Third-party cookies are cookies that are set by a website other than the one you are currently on. For example, you can have a "Like" button on your website which will store a cookie on a visitor's computer, that cookie can later be accessed by Facebook to identify visitors and see which websites they visited. Such a cookie is considered to be a 3rd party cookie.
Another example would be an advertising service (ex: Google Ads) which also creates a third-party cookie to monitor which websites were visited by each user. This is the main technology used to show you products that you previously searched for on a completely different website.
Read on to learn more about 3rd-party cookies and why these may soon be disappearing from the web.
What cookie types are there?
There are three types of cookies:
- First-party cookies are stored under the same domain you are currently visiting. So, if you are on example.com, all cookies stored under this domain are considered first-party cookies. Those cookies are usually used to identify a user between pages, remember selected preferences, or store your shopping cart. You can hardly find a website nowadays that does not use first-party cookies.
- Third-party cookies, as explained before, are cookies that are stored under a different domain than you are currently visiting. They are mostly used to track users between websites and display more relevant ads between websites. Another good example is a support chat functionality provided by a 3rd party service.
- Second-party cookies are a questionable topic. Some people might say they don't exist at all. In general, second-party data is some first-party data shared between partners. In this sense, second-party cookies are just part of that data related to cookies.
How Third-Party Cookies work
Third-party cookies are — you guessed it — cookies that are tracked by websites other than the one you are currently visiting.
Third-party cookies… one common example. Let’s say earlier in the week you looked up some vacation rentals in Cancun. You browsed a few websites, admired the photos of the sunsets and sandy beaches, but ultimately decided to wait another year before planning your vacation. A few days go by and suddenly it seems like you are seeing ads for Cancun vacations on many of the websites you visit. Is it a mere coincidence? Not really. The reason you are now seeing these ads on vacationing in Cancun is that your web browser stored a third-party cookie and is using this information to send you targeted advertisements.
You’re unintentionally creating a “trail of crumbs.” Most web users don’t realize that a browser window with multiple tabs open constitutes a single “session.” As you move from tab to tab, you are unwittingly relaying information about your web visit history to other websites and parties. And, closing the web browser doesn’t always eliminate the cookies your computer stores following the session. Depending on the browser you use, you may have to activate this manually.
How to clear your cookies after each session?
If you want to dump your cookies at the end of each session, select one of the following in your browser’s preferences:
- Chrome: ‘Keep local data only until you quit your browser
- Firefox: ‘Clear history when Firefox closes’
- Internet Explorer: Delete browsing history on exit
If you do not select one of these preferences your browser will preserve cookie data from session to session. In other words, those ads tempting you into a vacation in Cancun will not disappear so quickly.
That seemingly random email isn’t so random. Let’s say you’ve visited a website where you have created a login ID. They likely have your name, email address, and possibly even your telephone number and street address. If the website uses 3rd-party cookies, or you have other tabs open during your session, your cookies may be revealing your contact information to other parties to send you SPAM.
You may be on a website with 3rd party cookies and not even know it. One of the failings of cookie notices is that they don’t often specify what types of cookies are being used on the site. They could be first-party, third-party, or both. But, if the website has advertisements (which many do), then you can reasonably expect the website to be generating both first- and third-party cookies.
To see if a particular website is using third-party cookies you can try the method mentioned below in this article, or visit cookie-script.com and enter the web address into the bar on the home page.
How are Third-Party Cookies created?
The simplest way 3rd party cookies can be created is when a currently visited website requesting a third-party service. Let's say there is an integrated live chat on the website
example.com. To make it work, example.com is requesting a script from some live chat service provider, ex.
The script could look like this:
Basically, it says "go to
someservice.com domain. And there you go, before you notice and before the live chat window appears, your browser is already storing 3rd party cookies from some random website you never even visited.
How to tell if a website uses Third-Party Cookies?
You can check if the website uses 3rd party cookies in any modern browser. Instructions vary in different browsers.
