Third-party cookies are a popular way for advertisers to track users across the internet. As part of its initiative to make Chrome more privacy focused, the company is planning to end support for third-party cookies within the next two years. Justin Schuh, Director of Chrome Engineering, elaborated more in a recent blog post:
"After initial dialogue with the web community, we are confident that with continued iteration and feedback, privacy-preserving and open-standard mechanisms like the Privacy Sandbox can sustain a healthy, ad-supported web in a way that will render third-party cookies obsolete. Once these approaches have addressed the needs of users, publishers, and advertisers, and we have developed the tools to mitigate workarounds, we plan to phase out support for third-party cookies in Chrome. Our intention is to do this within two years. But we cannot get there alone, and that’s why we need the ecosystem to engage on these proposals. We plan to start the first origin trials by the end of this year, starting with conversion measurement and following with personalization."
The Privacy Sandbox that Schuh is referring to set of open standards it was developing with the aim of protecting user privacy while not interfering with the advertising business. This is obviously important since Google's core business is selling advertisements. Privacy Sandbox looks to limit fingerprinting by allowing personalized ads without the user divulging personally identifying information (PII).
Many browsers, including Firefox and Brave, outright block third party cookies. However, Google argues that this hurts the users in the long run and actually encourages workarounds such as web fingerprinting. Because users cannot delete or clear their digital fingerprint, they cannot control how their information is being used and subverts the will of the user.
Google also bluntly points out that blocking cookies without an alternative way serving relevant ads harms publishers' ability to make money. This is the part that affects Google directly so it would make sense that the company not harm its primary revenue stream.
Some of the measures Google is implementing in its own Chrome browser include limiting insecure cross-site tracking by ensuring third-party cookies are only accessed over HTTPS. They're also developing new techniques to detect covert tracking and other anti-fingerprinting measures to discourage their use.
To be fair, Google doesn't want to do this alone and is open to other solutions that don't impede on a user's privacy. The company been trying to work with standards organizations such as the World Wide Web Consortium (W3C). Schuh suggests giving feedback via the web standards community proposals on GitHub or through the W3C itself.