Grab a coffee. Here’s why cookies are still on the menu for Google 

Earlier this year we wrote about Google’s decision to back-track on plans to block third-party cookies by default to protect user privacy in Chrome. Now, it seems, Google have back-tracked even further, says senior software engineer Phil Smart. 

Google’s original plan to block the cookies by late 2025 would have brought Chrome in line with most leading web browsers. The pressure to do so arises from concerns over user privacy; third-party cookies can be problematic because they are often used to track searches and gather users’ personal data. It can then be sold to anyone (even criminals) without the data owner’s knowledge or consent. 

Keeping watch over the sandbox 

At OpenAthens we don’t use third-party cookies. Even so, we’ve been watching developments closely. That’s because we use first-party cookies for legitimate reasons – to enable single sign-on and personalization, and so improve user experience. For example, cookies allow our systems to remember anonymous users’ topics of interest and so make their discovery journeys easy. We don’t gather personal data but we must be ready for any changes that could affect our services. 

Google has found it hard to block third-party cookies because of its advertising revenue-focused business model. But it has been trying. Its Privacy Sandbox is dedicated to creating technologies that hit the sweet spot – protecting users’ privacy while allowing developers to build tools that help businesses thrive online. 

In the sandbox the company has worked on private advertising APIs to enable advertisers’ use cases without cross-site tracking. And it has looked at other options, including the federated credential management API (FedCM) to authenticate users without third-party cookies. So far, regulators including the UK’s Information Commissioner’s Office (ICO) have seen these as anti-competitive, and alternatives like a ‘universal prompt’ to opt in to cookies also haven’t found favor. 

Ongoing development 

For now, there’s no change. Google is not blocking third-party cookies by default, and there is no universal prompt to suggest they might want to. Instead, users can turn third-party cookies off in settings. 

Meanwhile Google’s tech experts are still hard at it in the Privacy Sandbox. Work continues on IP protection and FedCM, and some think FedCM may be one to keep an eye on, though mostly in the consumer space. It’s still too soon to say. 

Looking ahead, we think browsers will become more involved in identity flows on the web. But for now, there is a strong collective will to avoid interfering with the positive applications for cookies. 

Whatever innovations Google introduces, they are probably some way off – depending, of course, on how things go in the sandbox.