What are first, second and third party cookies?

First, second, and third-party data have been around for quite some time. The majority just wasn’t aware of the distinction between them. The discussion really started when Google and Apple introduced application and software updates that affect the collection of third-party cookies. I get lots of questions about cookies. This article covers the definitions of 1st, 2nd, and 3rd party cookies including examples. I’m using layman’s terms here, because not everyone is a techie – but everyone should know about it.

What is a cookie?

A cookie is a text file that contains data. It contains information about the user who visits the website. This way, if you close the browser and then open it again, you won’t have to put in your username and password on that website. Cookies could also store information about the items in your shopping cart. So when you leave the website to come back later, the items will still be in your basket. Cookies also store information about visited pages or other behavioural data. Example: some website show relevant content based on your reading patterns. Netflix does this with recommended series or films. As you can start to see: cookies are the basis of creating great customer experiences.

Who are the parties anyway?

There are at least three parties (excluding you) to play this game:

  • The website you currently visit (randomshop.com)
  • An advertisement server / ad server (ad.doubleclick.net)
  • A website that monetizes its reach by showing ads to its readers (randomnewspaper.com)

I will drill down into more detail below.

What are first-party cookies?

The website you currently visit stores information about your visit. They do that by using cookies. Because the cookie is created and stored by the website you currently visit, we call them first-party cookies. They store information about sessions, viewed pages or items in your basket. They can also store information about your login, or favourite topics. The website builder basically chooses which data points he will collect in order to optimize your website experience. More technically said: first-party cookies are stored under the same domain as the one you currently visit.

What are third-party cookies?

Third-party cookies are pieces of information that are not created by and not stored by the website you currently visit. But they do store information about your behavior, and your web visit. It’s used by (hence the name) a third-party. They usually include providers of advertising, retargeting, analytics and tracking services.

Suppose you’re shopping for books at randomshop.com. A third-party cookie stores information about products you viewed, products you clicked or added to your basket. This way, information on your user behavior on amazon.com is passed on to Doubleclick. Then, when you visit another website like randomnewspaper.com, Doubleclick uses that information to display products you recently viewed or similar products while you are browsing that other website. This is called remarketing or retargeting.

Example of third-party cookies

How this technically works: it starts with randomshop.com who has set-up retargeting ads through an adserver like Doubleclick. They do this to because they want to seduce you to come back to their website after you left. During your visit at randomshop.com, the website loads a piece of code from an ad server like Doubleclick. That piece of code collects information about your visit to randomshop.com, for example, a television you just viewed. When you leave randomshop.com and you’re visiting randomnewspaper.com, the newspaper website loads a piece of code from that same ad server. Doubleclick’s cookie recognizes you as the user who viewed a television.

Based on randomshop.com’s advertising goals configuration (say: complete your purchase), Doubleclick will load an advertisement about that television while you are reading randomnewspaper.com. What does randomnewspaper.com get out of this? They get paid to show ads to their readers, either by impressions, clicks or purchases performance.

What are second-party cookies?

Second-party cookies are not considered cookies. There’s either first or third party cookies. Cookies that are either stored by the domain you’re visiting, or by another domain (like the randomshop.com example). The name second party stems from the second-party data subject, which I’ll cover in another article. It basically means two parties who agreed on sharing the cookies. So you have a first-party cookie, it’s stored by the website you visited. The whole file is then transferred to another party by some kind of mutual agreement or partnership.

If you have any questions about how the blocking of third-party cookies by iOS and Chrome will likely affect your business and how to cope with it, get in touch with me. I’m happy to assess your situation, and how to move forward.