You visit your friendly neighborhood website; in this case, let’s say you browse the earth’s most loved website. You decide to buy a book, but for some reason, you put off the purchase for another time. After a couple of hours, you visit a news site, and voila, you see the ad of the same company peddling the book that you abandoned in its shopping cart.
You begin to wonder about the magic of it all. Well, it’s not magic but a small piece of information that’s on your machine that tells this (company) website – who you are (your IP Address, that is), where you came from (location), device (PC, mobile), pages that you visited and so on.
Armed with this information, the company “follows” you to other websites by showing you the ad for the product you did not purchase. In digital parlance, it’s called remarketing or retargeting, and a statistically increasing number of companies remarket or follow their customers to increase their sales (or conversions). There’s a term that we digital marketers use for this kind of shopping behavior -cart abandoners. And this is a highly engaged cohort (or audience) that has a high probability of converting.
But how does this all happen? The answer to that question is a piece of information stored on your machine as soon as you visited the company’s website. And, this is called a cookie since it’s generated (and stored) by the company’s website; it is called a first-party cookie.
What is a first-party cookie?
A first-party cookie allows website owners to collect data about your browser configuration, access device, language settings, pages you visit, etc. In simplistic terms, cookies are identifiers used to identify your computer and not you. And, why is it called a first-party cookie? The answer to that lies in the fact this cookie was first “deposited” by the company (or host) whose website you visited and not by some other company that had nothing to do with your purchase.
In the case of first-party cookies, it’s up to the host to collect the kind of information it wants. For those who are technical, cookies can be set and read by a web server or by a piece of JavaScript (JS) running on the website.
Two important concepts. A web server is computer software and the underlying hardware that accepts requests via HTTP, the network protocol created to distribute web pages or secure variant HTTPS.
Javascript – Alongside HTML and CSS, JavaScript is one of the core technologies of the World Wide Web.
Companies use first-party cookies to personalize your browsing experience. While cookie information enhances your user experience, it also ensures that you are never left alone. Cookies are increasingly getting sophisticated. It can be used to gather data about the sites you visit and the time you spend on them, what you left behind in that shopping cart, and much more. Most of us store first-party cookies on all the websites that we use. Most of us rarely delete cookies and probably do even know what’s being delivered or stored. You can check the data you stored by clicking the information button on the cookie details page on the website of the cookie’s owner.
Are first-party cookies necessary?
Cookies are identifiers with pieces of data that are used to identify your computer and not you. Cookies are never independent. All cookies have an owner.
You could do without first-party cookies as well. According to GDPR rules, companies need your consent when it comes to cookies. Some countries have implemented GDPR, but its implementation is not uniform. How often should I be using first-party cookies? First-party cookies should only be used when needed. They are temporary and can be removed by clearing your browsing history (please review all options before hitting that ‘ok’ button!). Most browsers accept first-party cookies by default. As for third-party cookies, most modern browsers block third-party cookies.
Apple is an exception; their browser (Safari) handles first-party cookies differently. Called Intelligent Tracking Prevention, Apple uses on-device machine learning to block cross-site tracking while still allowing websites to function normally. You can read more about it here.
How do we control the use of first-party cookies?
Whenever you visit a website that uses a first-party cookie, look for a prompt saying, “Click here to disable all cookies.” You could also use your browser’s preferences to turn off third-party cookies – also called third-party advertising cookies.
Who can see information stored in first-party cookies?
The website owner collects cookie information for their use. Some websites try and integrate cookies as an advertising tool. For example, these websites build an audience cohort of their cookie pool and run ad campaigns on them. If you visit a website that uses first-party cookies, the company can see information about the things you click on, such as the specific page you visit or the ad you are exposed to.
Third-party cookies
Third-party cookies are the opposite of first-party cookies. They are created by a host (or company) unknown to the visitor. Although they have similar functions, third-party cookies are not dangerous and do not hamper your web experience. But, third-party cookies are usually seen as an invasion of privacy. That said, third-party cookies allow cross-tracking, i.e., advertisers can track users across the internet. An example of a third party is a social share button (‘Like’) button that stores a cookie on the visitor’s machine. The cookie (and its information) later can be accessed by the company that placed the button. In this case, it’s an invasion of privacy as explicit permission had not been sought from the visitor.
EndNote – The road ahead for cookies
The advertising world is moving to the path where third-party cookies will be a thing of the past. In its blog post, “Building a more private web: A path towards making third party cookies obsolete,” Google says that the users are demanding greater privacy–including transparency, choice, and control over how their data is used–and it’s clear the web ecosystem needs to evolve to meet these increasing demands.
Privacy is indeed big. And, if it’s your data, you need to have control, and it’s that simple. It’s not a big ask in this tech-driven world.
Thank you for reading!