CCPA/CPRA Data Mapping: The Why, What, and How
How often does the word “right” show up in the text of the CCPA/CPRA?Read Now
July 13, 2022
This blog was updated on July 28, 2022.
At the turn of the new millennium, the world was buzzing with panic as we entered the 20th century. We believed, and others knew, that the two-digit year format used by computer coders would upset everything from banking to aviation, power stations, missile control systems, communication satellites, and more. Now laughable, those who lived through “Y2K” know it was no laughing matter.
Think pandemic-style stockpiling of essential supplies and years of government and companies working to find and implement remedies. Now, another technological revolution is making a splash worldwide — the end of third-party cookies.
In case you haven't heard, yes, third-party cookies are on their way out. Nearly three years ago, Google introduced Google Analytics 4 (GA4) to address the evolving customer journey while prioritizing privacy. Since then, countries and states have started implementing their own privacy laws with which all companies must comply.
“Universal Analytics was built for a generation of online measurement that was anchored in the desktop web, independent sessions and more easily observable data from cookies. This measurement methodology is quickly becoming obsolete. Meanwhile, Google Analytics 4 operates across platforms, does not rely exclusively on cookies and uses an event-based data model to deliver user-centric measurement,” Google said.
In short, third-party cookies are going away on Google Chrome, along with Universal Analytics. Google Chrome joins Firefox and Safari in ending third-party cookies, but Chrome is the biggest player to do so. Google’s Universal Analytics will stop processing new hits on July 1, 2023, and 360 Universal Analytics will stop processing new hits in the second half of 2024.
What does this mean for businesses that have historically relied on cookies for marketing and advertising campaigns?
Yes, we still have more "new normals" to get through. The end of cookies means it will become more difficult to interpret where visitors to your website are coming from and how they’ve interacted with your brand or products. Holes in the data chain can make optimizing ads and email campaigns to create higher conversions more difficult. And like a stack of dominos, measuring the effectiveness of campaigns will be more challenging.
Marketers and advertisers will have a harder time seeing if what they’re doing is working based on data. And data deterioration around geography, combined with no IP address information and no third-party cookies, will make it harder to make decisions.
Right now, we know data — like who is visiting a website, who is returning to the site, what they see when they visit, and where they’re coming from — will be lost.
Y2K could have been a catastrophic event, but organizations worldwide worked to make sure it all seemed like a non-event, and to most people, it was. That said, if businesses and marketers don’t prepare now, 2023 could devastate their work. The key is to plan now so 2023 can be business as usual.
Like with Y2K, there are companies, politicians, and individuals worldwide working to ensure the transition is the least disruptive possible.
But, as a business owner or marketer, it’s important to understand what you can do in the background to ensure a successful transition for you and your customers.
Some steps you can take to get ready include:
If you're dependent on prospecting and first-touch ad performance, and that drops, your ad campaigns will plummet. It’s time to start thinking about how you can diversify your budget and conversion sources.
Being proactive now will save you the time and effort of redoing everything over the course of a year. Updating your marketing mix will take two or three quarters — from slowly implementing a new of conversion to even changing your vendors (which you’ll see below). Don’t let your ads crash to the floor before looking to begin solving these issues.
Chances are, if you own a business or run a marketing department, you work with several vendors. The bigger your company is, the more it relies on these partnerships for everything from software to hardware, social media, and more.
Understanding who your vendors are, what software they’re using, and that they’re working diligently to ensure compliance should be a priority. Not knowing who your vendors are (and even their vendors, or “fourth parties”) can put you at risk of breaking privacy and compliance laws.
When it’s time to renew your vendor contracts, ask questions.
When the Department of Justice evaluates whether to file criminal charges against a company, they consider whether the company monitors its vendors effectively. Implementing software like Osano can identify and monitor vendors, tracking compliance ratings for all vendors.
First-party cookies will likely be part of your new marketing strategy. As the first party (the user of your website is the second party and other organizations are the third party), you can still store cookies to enhance the user experience, such as saving shopping carts, location settings, and remembering the password for the user. Adding value for customers in exchange for their data is a key to building trust and gaining consent.
As its name implies, Firstparty is a custom, first-party data collection system that configures a custom domain. All the data leaving your website will travel through your own domain, keeping it first-party and compliant. A solution like this enables you to configure which cookies are set and how, and it handles both known and anonymous visitor measurement.
The benefit of collecting data through a domain you control is that you can see which campaigns are most effective more easily and accurately. Firstparty can send conversions to Google and Facebook without compromising customer privacy, including sending offline conversions from Salesforce or other third-party platforms, and associate it with your ad campaign securely.
Just because third-party cookies are going away, that doesn’t mean you don’t need cookie consent. The reality is that you’ll still want to do some tracking to understand what your visitors are doing when they visit your site. Now, you just want to be able to do it using first-party cookies rather than third-party cookies.
The idea is it's okay to track people, as long as you tell them you're going to track them and gain consent. We refer to this as the “kindergarten rules of privacy,” or:
Simple, right? That’s what cookie consent is all about. Osano blocks cookies until consent is given, and it tells users what cookies are being used. Osano also enables users to easily change their preferences or revoke consent if they want.
Research shows that customers care about their privacy. In fact, 50% of Americans have decided not to use a product or service because of privacy concerns. If customers don’t trust your company, they won’t engage or use your product or service.
If you’re a marketer, you might be thinking, “How on Earth can I keep up with constantly changing laws and still effectively market?” Privacy can be complicated, and often, existing privacy tools can be both costly and hard to implement. That’s where Osano comes in to help simplify the process so marketers can do what they do best.
Osano Consent Management was designed to be a user-friendly tool that takes compliance off your plate. Implemented with a single line of code, Osano provides compliant banner templates for 50+ countries and updates as laws change.
And Osano provides peace of mind with its No Fines, No Penalties Pledge. If you’re using the platform and you are fined or penalized under a privacy regulation issued by a data protection authority, Osano will foot the bill (up to $200,000).
Osano and Firstparty recently hosted a webinar discussing how marketers can prepare for their own version of Y2K. For further reading, check out our blogs on how cookies work, and first-party cookies.
The Osano staff is a diverse team of free thinkers who enjoy working as part of a distributed team with the common goal of working to make a more transparent internet. Occasionally, the team writes under the pen name of our mascot, “Penny, the Privacy Pro.”