The Drum Awards Festival - Extended Deadline

-d -h -min -sec

Privacy Cookies Privacy Regulations Privacy

The Cookie is dead, but what comes next?

The Maverick Group


Open Mic article

This content is produced by a publishing partner of Open Mic.

Open Mic is the self-publishing platform for the marketing industry, allowing members to publish news, opinion and insights on

Find out more

July 7, 2021 | 7 min read

Marketers are facing up to a range of changes to privacy

Paul Slee, head of digital and transformation at The Maverick Group, explores what brands should know and what actions they should take to address them.

Privacy is a topic which has risen up the consumer agenda and as brands continue to grapple with a future of marketing in a cookie-less world, understanding where the industry is today, as well as where it will go in the future is increasingly important to successful marketing. With this in mind, here is an overview of what brands need to know at a time when an understanding of privacy and trust are vital tools for marketers.

Cookies come in two flavours:

First-party – created by the website/domain the user is visiting, to help provide a better user experience and gather analytics data.

Third-party – created by different websites/domains to the one the user is visiting. Mainly used for tracking, targeting and other online-advertising purposes.

Cookies, for example, track and influence the success of ad campaigns across websites and social media. Privacy concerns stem from how much personal data is being captured and the lack of regulation on how it’s shared or sold between companies.

Cookies are not shared between apps and browsers on mobile devices, which limits their ability to track the full customer journey. This, combined with privacy concerns, is why the cookie is crumbling (sorry).

Along with the death of the cookie, concerns about misuse of personal data have resulted in tougher legislation such as 2018’s General Data Protection Regulation (GDPR).

Meanwhile, Apple and Google have announced a tightening of their privacy policies with significant ramifications for advertisers. So, what can we expect?

What we know is happening:

- Google Chrome blocking third party cookies by default from mid 2023. This was planned to happen in 2022, however on Jun 24 2021, Chrome’s privacy engineering director Vinay Goel confirmed the delay saying, "This is important to avoid jeopardising the business models of many web publishers which support freely available content."

- Apple App Tracking Transparency (ATT) safeguard in iOS14.5 – a prompt notification that means users must explicitly give permission to be tracked.

- European Union Court of Justice June 2021 ruling that in certain circumstances, companies can be sued by any data protection authority within the EU.

- The California Privacy Rights Act (CPRA) legislation in 2023 – (a less strict version GDPR for the state of California).

What could happen next:

Tracking users across different platforms, devices, browsers, and apps will get harder – at least in the short term. The initial data indicates that most iPhone users won’t be opting in to be tracked. According to analytics company Flurry, in the US just 4% of iPhone users agreed via the ATT to being tracked, worldwide just 12%.

The full impact of ATT is unclear. One thing is certain – Apple is serious about ATT and its privacy proposition. Its emphasis on blocking workarounds shows this. Other companies are likely to take notice and tighten their own privacy policies.

Once these changes are rolled out, you may find some data holes in your customer journey. Getting information in or out of the tech giants’ walled gardens will become more difficult. Your advertising strategy and media plans will be further fragmented, while you find the best way to replace third-party data. Advertising budgets will shift heavily to publishers or social media platforms that can still offer granular targeting. Those inventory costs are going to increase.

What are the possible solutions?

While there’s no ubiquitous solution, there are a few interesting options that are worth exploring.


Atlas, Facebook’s ad platform, uses first-party data as a basis for serving targeted ads outside their existing ecosystem, with sophisticated privacy-friendly tracking across desktop and mobile.

The Facebook Conversions API helps maintain users’ privacy, while delivering personalised advertising and improved data transparency and control. It connects businesses’ data (CRM, sales platforms, etc.) to Facebook, enabling more accurate tracking across the customer journey.


Federated Learning of Cohorts (FLoC) enables targeted ads without tracking at the individual level. It groups anonymized user data based on demographics, behavioural characteristics and interests derived from their browsing history.


SKadNetwork is an ad network API that helps advertisers measure the success of ad campaigns, while maintaining user privacy. It collects campaign and conversion data on mobile devices for iOS apps without exposing user or device level data.

What advertisers should do now

With all this in mind, the question for brands is: what should you be doing now?

First-party data

Firstly, decrease your reliance on third-party audiences and grow your first-party data. Data collected directly from customers is more relevant, accurate and higher quality. Start by planning a privacy-by-design Data Strategy.

Ask yourself:

- What is the data going to help you achieve?

- How are you going to use it in practice?

- What insights or measurements are you looking for?

- What data do you have, what state is it in, and what are you missing?

- How will you ensure data security, privacy, integrity, quality, regulatory compliance, and governance?

- What resources and technology will be required?

- What do you need to communicate to customers, so they’re comfortable with the way you store and use their data?

Next, focus on your different customer types and where they can be found. Take a test and learn approach, to see what data collection methods work best for which customer types. Here are some to explore:

- Non-cookie reliant lead generation across all channels

- Social media advertising and engagement

- Email marketing

- Content creation

- Free/freemium products, services, or games

- Loyalty programs

- Polls, surveys, and customer feedback

- Giveaways and prizes

- Point of purchase and customer service interactions

- Websites and apps behavioural analytics

- In-store Bluetooth beacons (wireless transmitters that can push notifications and pull information about customer location and in-store browsing behaviour)

The right technology stack is also critical. Your strategy and objectives will dictate the right solution, but expert advice is essential – no one wants their brand associated with a customer data leak.

Finally, don’t neglect brand-building. Making users want to give you their information is half the battle.


Developing an advertising strategy to enable data privacy is another important step.

- Develop solutions that avoid third-party data use. Test non-cookie-reliant media mix campaign models. Explore non-intrusive personalisation. And develop new KPIs that aren’t based on individual user attribution.

- Test Contextual Targeting for your brand, product, and audience. Look for providers who are innovating and delivering good results.

- Utilise AI to automate and optimise targeting at scale. Machine learning algorithms can apply predictive models to identify behavioural patterns that can be used to target ad campaigns.

So, while there’s light at the end of the tunnel, brands must be aware that more changes are on the horizon.

Privacy Cookies Privacy Regulations Privacy


Industry insights

View all
Add your own content +