What to do when your cookies are taken away

Chrome ITP is imminent. It's not ideal, but not the end of the world.

The end (of cookies) is near! Winter is coming (for everyone that uses cookies)! Are you prepared for the doom that will surely ensue when cookies go away?!

Well, hold on a second, what does this really mean?

The death of the cookie may have been slightly overplayed (no, cookies are not going away, per se) however the usability of 3rd party cookies has been threatened for awhile.

There are different schools of thought around the extent of future changes to 3rd party cookies on Chrome, but we saw ITP on Safari become very real, and iterating as we speak, so why should we not assume the same for Chrome?

Why you should care

So you survived the first rounds of Safari ITP, why should you be thinking about it differently this time around?

Looking at market share by browser, the scale and subsequent impact of 3rd party cookies on Chrome is potentially much higher as Chrome adoption grows.

Your 1st party cookies may still be usable, but without the ability to tie to and maintain to 3rd party cookies, the marketing and advertising application of that data is far less viable. Not to mention, many companies license other technology to represent and manage their cookie space, such as a DMP, DSP, SSP, or adserver; the hard reality is, those are 3rd party cookie domains and will be subject to the same limitations as other 3p cookies, regardless of whether you’re treating them as if they were 1st party.

What are the options?

While it’s difficult to completely future-proof your business in this respect, there are some immediate steps you can take to prepare and help alleviate the potential impact, as an insurance policy, if you will.

1. You do nothing

If you do not take any action, you risk losing your digital customer base.

If you are an e-commerce company, you can retain purchasers, but what about users who went to your site but didn’t purchase? Your high value prospects are gone. What if you have a high low or no authentication business? Your digital customers are gone.

You can hope that Chrome ITP will not happen, the same way you can hope that driving without auto insurance means you won’t get into an accident.

2. You integrate with an identity provider

This is better than doing nothing, as it will retain your digital customer data, but there are a few considerations:

Integrating with a 3rd party identity provider has historically been seen as an easier way to adopt an identity solution, but it can be risky to build such a strategic foundation against an ID that is not your own, with technology that you can’t control.

What happens if that company goes out of business? What happens if that company gets acquired or goes through other M&A activity? This isn’t out of the realm of possibility, as we saw AppNexus pull out of the ID Consortium when their acquisition was announced, despite being one of the original domains that was to be perpetually licensed for the consortium.

This isn’t an accessory technology adding some bells and whistles; this is the underpinning for many different corporate uses and strategies. You wouldn’t put a $10,000 sound system in a Hertz rental car, would you? So why would you put your dev resources around a solution that you don’t own and control?

While it is the main purpose of many identity providers to provide this information, it can also be risky to rely on another party to determine the corresponding linkages of your customers, and few identity providers allow you to validate supply against your own verified truth set.

Even with 100% deterministic providers, do you have transparency into the individual suppliers of said linkages? Would you buy a car insurance plan if you didn’t know what it covered?

3. You Implement Your Own Native Stable ID

While recognized as the gold standard of identity management, standing up your own solution has historically been difficult to both build and maintain. This can be an intimidating task, with the question of where to even start. The good news is, it just got easier.

What should you do today, and how can Narrative help?

The first thing you should do is ensure your less stable data is “backed up” to a more stable ID. In the context of cookies, this means taking your current cookie data and mapping it to a MAID or a hashed email, ideally both. Narrative can help you with all of this.

We are not providing the stable ID – that should be your own – but we are providing the ability to automate the collection of identity data, making a task that previously required outsourcing easily doable in-house.

We enable you to:

1 - Back up your less stable cookie data to a more stable, but universally applicable, ID. With a more stable but universal ID, such as a MAID or a hashed email, the data is bi-directional, meaning you can map it to other pieces of information, or even back to a cookie if you need to.

Good: back up your cookies to MAIDs Better: back up your cookies to hashed emails Best: back up your cookies to both MAIDs and hashed emails

This serves as a simple way to preserve your data, as well as a foundation for building your own stable ID - It’s irrefutable that 1p data is the most valuable, so don’t let it slip away, including your cookies.

2 - Validate individual identity suppliers based on your own truth set. Bring your own standards of accuracy and quality based on what you already know about your customer.

3 - Have transparency down to the individual supplier level, and allow you to optimize your delivery by supplier. Don’t get forced into buying from all suppliers in aggregate.

4 - Buy from multiple suppliers, but receive de-duplicated data so you only pay once for exactly what you need - it’s great working with multiple identity data sources to maximize reach, however buying from each individually subjects you to buying provider overlap and overpaying for what you actually need.

5 - Start organizing your own identity strategy. Now that your insurance policy is in place and your cookie data is preserved to a universally recognized format, you can take your time implementing a strategy that makes the most sense for your business.

Once you back up your less stable cookie data to a more stable ID, your data is retained and it buys you valuable time to both figure out the ideal internal identity strategy, and roll with the ever-changing speculation of what 3p cookie usability will actually look like in practice.

This is NOT building a cross-device mapping which will only organize you the relationship of one ID to another. This is NOT a cross-device graph which is simply a structure in which to make the data more retrievable. This IS providing you the ability to retain your valuable 1p data, no matter where it lives and in what form.