Is A Cookieless Future The Way Forward

The planned removal of third-party cookies from Chrome browsers by Google, which was announced in January 2020, represents a shift in the digital world toward a cookie-less future.

Google says the reason for eliminating #cookies is that consumers want data privacy and more flexibility.

Marketers will have to increasingly rely on first-party data in this cookie-less future. Marketers will face difficulties in the cookie-less future as they try to identify and connect with new audiences. How to target ads without cookies will be the biggest challenge.

Another cookieless future challenge is how to measure advertising effectiveness without cookies. Advertisers will need to find new ways to track conversions and optimise campaigns.

The cookieless future will also present opportunities for marketers. The focus on first-party data will give marketers a better understanding of their audiences. Additionally, the cookieless future will create a level playing field for all companies.

Problems with Cookies

Cookies can be used by third parties to create comprehensive, possibly intrusive user profiles that go beyond simple location tracking and ad posting. The majority of users are astonished to learn just how much their social media platforms know about them, even if some of these sites make some of this profile data available to their users.

Here are a handful of the most important security issues that cookies can cause-

  • Cross-Site Request Forgery (CSRF or XSRF): Cookies may contain important data, but they aren’t very intelligent, making it impossible for them to determine whether a request is coming from a reputable user or not. As a result, numerous nefarious third parties carry out CSRF attacks via cookies.
  • Cross-Site Scripting (XSS): Websites that have been compromised are frequently the targets of XSS assaults. In these attacks, hackers infect websites with malicious JavaScript or HTML code that can be used to solicit cookies and other information from unwary users. Cookies are a tasty reward for many hacking attempts since they might include sensitive information like login details.
  • Session Fixation: As we’ve seen, cookies are frequently used to keep you logged in between visits to websites. This is known as session fixation. Through session cookies, which keep a special session ID on file for as long as your browser is open, this is accomplished. Unfortunately, by including their own session ID in a URL they send you, hackers may be able to steal your login information. A hacker can access your account on a certain website if you log in using one of these URLs.

Data Driven Marketting and a Cookieless Future

Industry experts must look for replacements as a well-known internet marketing tool for learning about consumer behaviour is gone. Due to privacy concerns, browsers have made the decision to discontinue collecting cookie data, which tracks users’ online behaviour. Apple’s Safari is limiting cookies, and Google aims to implement similar changes for the market-leading Chrome browser by 2023. The use of cookies in traditional advertising has undergone a substantial change as a result. Particularly impacted are third-party cookies.

Advertisers will still be able to post Google advertising on websites and monitor how frequently people are seeing them. They won’t be able to track specific people while they browse the internet, though, or create thorough profiles of their interests.

The cookieless future is likely to lead to a shift in how advertising is bought and sold online, away from the current system known as real-time bidding, or RTB. Currently, when someone opens a web page with an ad space on it, an auction is held in milliseconds, with advertisers bidding to have their ad visible. The winning bidder pays the amount they choose, and their advertisement is seen. The absence of cookies will make this procedure more challenging because users won’t be able to be recognised as they navigate the internet.

The Impact

The impact of a cookieless future is unknown, but it could mean big changes for the online advertising and marketing industries. Cookieless future may also spell the end of personalised ads and targeted content.

It is possible that a cookieless future could result in a more private and secure internet experience for users, but it is also possible that it could lead to a less effective and useful internet overall. Only time will tell what a cookieless future will truly mean for the internet as we know it.


The cookieless future will assist in removing many privacy issues, but it won’t completely do so. It’s only a matter of time before hackers and other nefarious parties figure out a way to exploit new tracking systems when businesses start to use them.

Companies should continue to be on the lookout for new privacy and security trends even if first-party data doesn’t end up being the next major attack vector. Even the most promising technology may be phased out if they provide a risk, as the past two decades have demonstrated.

Major Privacy Updates of the Week

Russian Hacking Groups Stole over 50 million User Passwords

Group-IB #cybersecurity researchers recently identified several Russian-speaking cybercrime groups offering info stealing malware-as-a-service (MaaS). According to Group-IB’s investigation, threat actors used 34 Telegram groups to coordinate their operations, infect over 890,000 user devices, and steal over 50 million passwords in just the first seven months of 2022. The Raccoon and Redline malware is being used by cybercriminal organisations to steal payment and wallet information, as well as login information for SteamRobloxAmazon, and PayPal

Read more

Irish Watchdog Fines Meta over Large-Scale Data Breach

For the loss of data pertaining to more than 533M customers, Ireland’s Data Protection Commission (DPC) fined Meta Platforms Ireland Limited (previously Facebook Ireland) €265 million. The DPC’s campaign of retaliation against social media firms continues. In April 2021, the DPC commenced legal action against Meta. Following that inquiry, the DPC came to the conclusion that Meta had violated Articles 25(1) and 25(2) of the #GDPR. For Meta, it raises the total amount of fines assessed against various company divisions over the previous 15 months to almost €1 billion. 

Read More

European Union Adopts the Digital Operational Resilience Act

The Digital Operational Resilience Act (DORA), which aims to ensure that the European financial sector is capable of remaining robust through a serious operational disruption, has been formally adopted by the European Council. For the security of the networks and information systems used by businesses and organisations in the financial sector as well as important third parties who offer them ICT-related services, #DORA establishes uniform requirements. 

Read More

AirAsia Hit by Ransomware Attack

According to reports, hacking group Daixin Team stole the personal information of five million AirAsia customers and all of its staff. The group also took credit for the ransomware attack that the airline purportedly suffered earlier this month on November 11 and 12. Passenger IDs, full names, booking IDs, staff pictures, secret questions, nationality, dates of birth, countries of birth, and locations are reportedly among the personal information exposed. The representative for Daixin stated that the network of AirAsia was actually so disorganised that the gang was deterred from carrying out additional attacks. However, the group also complained about how poorly protected the company’s network was. 

Read More

The Parliament of Australia Passes Privacy Penalty Bill

The Australian Parliament approved the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022, commonly known as the #Privacy Penalty Bill. The maximum penalties for serious or persistent privacy violations are now $50 million, three times the value of the benefits gained through the misuse of information, or 30% of a firm’s adjusted turnover in the relevant period, whichever is greater. The previous maximum penalty was a $2.22 million fine. 

Read More

Curated by: Prajwala D Dinesh, Ritwik Tiwari, Ayush Sahay


Keep up to pace with this high-impact weekly privacy newsletter that
features significant data privacy updates, trends, and tools that can
help to make your life secure & easier every day!

*By clicking on subscribe, I agree to receive communications from Tsaaro