In Google Chrome, do the following:
- Press F12 to open Developer Tools (or right-click on the page and choose Inspect Element)
- In Developer Tools choose the Application tab
- On the left, double-click the Cookies section to unfold it
You should see the current website domain (or subdomain) here. If you see any other domains in this list it means the website uses third-party cookies:
Are Third-Party cookies actually useful?
Since the late 1990s, online marketers have built their businesses on the ability to track online users and then target them with advertisements, and much of this has been through the use of third-party cookies. Let’s play “devil’s advocate” for a moment. Could third-party cookies actually be useful for users? In a way, yes. The two largest online advertising firms, Google Ads and AdSense, make a valid point that 3rd party cookies are useful to consumers as they create advertisements that are in line with individual interests. After all, if you are forced to see the ads, it's better if they are related to your interests.
What happens after third-party cookies are eliminated?
Once third-party cookies disappear, there’s a likelihood that online advertisements will revert to contextual advertisements. That is, advertisements that are targeted to certain populations based on the website being visited, much like how magazines operate.
Although since targeted advertising is much more valuable, major advertising platforms may find other ways of tracking users between websites and remember previous search history.
The end of Third-Party Cookies
With the passage of CCPA, ePR, and GDPR, governments are seeking to protect the privacy rights of website users. These laws and regulations create civil and/or criminal penalties for those that fail to notify web users of the presence of cookies. These regulations also require website operators to let users know what information is being collected and to whom this information is shared, along with a way to opt out at any time.
Third-party cookies’ days are numbered. Pressure from regulators and consumers has led many within the tech industry to declare third-party cookies (and the targeted ads fueled by them) will soon come to an end. Apple’s Safari and Mozilla’s Firefox now block 3rd party cookies by default. One notable holdout is Google Chrome, which has a commanding 67% of browser market share.
Google has a major stake in third-party cookies. Nearly 90% of Google’s revenue is generated through advertising. Without third-party cookies, their advertising prowess could be negatively affected. This is one of the suspected reasons that the company is delaying a default block on third-party cookies until 2022. Until then, the company is taking steps to curtail some of the more invasive aspects of 3rd party cookies with their SameSite tool.
Frequently asked questions
What’s the difference between third-party and first-party cookies?
Third-party cookies come from a different URL than the one you are currently visiting, while first-party cookies come from the website you are currently visiting. Second-party data is a more complex topic, but generally entails first-party data being shared between two partners.
How do third-party cookies work?
Third-party cookies track user behavior in an effort to provide a more targeted experience based on the information that they can gather. Because of their nature, there are often privacy concerns attached, and without provisions, they may fall in violation of GDPR and other privacy regulations.
How can I clear my cookies?
You may grow tired of receiving the same seemingly random ads over and over. But they may not be so random. Most browsers have settings that allow you to clear cookies or set them so that cookies are automatically cleared when the browser is closed.
How are third-party cookies created?
How can I tell what websites use third-party cookies?
Today’s modern browsers allow you to check to see if a website is using third-party cookies. This allows you to understand who may be tracking your path across the internet.
Can third-party cookies be useful to the user?
Third-party cookies do come with a host of privacy concerns and are built for the purpose of allowing companies to track the online movements of consumers so they can more easily target them with their goods and services. At the same time, they may also help users by allowing them to receive ads that may be more in line with their individual needs and interests. Consumers must realize they are giving up some privacy in order to be able to receive that experience.
Manage Third-Party cookies on your website with CookieScript
Keeping up with the latest cookie regulations and making sure your website complies is a job in itself. CookieScript keeps you compliant with GDPR, CCPA, ePR, and other regulations that are surely on the horizon. And, it’s super-easy to use.
How it Works
CookieScript automatically does the following:
- Scans your website for cookies
- Categorizes and adds descriptions to your cookies
- Maintains a full history of user consent (as required by GDPR)
- Allows users to withdraw consent at any time
- Block cookies until visitor consents (GDPR and CCPA)
Block third-party cookies by default. CookieScript also gives you the option to prevent third-party cookies from running on your website.