Can We Really Replace The Cookie?

This is based on the content I presented as the opening keynote at the Digital Marketing Asia conference on 26 October 2023. The self-introduction has been removed and some tools have been explicitly named, which I tried to avoid during the presentation for not making it like a sales pitch.

HTTP Cookie

First, let’s revisit what is a cookie, it was originally sent and received as an HTTP header which is why the formal name is “HTTP cookie”. When we retrieve a web resource from a web server, web page or image, the web server generates a small piece of information and stores it with our web browsers. Next time we get another web resource from the same web server, or other web servers from the same domain, that piece of stored information will be sent to the web server.

It was very useful in the early days of web applications created with server-side technologies, such as PHP, JSP, and ASP, so the web application could recognize the same user and provide customization.

A major and most critical change is that cookies can be set and retrieved by JavaScript when frontend technologies are getting more mature and updated, which makes a big difference in how we handle cookies and measurement now.

Concerns Around Cookies

There have been problems with cookies since day 1.

It is not secure. It was stored as a plain text file on our computers and easily accessible by anyone who can get access, whether physically or remotely, intentionally or unintentionally, such as hacking.

Privacy concerns are an even larger issue, with all the third-party cookies following us across different websites on the internet; with more and more powerful machine learning and AI capabilities, tech companies know us more than ourselves.

Some people may think an unknown problem may not be a big problem. However, the public is becoming more aware that their data and privacy are at risk as we see with all the news around security incidences, privacy scandals, AI capability, etc.

These have triggered a lot of new regulations to protect end users.

A Look Into History

When we look back, the cookie was invented and standardized about 30 years ago. Big and new tech companies soon identified the power of third-party cookies and the potential of online advertisement, especially with a booming internet population. Google Ads, Facebook Ads and more media platforms were launched.

However, at the same time, we started seeing security incidents and privacy scandals now and then. As a result, new laws were introduced, such as EU GDPR and China PIPL.

There are only a few examples of media platforms, incidents, and laws, being mentioned. There are way more and unable to pack in.

Cookie-less — The Challenges

So what are the challenges we may face about the cookieless?

We should know that only the third-party cookies are going, which have a big issue with privacy violations as they follow the user across all websites they visit.

We still have first-party cookies and new web storage APIs to store information about users on the front end. Most analytics and media tracking already use JavaScript to track, which reads/writes cookies on web browsers, maintains the identity of the same users, and sends this identity as a URL parameter to analytics and media tracking platforms. Cookies can be out of the picture. We are still able to track user behaviour on our digital properties and measure the clickthrough and on-site conversion from paid media.

The challenge is more on media platforms. They are no longer as effective as they are getting harder to identify and follow the same users across different websites to produce the user profile. This weakens some of their capabilities, such as lookalike audience and retargeting, but these capabilities are not all gone and only weakened. Big tech companies like Google and Meta still know a lot about us based on our interactions on their platforms and other proxy approaches to target us, as such a household member searching for a particular product then other members may be targeted as they all have the same IP address. Media platforms are still able to provide lookalike and retargeting abilities on their platforms.

How Will Cookie-less Affect Brands?

Then how does a cookie-less environment affect brands and what should we do?

The cookie-less discussion is only one of the items under the overall subject of privacy. We should welcome the trend of better privacy protection for our customers as we always talk about customer-centricity where privacy should be a part of that.

I like to think that privacy concerns on the internet and the digital space are similar to the environmental issues we have in real life. Some of the practices we have in digital marketing just like burning fossil resources for energy, with a lower cost and easy to access but not sustainable. If the majority of digital marketing activities come at the cost of customer privacy, the digital environment will become toxic and we will have no customers left behind, or they will find their way to protect themselves.

We should shift our focus from upper channel acquisition to a better overall customer experience, and look for first-party data internally and second-party data from business partners, so we can deliver a better customer experience on owned digital properties for conversion.

What Can Be Done?

Cookies And Privacy Consent Management

Even though third-party cookies are gone, we are still tracking users with first-party cookies and there are regulatory requirements on how we collect data and its usage. However, regulatory requirements are usually the minimum requirements, we should go beyond the minimum to be customer-centric and develop a sustainable digital environment.

More and more websites now have a privacy preference management section to allow users to opt in/out of different cookies or tracking, instead of only a message telling the users that they are tracked and can only accept. Of course, we may lose some data if users opt out of some tracking, but this will restore trust from users.

Many websites are also using a simple tactic to offer an easy-to-click and attractive accept-all button with a less prominent detail configuration option, hoping users simply accept all. Lazy users like me and those who trust the brand associated with the website are likely to accept all, and no data would be lost.

