Skip to main content
abstract art of balls bouncing off a hand

With online activity and total user screen time skyrocketing in 2020, you’ve likely noticed banners and pop-up messages appear when you land on the homepage of your favorite sites. If you clicked to make the message disappear before reading, we don’t blame you.

More often than not, we know what we want to do when we reach a particular website, and reading the privacy policy or terms and conditions aren’t high on the list. While this roadblock might seem like an unnecessary distraction from valuable content, these inconspicuous notices about cookie practices represents a critical shift in how businesses are collecting, utilizing, and sharing user data.

cookies example

“We use cookies to personalize content and ads, to provide social media features and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners. For more information on how we use cookies, please visit our Privacy Statement. By using our website, you acknowledge this notice of our cookie practices. To modify how we use your cookies, please visit our Cookie Settings page.”

Concerns about data privacy aren’t novel, but the manners in which websites and advertising platforms gather and monetize user data have been more closely scrutinized since Facebook CEO Mark Zuckerberg testified in front of Congress in 2018. While businesses and advertisers had a holistic understanding about data collection before this testimony, Zuckerberg’s widely-covered public hearing was the first time many users saw firsthand how comprehensive a picture their online behavior paints. As a result, there have been significant advances in data regulations designed to protect user data and emphasize the need for businesses to be transparent with what exactly they intend to do with the information they collect.

What is a Cookie, Anyway?

To understand the tug-of-war between businesses and users when it comes to collecting or protecting their data, it’s best to start with the means of acquisition – the cookie. Cookies are small pieces of data stored by your web browsers while you navigate across the internet. Aptly named, there are a number of different types of cookies, each of which vary in terms of the length of time the data is stored and the type of data that is collected. Whenever you see a URL pre-populate, your shipping address info autofill, or an advertisement appear for the product you were researching, you can thank cookies for the convenience.

Why Are Websites Asking Me About Cookies?

By and large, businesses don’t gather your data for nefarious reasons – rather, they gather your data to help provide a more enjoyable website experience for consumers. By aggregating information about who is browsing the site, how they are accessing pages (mobile vs desktop, Safari vs Chrome), and what types of products they are interested in, businesses could start to personalize ads and messaging tailored to their target audiences. In an ideal world, this meant that users would have an easier time finding the goods and services they were researching, and businesses would be more confident that their ad budget was being allocated to the right audiences with the right message.

Where this practice fell short, however, is respectful discretion for the user’s privacy. Just because a business doesn’t intend to misuse data doesn’t mean that users want to provide their internet-life story to any site they visit. Users never asked for extensively-personalized advertisements, and many felt invaded by the buying and selling of data across platforms for corporate gain. Over the past few years, lawmakers in both the European Union and United States have implemented policies such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) to restore the rights to personal data back to individuals, starting with required disclosures about data collection and easily accessible opt-outs for users who do not wish to share their personal data.

How Do Data Privacy Regulations Affect Advertisers and Businesses?

Obtaining consent to collect cookies might seem like a small ask for businesses; after all, most users will click to agree to terms and conditions without reading the fine print. However, the introduction of new data regulation policies isn’t slowing down anytime soon. Earlier this month, Google announced “Consent Mode” across its advertising platforms in Europe – which prompts users to accept the use of advertising cookies before any individual data is leveraged for reporting and optimization. This has serious implications for advertisers, as numerous features such as ad-level conversion tracking and remarketing will not be available for users who opt-out of the cookie policy.

workflow cookies consent

In addition to shrinking the audience pools for re-engagement, an increase in user opt-outs will likely affect automated bidding strategies on the Google network. Known as “Smart Bidding”, automated bid strategies use Google’s machine-learning to serve ads to the users most likely to fulfill the campaign goal. Whether set to maximize ad clicks, maximize on-site conversions, or target a specific return on ad spend, these bid strategies rely on data-driven insights to create the ideal user profile and shape behavior in the ad auction. It’s reasonable to believe that even with a moderate rate of users opting out, these automated bid strategies will likely take a step backwards in terms of efficiency and value for advertisers.

How Should Advertisers in the United States Prepare for Upcoming Data Privacy Regulations?

Paying attention to the increase in data privacy regulations in Europe is a great first step for domestic advertisers. Right now, only a portion of the policies enacted overseas have been put in place in the United States, and advertising platforms are still debating where data collection crosses the line and becomes privacy infringement. While there aren’t any immediate steps to take, advertisers can begin to plan for how they would adjust their ad targeting and ad reporting should user consent become more prevalent in the American market. Although a reduction in 3rd-party cookie tracking might limit the size of audiences built in to Google or Facebook’s platforms, 1st-party data will become increasingly valuable to create seed audiences and lookalike groups of current customers. By leveraging customer lists and CRM data, businesses can provide these advertising platforms with a profile of current purchasers to help to fill in the gaps left by any opt-outs. The same would be true for conversion tracking – although ad-level conversion data might become more nebulous thanks to declined consent, strategic agency partners will still have a plethora of data to create directional insights to help optimize performance and succeed in an ever-changing advertising marketplace.

At the end of the day, the primary focus for advertisers should be providing an excellent user experience that recognizes and serves the user’s need. By striking a sweet spot between strategic marketing outputs that respect user privacy choices, businesses can improve their brand’s reputation without sacrificing the performance of their marketing efforts.