Select Page

Here we are again. A year after its first U-turn, Google announced that it will again push back the sunsetting of cookies on the Chrome browser, this time to Q3 2024. The search giant is gifting the world two more years of pervasive tracking, endless cookie pop-ups and deeply inefficient advertising. 

Google’s new timeline looks like this:

No alt text provided for this image

The open internet is held hostage to a poorly-designed Gantt Chart with a horrendous colour scheme.

Three likely reasons behind Google’s decision

I was one of those that believed that Google would have stuck to its revised 2023 cookie deadline. How on earth could they justify another delay, when third-party cookies have gotten such bad press? How could they be left behind when all the other major browsers have been blocking them for the last 4+ years? Well, they could and they did. There seem to be at least three reasons for this delay.

  1. Google will lose money with the demise of third-party cookies. Although Google makes most of its money from search advertising, third-party cookies contribute a significant amount to the operating income of its Network and Services business. Faced with macro-economic uncertainty and its flatlining growth, Google will be keen to avoid adding pressure to its income in 2023, when we might be right in the midst of a recession. 
  2. The Privacy Sandbox is sandbagging. Google’s proposals to replace third-party cookies and strengthen privacy (collectively known as the Privacy Sandbox) are lagging, and have received a very lukewarm welcome from the industry. The company has a lot of work to do if it wants to retain its gatekeeping position on the open internet. They have been uncharacteristically candid on this: “The most consistent feedback we’ve received is the need for more time to evaluate and test the new Privacy Sandbox technologies before deprecating third-party cookies in Chrome.”
  3. Google is more afraid of antitrust regulators than privacy regulators. Arguably, the main reason for the delay is that Google is in competition hot waters. The UK and EU are looking at Google’s wide-ranging anticompetitive behaviour, and negotiations with the US antitrust authority are underway to avoid a federal lawsuit. Google already paid antitrust fines that were an order of magnitude larger than those it paid for privacy breaches – so the pecking order is clear: “This feedback [from the industry] aligns with our commitment to the [UK’s Competition and Markets Authority] to ensure that the Privacy Sandbox provides effective, privacy-preserving technologies and the industry has sufficient time to adopt these new solutions.” 

The Competition and Market Authority’s own goal

The UK competition regulator wants Google to replace a freely available technology (the cookie) with a Google-owned technology (the Privacy Sandbox) to support open-web advertising. If this doesn’t sound bad enough, the CMA is happy for the industry to keep using an obsolete technology until Google’s new products are ready. Someone, please explain to me how that is a good thing for anyone but the folks at Mountain View.

Although no one is forcing advertisers to use third-party cookies, the ad tech sector is known for not being very forward-looking. When the cookie was introduced in 1994, it was meant to be a temporary patch to a systemic problem. When GDPR came into force in 2018, the industry was woefully ill-prepared for the changes it had to make – despite plenty of warning. When Google announced its 2022 cookie deadline, almost everyone was passively waiting for a solution. Since then, most cookieless technologies have sought to protect the status quo instead of embracing the changes needed to align with privacy regulations. Inertia is a powerful force, and having the dominant market player openly support the incumbent technology dissipates the urgency to invest in alternative solutions.

There is a real risk that the industry will waste two more years eating cookies. Many agencies will keep their big budgets tied to the cookie. SSPs and DSPs won’t have to open up cookieless activation channels. ID solutions will probably continue to free-ride on third-party data. Truly cookieless technologies will struggle to get adoption, startups will have cashflow issues, and innovation will stagnate. Meanwhile, the big G will be sitting on its mountain of gold trying to figure out how to increase its dominance in the privacy-first web, all with the CMA’s blessing.

Weaning digital advertising off the cookie

There are reasons to be hopeful. Over the past two years, it has become clearer than ever that third-party cookies are not a reliable technology for running marketing campaigns and that moving away from them can yield concrete and immediate benefits:

  • About 40% of mobile and browser audiences are being lost today (closer to 50% in North America)
  • More and more people are rejecting cookies
  • Cookie match rates are going down
  • As third-party data is shut off from other platforms, its quality deteriorates everywhere 
  • Privacy regulations limit data sharing practices and threaten advertisers’ reputations, and so forth…  

It sure feels like a fork-in-the-road moment for competition in digital advertising, but not in the way the CMA had intended. The road of lazy complacency and continued reliance on the cookie will lead to decreasing revenues, decreasing competition and increased dependency on Google. By contrast, the road of scaling up the adoption of independent alternatives to the cookie over the next two years will lead to better performance, better compliance, and a healthier, more transparent relationship with consumers. Moving away from the cookie and ditching the Privacy Sandbox before it even gets released would be the biggest middle finger the industry could give to Google, and its best shot at salvation.