Google Is Keeping the Cookies. What Should You Do?

Google shifted its policy to keep third-party cookies. How can you ensure you keep user data safe?

Written by Daniel Pearson
Published on Nov. 05, 2024
A tray of freshly baked cookies with a cup of coffee
Image: Shutterstock / Built In
Brand Studio Logo

Google recently announced a shift in its approach to cookies, deciding against entirely phasing out third-party cookies. Instead, the tech giant aims to provide users with more informed choices about their data across the web.  

This move, driven by regulatory pressure and privacy concerns, comes as businesses worldwide adapt to evolving cookie policies. With 73 percent of organizations adopting third-party cookie alternatives, it’s crucial for businesses to keep up with these changes while maintaining user trust and ensuring data security. 

As privacy becomes a fundamental requirement, businesses must rethink how they collect, manage, and protect user data. Here’s a breakdown of how companies can safeguard user privacy in this new era of digital tracking. 

3 Privacy-First Measures to Protect User Data

  • Shift to aggregated data.
  • Enhance transparency around user content.
  • Limit data collection.

More on CookiesThe Cookie Is Crumbling. Is Your Business Ready?

 

Understanding Google’s Cookie Retention Policy 

Cookies are small files stored on users’ devices that allow websites to remember information about their visits to a site, such as login details or browsing preferences. We can divide these cookies into two types: 

First-Party Cookies

Created by the website the user is visiting, these cookies enhance the user experience by remembering settings like language preferences or login information. 

Third-Party Cookies

Set by external domains, these cookies are typically used for advertising purposes and track users across multiple websites to build detailed profiles for targeted ads. 

 Google’s decision to retain cookies while offering more control to users is significant. Understanding this policy is especially important for small- and medium-sized enterprises (SMEs). Unlike large corporations with teams dedicated to handling privacy compliance, SMEs often lack the resources to stay on top of privacy regulations. Failing to adapt to Google’s evolving cookie policies can result in regulatory fines and damage to a company’s reputation. In fact, according to a McKinsey survey, 87 percent of consumers said they would avoid doing business with a company if they had concerns about its data security practices. 

 

Why User Privacy Matters for Small Businesses  

User privacy is now a critical concern for businesses of all sizes, but it can have a particularly strong impact on SMEs.  

A privacy breach can not only damage a company’s reputation but also lead to financial losses and a loss of consumer trust. As consumers become more aware of how their data is used, they are increasingly prioritizing privacy, which means businesses must do the same. 

Several federal privacy laws exist to protect user data, and non-compliance can be costly. The Health Insurance Portability and Accountability Act (HIPAA) requires businesses that handle health information to follow strict guidelines to protect this data. 

The Gramm-Leach-Bliley Act (GLBA) sets requirements for companies handling personal financial data. 

The Federal Trade Commission Act (FTC Act) prohibits unfair or deceptive practices, including breaches of privacy and poor data security standards. 

Failing to comply with these regulations can lead to hefty fines, which can be devastating for small businesses. In addition to regulatory risks, SMEs are also vulnerable to cyberattacks. Hackers often target smaller companies, assuming they may have weaker security measures in place. 

By investing in privacy-first measures, SMEs can protect their data, comply with regulations, and build consumer trust, giving them a competitive advantage in today’s privacy-conscious marketplace. 

 

Implementing Privacy-First Measures  

Adapting to Google’s updated cookie policies requires businesses to adopt several privacy-first practices. Here are key strategies companies can implement to safeguard user privacy effectively. 

Shift to Aggregated Data

Instead of tracking individual users, businesses can focus on collecting aggregated data that reflects broader trends and behaviors. For example, instead of monitoring the actions of individual users on a website, companies can analyze overall traffic patterns, conversion rates or page views. This reduces privacy risks while still providing valuable insights for decision-making. 

Enhance Transparency Around User Consent

Transparency is crucial when it comes to collecting user data. Businesses should provide clear and accessible options for users to manage their privacy settings and consent preferences. This includes explaining what data you’re collecting, how you’ll use it, and giving users the choice to opt out. Empowering users to control their data helps build trust while allowing companies to continue offering relevant content or advertisements. 

Limit Data Collection

Businesses should prioritize collecting only the data that is absolutely necessary for their operations. The more data a company collects, the greater the responsibility to protect it, and the higher the risk of non-compliance with privacy regulations. By limiting the scope of data collection, companies can reduce their exposure to privacy risks and potential breaches. 

More on Digital AdvertisingHow Do Targeted Ads Work? Targeted Ad Advantages & Disadvantages

 

The Future of Digital Privacy and Cookies  

Google’s evolving policies reflect a larger shift towards privacy-friendly advertising, and businesses must stay ahead of these trends to remain competitive. 

Context-Based Advertising

As third-party cookies are phased out, companies are moving towards context-based advertising, which targets ads based on the content of the webpage, rather than tracking individual users. This approach respects user privacy while still delivering relevant ads. For example, an ad for hiking boots might appear on a webpage about outdoor activities without tracking the user’s browsing history. 

Privacy-Centric Advertising Solutions

Emerging technologies prioritize user privacy while still enabling targeted advertising. Google’s Privacy Sandbox is one such initiative. It offers privacy-focused tools designed to reduce reliance on third-party cookies while still allowing advertisers to reach relevant audiences. These solutions are likely to become more popular as businesses seek to balance advertising effectiveness with consumer privacy. 

Consent-Driven Advertising

Companies that adopt a consent-driven approach to advertising are likely to thrive in the privacy-first future. Offering users clear and easy-to-use privacy controls not only builds trust but also ensures compliance with regulations like the California Consumer Privacy Act (CCPA), which governs how companies collect and use data in California. Businesses that prioritize privacy in their advertising strategies will stand out from competitors who lag behind in adopting these practices. 

Stronger Regulations

As concerns over privacy continue to grow, it’s likely that new regulations will be introduced to govern the use of cookies and user data. Businesses must stay up to date on these developments to ensure compliance. In the US, laws like the CCPA are already setting strict rules for data collection, and we can expect more regions to follow suit in the coming years.

Explore Job Matches.