What is Necessary to Learn about SameSite Cookie Update
Chrome is going to launch the SameSite cookie update and Version 80 on February 4, 2020, for making user experience clear and unostentatious. The SameSite update is supposed to defend privacy by labeling 3rd-party cookies. Because 3rd-party cookies are going to stop being functional in the browser without labeling. This will significantly affect website owners’ ability to receive income.
Important details of the SameSite
The most important thing to know is that owners of websites will have to declare a state of cookie because of the SameSite update.
The SameSite attribute gives 3 ways to set up cookies. Due to this, the categories are:
- Strict (in case of using SameSite=Strict attribute, cookies will be just sent to a header in a 1st-party context. Sending them if the link is emerging from a 3rd-party context has to be done manually.)
- Lax (the cookie will be sent in the request header in 1st-party and 3rd-party context if SameSite=Lax attribute is used for a cookie.
- None (allows sending of cookies across 3rd-party contexts without restrictions. But after the update, these cookies will have to be labeled as ‘SameSite=None; Secure’).
But there is a logical question why actually the SameSite Update was made? With this question, there is clear mistrust among users because of looking after their online activity.
And this mistrust is growing with a lot of debate about how much 3rd-party cookies really break users’ privacy because it’s quite clear that 3rd-party cookies have worked as the basis for bringing ad income through behavioral targeting for a long time.
Monitoring and decreasing CSRF activities are supposed to be another important reason for rolling up SameSite Update.
Our recommendations for Publishers
For sure, publishers should set up their systems to adapt to the SameSite attribute.
It’s good that 3rd-party cookies are not blocked by default but they just need to be labeled as ‘SameSite= None; Secure’. So they can be used to only secure connections.
It’s possible to test the impact of the latest update on the publisher’s websites:
Type ‘chrome://flags’ – Enable #same-site-by-default-cookies and check how the website is working – Put the changes required before the update.
There are some useful tips what publishers should do before the update will start to work:
- If a publisher monetizes with 3rd-party partners, they must update cookies to prevent income decline.
- Publishers must move website to HTTPs pages.
It’s visible that Google has to provide similar measures as competitors which are prioritizing users’ privacy and do a lot of updates.
But these kinds of updates providing protection of users from 3rd-party cookies seem to be the way to finishing cookie-based tracking.
So if there will be a cookie-free environment it must be an overhaul of income strategies within the ad tech industry. It’s well known, that Google earns a lot of money through ads, which may affect their profit and development in a negative way.