Today, if a publisher wants to track users cross-domain, they require a third-party cookie which can re-identify a user across multiple domains. With stricter privacy regulations such as Apple’s ITP, this method no longer works on Safari and Firefox which means it is impossible to track and target users across domains on almost half of the web. Whilst this method is still possible on Chrome, Google have set aside a privacy budget and have announced their intentions to block third-party cookies by 2022.
As the end of the third-party cookie draws ever closer the need for first-party data becomes ever more important. Currently, there are two scenarios that a publisher may find themselves in:
If a publisher wishes to track users across domains when they do not own the domains, this solution will not work. However, what about when one publisher owns multiple domains? If the publisher has a direct relationship with the user and has consent on domain A and domain B they should also be able to use data on domain B from domain A in a first-party context. Third-party cookies are going to be phased out, soon it will become impossible to achieve this without a shared identifier.
Google has recently released their Privacy Sandbox proposal which includes a section for first-party sets which can also be viewed here. They propose a solution that allows a user’s identity to span across related domains whilst remaining privacy compliant. The ultimate goal here is to allow relationships between domain names to allow themselves to be declared as first-party entities.
One natural scope is the domain name in the top-level origin. However, the website the user is interacting with may be deployed across multiple domain names. For example, domaina.com, domainb.com and domainc.com are owned by Publisher Corp, Inc.
This solution would give Publisher Corp, Inc. the power to span user identities across these entities as long as it remains privacy compliant. The concept behind this methodology involves having an ‘owner’ domain which has registered secondary domains known as ‘members’.
In the proposed solution, once a network request is made, the browser will discover this list of owners and members and stores the set owner. If the owner does not match the information for the current domain, then this will be considered as a third party and will not share information cross-domain. Conversely, if there is a match in owner, then the current domain that the user is on will be considered first-party. The proposal requires the browser to remember the state about first-party sets and will then use that state to influence the behaviour of first-party sets.
Permutive believes in a privacy-safe world and uses that as a foundation for all of our product decisions. We feel that a new Ad-tech ecosystem is being built from the ground up with the publisher at the heart. What the loss of third-party cookies, and more generally privacy means, is that Publishers are going to become walled gardens, where data can go in, but data can’t come out. A great way to prepare for this new world is for publishers to start transitioning to a new publisher owned identifier. Having a strong first-party identifier will help publishers navigate the changing ad tech world by passing control of their data into their own hands. We have worked with many of our customers to do this and are also keeping our partners updated on the latest changes in the ecosystem and how these changes can be made to help our publishers.
If you have any questions, or wish to learn more about Permutive and how we are continually trying to help our customers to please feel free to reach us at firstname.lastname@example.org.