Interviews, insight & analysis on digital media & marketing

Is the cookie’s demise just one symptom of signal loss?

By Niall Moody, CRO, Nano Interactive

When Google switched off 1% of the lights on 4 January, a twice delayed deadline came into focus. Since then, we’ve seen a war of words around Topics API, much uncertainty and enmity across the industry. But is this upheaval limited to the cookie’s demise alone, or are we missing the bigger picture?

From IP addresses to fingerprinting, SDKs to link decoration, mobile IDs to 1st party data – when we look to the wider range of people-based signals used in profiling, many if not all are similarly threatened, or facing disruption down the road.

Often there are parallels with where the cookie stood a year or two ago – so in the following piece, I will outline where a few of these signals sit in the face of tech giants, legislators and public opinion.

Location, from IP Addresses to GDPR’s ‘Global Standard’

For the future of location targeting in the US and elsewhere, look no further than the effect of GDPR in Europe. Several specialist location companies shut down European operations. And former location specialists now talk in more muted terms about location ‘accuracy’, while interestingly, emphasising they also do so “without relying on personal data.”

The introduction of US state-level privacy law is still an ongoing process, as it will be in other regions across the world – but according to Gartner’s VP of Research, Nader Henein, “The European baseline for handling personal information is now the de facto global standard.”

While legislation advances at a local level, tech gatekeepers are forcing change to acceptable data signal use globally.

And as with cookies, IP addresses are also in the crosshairs. Google Analytics reportedly stopped logging IP addresses as of July 2023. And starting with its 2022 7 model, Google’s Pixel phones come with a VPN installed as default, which obfuscate IP addresses as a baseline function.

Then came the news that Google was planning to build IP address protection directly into its Chrome browser. The change won’t come into force overnight it seems, but as Econsultancy reports,

IP addresses have a privacy problem: they lack control on the user side, as users cannot disable them or turn them off.

Next, towards the end of 2023 came a flurry of stories predicting a more widespread clampdown on IP addresses. In connected TV, IP use has been widespread for several years – around both targeting and measurement. Digiday went so far as to state that all companies “really should reconsider their use of the IP address for tracking audiences.”

Fingerprinting & Mobile SDKs – “a Harbinger of Much Signal Loss to Come”

IP addresses are also reported elsewhere as a key ingredient in fingerprinting. For the mobile app space, software development kits (SDKs) have also long played a key role.

Meanwhile the Android Privacy Sandbox started rolling out in early 2023. With the SDK Runtime feature promising to shift in-app tracking and targeting to opt-in, just as Apple previously did with mobile IDs and ATT. The whole topic of SDK targeting is not well publicised outside of mobile circles, but as AdExchanger states, SDK Runtime “prevents them from gathering in-app data without permission, which had become common practice on Android.”

Meanwhile in June 2023, Apple launched ‘Privacy Manifests’. Bringing more transparency to API use and SDKs specifically – like an ads.txt for apps. Apple has previously sworn to shut down fingerprinting completely, saying “regardless of whether a user gives your app permission to track, fingerprinting is not allowed.”

By Spring, apps which don’t disclose their use of APIs and third-party SDKs face being barred from the App Store. “Big implications” are in store for tracking and measurement in the in-app space.

It’s interesting to note that according to AdExchanger, Google’s SDK Runtime API cuts off an SDK’s “ability to gather in-app data without consent” completely. Meanwhile, as mobile expert Eric Seufert points out, Apple’s Privacy Manifests is effectively a ‘self-declared’ solution.

With location as here with fingerprinting, is there a suggestion that Google is starting to take an even harder line than Apple on people-based data signals? Especially after being the last hold out on the cookie front, will this mark an ongoing trend?

Signal Loss, Profiling & Public Opinion

In short, signal loss goes well beyond the cookie – and we haven’t even covered several other datapoints also in the crosshairs.

But there is another reason that an over-focus on cookie deprecation in particular may be misguided: public opinion. And specifically, what consumers are doing right now and what that means for other data signals and cookie-like replacements:

Nano’s own survey found that 7 out of 10 UK consumers – and even more, around 76% in Germany – were effectively already pre-empting cookie shutdown, using their own methods to limit or even mask people-based tracking completely.

If we simply replicate the cookie with a workaround, we will more than likely see the same result again. In the face of signal loss, there is a real opportunity for a complete change – and with actual public buy in, arguably make advertising work better in the process.

We still await the exact switch off date for the other 99% of signals. But on the bright side this year, we should find plenty more innovation around both ID-free targeting and measurement outside of the walled gardens. And all without the use of cookies or people-based IDs – but live intent signals, attention and context instead lighting the way to the future.[VO1]