A third-party cookie is placed on the visitor’s hard disk via a website from a domain other than the one a user is visiting.
First-party cookies vs Third party cookies
First-party cookies
First-party cookies are primarily used to improve how users interact with the websites and are made by the host domain, which is the visited website. They are often used to improve user experience by remembering user preferences and settings such as items added to online shopping carts, passwords, language preferences, etc. These are accepted as an agreement between the user and the website to improve operations.
Third-party cookies
Third-party cookies are created by external
parties rather than the website’s owner and collect user data for the third
party. Similarly to first-party cookies, third-party cookies are placed so a
site can remember something about the user later. However, third-party cookies
are tracking cookies set by advertising networks that display adverts for goods
like the ones the user purchased or added to the shopping cart.
Third-party cookies in action
How are third-party cookies created?
Third-party cookies work by embedding JavaScript from one website to another. In other words, third-party cookies are created when any website requests scripts or resources from another domain. Say a user visits a website that uses an integrated analytics tool to measure its audience. The website will request scripts and resources from the analytics tool company (a third party) to activate it. The service provider will then respond by sending a JavaScript file as a response. This file stores cookie in the user’s browser and starts tracking them.
It is important to note that third-party script loading and storing of the cookies must be subject to the user’s consent, which means that if they decline such cookies, the website must block the script.
How do third-party cookies work?
For example, you are searching for a new pair of shoes. You browse a few e-commerce websites on the hunt for a new pair of shoes but decide to purchase them later. Later, you are reading a news website when you notice advertisement popups about the shoes you were browsing earlier. What happened here is that the e-commerce website placed a cookie on your browser, which tracked your online behavior and used the data to place advertisements related to your interest.
Third-party cookies and data privacy
There has been a general move away from third-party cookies. Blocking third-party cookies increases user privacy and security but has created a problem for consumer-tracking ad-serving firms. From a marketer’s perspective, third-party cookies are the most useful as they enable one to track users and place personalized advertisements that benefit their business.
How to enable or disable third-party cookies
Third-party cookies are often blocked and deleted through browser settings, but there are different steps to disable third-party cookies depending on which browser is used. So, depending on your browser, you can use the instructions below to disable third-party cookies.
To enable cookies in Google Chrome, open the Menu list from the top-right corner and select:
Settings – Privacy and Security – Cookies and other site data
– check the box next to Block third-party cookies to disable all cookies
or check the box next to Allow all cookies to enable cookies
In Safari, one can allow or disable all
cookies and cross-site tracking. On the upper left corner of the screen, select:
Preferences – Privacy – check the box next to “Block
all cookies” to disable all cookies or uncheck it to enable all cookies –
check the “Prevent cross-site tracking” option to block only third-party
cookies.
Firefox blocks third-party cookies by default; however, one can enable third-party cookies for specific sites in Firebox by selecting the shield icon on the address bar and turning off the “Enhanced Tracking Protection is ON for this site”, or go to:
Settings – Privacy & Security – Choose Custom protection mode
– uncheck the cookies checkbox to request Firebox not to block cookie scripts.
What do the GDPR and CCPA say about third-party cookies?
The GDPR and CCPA do not mention or discuss cookie regulation in detail; however, their definition of personal data includes cookie identifiers. Because the data collected by cookies are considered personal data (if they can be used to identify the user), then third-party cookies are subject to GDPR and CCPA rules.
The GDPR states that a website can’t store third-party cookies without asking for consent from its users, which means that it cannot even load the cookie script before receiving consent. To get cookie consent, one must follow certain practices to be compliant when gathering consent:
- Inform users about third-party cookies, who sets them, and why, in a simple language
- They must be given a clear choice to accept or decline cookies by categories
- Users must give consent to cookies by categories. It’s important to note that the categories must be turned off by default so that users can tick the categories they consent to
- Users should be able to withdraw consent at any moment and easily
- Users must have access to the privacy/cookie policy at all time
Data authorities strongly recommend using a cookie banner to gather compliant cookie consent. Cookie Information offers a consent management platform to help online businesses collect cookies consent.
Try our 30-day trial for free to test our cookie banner.