There are multiple solutions, like OneTrust and TrustArc, on the market to help manage privacy preferences with some best practices, such as grouping cookies into different categories for users to easily manage their preferences.

Cross Channels Analytics

We all know customers engage with us using many different touchpoints; understanding their engagement across multiple touchpoints is the first step towards providing a comprehensive customer experience. To get this done, we need only first-party cookies and a lot of ID mappings.

A typical case for an insurance business is sending prospects from paid media to a website where they submit a lead generation form with contact information and then pass it to an agency to follow up and close sales. There are three touchpoints in this journey — the paid media, website, and agency; and different systems collecting data where we need some keys to connect them.

The simplest approach to connect data across in this case is passing the campaign tracking parameters from paid media to the website and to the system used by the agency to manage lead and closing sales. Collect data from different platforms and go through the ETL process to map using the campaign tracking parameters. Finally, create some dashboards using tools like Tableau or PowerBI for ongoing reporting on the mapped data. Sounds easy and low-tech but is not flexible as a new dashboard is required from time to time.

Another approach is using an advanced analytics platform like Adobe Customer Analytics, where we can inject data from different sources with customer identifiers, and then create an identity map to connect data from different sources to build a unified customer profile. From this unified customer profile data, we can freely create new reports and analyses anytime. This requires more upfront effort to get customer identifiers from different data sources and create the mapping to connect them but provides a great level of flexibility and possibility on future reporting and insights.

Marketing Automation

Marketing automation is not new and it is getting more and more important in the post-cookie era as we want to deliver a personalized customer experience and journey. It helps shift the focus from the heavily third-party cookie-based upper funnel acquisition to the first-party cookies and data-driven engagement and conversion. It also helps in terms of cross/up sales and customer retention after the initial customer acquisition to enhance the total customer lifetime value.

However, when we think about marketing automation, we should remember there are multiple touchpoints in the journey, we cannot only send some emails and SMSes then considering that marketing automation has been done.

There are many marketing automation solutions on the market, from some big names like Adobe, Salesforce, and Oracle to some smaller players which we may never heard about. Many of them may be built or started around direct communication with emails/SMSes and come with different target industries and use cases, such as B2C vs B2B, the journey is very likely and should involve paid media exposure, website visits and mobile usage if we think only in terms of digital, or even some channels like call centres if we consider offline touchpoints. Connecting all those systems and ensuring a consistent and personalized message delivered on each step of the journey is important to encourage the customer to complete the desired journey.

Customer Data Platform

The customer data platform is a term we often hear together with post-cookie and most of us have come across many sales pitches for CDPs already. CDP is not a new idea; we have been talking about Customer 360 for decades and are not there yet. However, with CDP, it seems like we are getting close.

The core element for a CDP is the capability to produce a unified profile for customers with multiple data sources — website traffic, CRM, POS, call centre, etc. All these platforms have a lot of information that can be connected and give us a better understanding of the customer.

Another scenario for an insurance business that a customer with a medical policy was searching for claim information on the company website and was unable to find the required, then clicked the chatbot icon and asked some questions but also failed to get the desired answer, call centre representative called back hours later and answered questions related to pre-approval and hospital check-in/check-out, finally a servicing agent contacted the customer after a few days and offered further support with all previous information on hand.

That is a made-up story focusing on servicing rather than acquisition and sales. However, with all this customer profile and interaction information on the CDP connected and bound to the specific customer, we can provide a more personalised experience and better service to the customer, and generate new/cross/up sales opportunities.

CDP is also well connected with the cross-channel analytics and marketing automation mentioned above. Cross-channel analytics provides comprehensive insights, CDP creates precise segments, and marketing automation delivers personalized journeys.

Here are two more core capabilities of CDP, connectivity and segmentation. More connectivity to get data ingested from different data sources and send segments to different activation destinations is better. The more flexible and real-time segmentation is better than daily batch and rule-based segmentation.


We are supposed to talk about cookies but we should actually forget about cookies and leave them behind.

We can all start to think beyond the cookie and the disappearance of the third-party cookie will act as a trigger to change the way we do digital marketing.

Respecting our customer’s choices, and providing an end-to-end and personalized experience to our customers


The True Killer

Incognito or private browsing is a way users can protect themselves. We are still able to track and measure even with incognito or private browsing but lose the capability to identify the same user over multiple sessions and provide a personalized experience.

Moreover, there are also browser plugins that can prevent all kinds of tracking and VPNs from hiding the whereabouts of customers’ location, all these are different types of protection actions that can be done by users if they find the digital environment to be unsafe.

All technologies can be replaced and trust is the only thing that cannot be replaced.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *