The impact of Google’s decision to kill the third party cookie cannot be understated. The list of advertising features the cookie powers is enormous and without those features the lifeblood of publishers, advertising revenue, will fall dramatically. A short list of companies is vying to impact the replacement for the cookie – vying to influence how we rebuild the internet’s lifeblood. The decisions will impact which websites can generate revenue and how they do it. These companies are deciding how much of the $125 billion/yr industry they get to take home.
Luckily we have two years (now less) to prepare and most discussions about how we’re going to replace the cookie are very public. The breakdown below explores which companies are pushing their influence, their proposals, and what each stands to gain if they get their way. The list is broken down into two parts – those working with the W3C to define an agreed upon standard for browsers like Chrome to implement, and those working independently from the group. Undoubtedly each company here is investing significantly in finding a solution and at this time most of that work is not public facing. For links to a deep dive on each proposal, see the proposals overview section. For links to deep dive on types of solutions, see the solution types section. Attribution/measurement proposals are not included right now.
Google/Chromium are relying heavily on the web community to help develop new standards. The majority of this work is led by the World Web Consortium (W3C) who maintain web standards. These discussions are purely in the brainstorming phase and may lose out to an independent solution or a yet to be shared proposal.
Google’s initial contribution proposes an entirely new methodology to serve contextual and first party audience targeted ads. In short they propose taking elements that are currently owned by adtech companies (audience data and the auction mechanism) and moving them to the browser. The proposal is focused on significantly improving user privacy by having the user own their own data. Additional proposals build on the framework, but currently the proposal has met push back for its narrow scope (context and 1pd only). Turtledove is an idea for very basic ad serving, and doesn’t provide any “advanced” features like detecting ad fraud, brand safety, ad spend pacing, 2nd/3rd party data, a/b testing, etc.
The proposal is excellent for user’s privacy, but is also a power grab by Google
Turtledove moves a significant amount of power currently owned by adtech companies into the hands of the user and the browser. The proposal is excellent for user’s privacy, but is also a power grab by Google. Google doesn’t earn revenue from the move, but Chrome takes control over most of the ad serving process which currently lives with other companies. This cements Google’s position in the ad ecosystem, even for ads served outside of their ad serving products like DV360.
Federated Learning of Cohorts (FLoC)
Google’s next contribution is a replacement for traditional 3rd party audiences. FLoC uses federated learning (fancy new machine learning that is privacy conscious) to build segments of users, or flocks, based on a user’s browsing history. The proposal is light on details and it is not really clear how this would be used in practice. We do know that user data would be stored in the browser, not in an a company’s database. Targeting would be similarly privacy-conscious to Turtledove.
After reaching out to the author it would appear that the current ecosystem for 3rd party data would be entirely scrapped, even from an ideological perspective. Advertisers would no longer be able to target groups of users based on a single attribute (ie in market auto, chess enthusiast, small business owner, etc). Instead flocks would group users who behave similarly based on their browsing history. This looks more comparable to targeting a persona (likely male, likely mid 30s, likely high income, likely interested in outdoors). It is still unclear though how those attributes would get their labels, if at all. We also don’t know if adtech vendors would be able to do analysis on these flocks.
Rubicon / Magnite
FLoC + Gatekeeper
Magnite’s contribution builds on Google’s FLoC’s for replacing third party audience segments. Refreshingly, this proposal takes Google’s ideas but negates the power grab. Rather than audience segments (‘flocks’) living in the browser, Magnite proposes an independent, not-for-profit, third party gatekeeper who builds and owns the flocks. This takes advantage of all the privacy benefits but ensures an even playing field. It also promotes transparency in the process of creating flocks. Additionally, the proposal includes a novel way to easily share 2nd party data within small groups.
I don’t see a direct benefit to Magnite in this proposal, except for leveling the playing field for all players. I am not terribly familiar with their business though.
Facebook’s contribution adds an important ecommerce-focused feature to Google’s Turtledove. The proposal describes how users dislike seeing an ad for a product they’ve already bought, and proposes a way in which that problem would be resolved. Effectively, when a user buys something online, a product id is stored in their browser and when an ad auction is held the auction can check if that id exists in the browser and stop bidding if so. The result is that if you’ve bought a product you won’t see ads for it in the future. Additionally, data about your purchase stays in your browser and isn’t sold/reused by third parties.
I move to veto the bird themed naming conventions.
Facebook exists as a walled garden and isn’t impacted as significantly by the removal of third party cookies, but this proposal is an excellent example of something that would improve the industry in general and therefore benefit Facebook as well. Facebook also included potential extended features like enabling a user to block ads from a specific advertiser or ad network. Exciting!
The author of the proposal writes, “[Sparrow] is an enhancement of TURTLEDOVE proposal aiming at providing more value for the ad ecosystem, more control and transparency, and safeguarding the user experience, whilst keeping all the privacy guarantees. SPARROW also provides the opportunity to extend advertising use cases coverage.” The proposal aligns with the W3C’s goals by adding many features that Turtledove missed: Fine tuned control of campaigns by advertisers, brand safety, fraud detection, 2nd party data sharing, and attribution/measurement.
The proposal thoroughly fleshes out Google’s proposal by adding in a gatekeeper. Similar to Magnite’s proposal, Criteo wants a trusted 3rd party to take data from each side (advertiser, publisher, user) and use it to compute bids. This is most similar to how the auction works today, but has added privacy benefits for users. Currently, ad exchanges work similarly to a trusted 3rd party, as they take data from all sides and run the auction. Each side has access to data though, so currently there is no trust required.
This is another proposal that relies on an independent neutral third party to provide critical infrastructure. Unlike in Magnite’s proposal though, this gatekeeper would be for profit and be paid by advertisers – likely on a cpm or bid basis. Criteo would likely pivot into this role, as they’ve often struggled to weather the pro-privacy changes in recent years.
While web standards created by the W3C are great in theory, oftentimes they are not actually adopted. Even if the W3C standards are created and adopted the web may prefer an independent solution. The companies below are working outside of the W3C to build their own replacement for the cookie.
A few companies below have a universal ID. These solutions aren’t looking to rebuild the entire ecosystem, just to create an ID that matches one person to all of their devices. The end results of any universal ID is the same, but the differentiator between them is the dataset they’re built on. Compared to the W3C’s proposals a universal ID doesn’t change the industry much and acts as the incumbent solution. It may be difficult to dethrone a universal ID, especially considering that some are already live.
IdentityLink is currently the solution most people are talking about, having already existed for a couple years. Liveramp does have a unique dataset (and therefore device graph) in that they have been the clear winner in bringing offline data online for many years. I’ve personally uploaded tens of thousands of users’ PII into Liveramp. Outside of the tier 1 DSPs, a good amount of med/small DSPs and SSPs are currently using IdentityLink. Liveramp claims their solution is pro-privacy and provides a one time opt out. Compared to Turtledove their privacy claim doesn’t hold water though.
Liveramp is already preparing for cookies to be gone by having publishers ask users for their email address in exchange for content. Liveramp then uses the email address as a replacement for cookies.
The Trade Desk
Unified ID Solution 2.0
While UID 1.0 was strictly limited to cookie environments, the 2.0 version is a universal ID with a twist. UID 2.0 is a sign-in solution (When registering a new account on a website, this is like signing in with google/facebook/apple id). The most interesting piece is TTD won’t own the solution. They are creating it open source as a web standard and then stepping away. This is the same goal as W3C, but TTD claims they aren’t working with the W3C “to make fast progress”. I’ll leave any guesses beyond that reasoning up to the reader!
Regardless, this will be the first sign-in solution that could put up a real fight against the google/facebook/apple sign-in solutions. Previous attempts by other companies didn’t give publishers a reason to use a new option – but adding TTD’s solution will certainly increase ad revenue due to high match rates.
Other Universal IDs
A variety of companies are trying to compete with their own universal IDs. Realistically anyone with a decent ID graph can try and compete in this space. This article goes through most major players.
Non-Universal ID Solutions
A few small vendors are working on alternatives to universal IDs and cookies that are more privacy conscious. These solutions have yet to gain much market traction though.
In summary, the end of the cookie is still two years away and there are a thousand different paths we might take to get there. The marketplace will likely adopt many different solutions all at once, as thats what we’ve always done. Every publisher goes through multiple ssps and exchanges, places a bunch of different vendor pixels, and diversifies where it makes sense. Replacing the cookie will be no different, so I’d expect the market to adopt the W3C’s spec, TTD’s solution, Liveramp’s solution, and a variety of other solutions. While I’d love to tell you who will when and what solution you should start preparing for, there really is no answer.