announced that it will delay the plan to block third-party cookies till 2023.

This is significant because Chrome has over 65% of global browser market share.

Advertising companies and associations have been accusing Google of trying to choke their competition, thus strengthening its already huge dominion in the world of online advertising.

What happens in a world without Cookies?

This is the most pressing question. As advertisers and analysts knew that this was coming, there has been many alternative suggestions, some better and some worse than cookies.

  1. First-party cookies will continue to be relevant

    As mentioned earlier, first-party cookies are the ones owned and generated by the website you are browsing. These will continue to make your browsing experience more customized. They will be refined and improved over time to better tailor the website for your requirements.

    These will NOT BE BLOCKED or affected in any way.

  2. Fingerprinting

    This is an interesting, but more dangerous method to identify users on the web. Website use small scripts that collect lot of small but distinct information about you, like your screen resolution, fonts used, graphics card, browser, time zone, language etc.

    This information, when stitched together can give you a unique identity, that can be used to identify you among a sea of internet visitors.

    This information, when stitched together can give you a unique identity, that can be used to identify you among a sea of internet visitors.

    Fingerprinting is more dangerous that cookies, since cookies are regulated, and finger printing is not. Users can disable cookies, but they cannot disable fingerprinting.

  3. Privacy Sandbox

    In August of 2019, Google launched Privacy sandbox, a new set of standards for advanced privacy. Google is working with developers and web communities to refine these standards to improve user experience without infringing on privacy.

  4. FLoC – Federated Learning of Cohorts

    The meaning is not as complicated as the name – Google here plans to classify individual into cohorts or groups based on their shared interests, previous actions and browsing history.

    Advertisers can then target these cohorts to reach their target audience. But they will have no personally identifiable information (PII) about their target audience.

    FLoC is still in its initial stages with many experiments going on, to ensure that this classification is standardized and useful.

  5. More innovative solutions

    The market is still open, and the jury is still out on what would be best solution to replace third-party cookies, when they will be made obsolete sometime during the next couple of years.

    Advertisers, analysts and data engineers are burning the midnight oil to arrive at best possible answer that balances privacy and customization for internet users.

What does this mean for a regular netizen?

Cookies, though they sound nasty and invasive are not all that bad. It’s what helps websites remember your login, preferences and history when you visit them again.

And advertisements though they disturb you by popping up everywhere, actually helps keep the web free and accessible.

So if somebody figures out a way to offer us the best of customization, without actually following our every move, isn’t that an advancement in the right direction?

So we, as netizens, stand up and say….Away with third-party cookies, and in with the newer, the more efficient, the less snoopy.

Get in touch with us

 
Address
Sobha Petunia, Nagavara, Bangalore. India