Read the Gartner® Market Guide for Consent and Preference Management
Access now
Skip to content

Marketeers' guide to overcoming tracking prevention challenges

Posted: November 3, 2022

How to overcome the challenge of online tracking prevention

The digital landscape is changing faster than many marketeers can keep up with. The consumer data that has been relied on to identify and profile target buyers is increasingly protected by privacy laws. Added to the regulatory landscape, internet companies are changing the way data in general and cookies in particular, can be used.  

As third party cookies will eventually cease to exist, along with other tracking mechanisms, marketers need to identify other routes to understand buyers’ behaviors. 

IOS 15 changes

Apple’s recent introduction of iOS 15 has some new features that will present a challenge for marketers. Apple was the first of the big players to introduce privacy measures with Intelligent Tracking Prevention (ITP) in 2017.  ITP blocks third party cookies in Safari and even first party cookies have a limited life of 7 days.  

 With the launch of IOS 15 comes new features such as Hide My Email and iCloud+ Private Relay. The latter will prevent the identification of IP addresses, so anyone browsing a website using Safari will be anonymous. And as the name suggests, Hide My Email enables Apple device users to keep their email address private by creating a unique random address that forwards to the regular inbox, but can be deleted at any time. Users can also choose to hide their email address from specific websites.  

These new introductions will hinder marketers from identifying potential customers and tracking them as they browse. So for example, registering for a company’s newsletter will no longer be used as a lead source for further mailings.  

Apple is leading the way with anonymizing browsing behavior and Google will follow. All of these developments are changing the way marketers use browsing data for tracking and analyzing buying intentions.  

Tracking prevention aims to ensure that users only have long-term persistent cookies and website data from the sites with which they regularly interact. Tracking data is removed proactively as users browse the web. All browsers will eventually have tracking prevention, so this spells the end for third party cookies.  

How does it work?

Any websites that load scripts or images across domains are classified according to a machine-learning algorithm, and cookies that those sites deposit are essentially sectioned off — preventing them from tracking the user 1 – 7 days after they first interacted with the site. The time range here is significant: 

Only third-party cookies with cross site tracking capabilities, which are loaded via another domain, are purged after one day. However, if the user interacts with a domain directly, often referred to as a first-party domain, Intelligent Tracking Prevention considers it a signal that the user is interested in the website and will allow the cookies to be loaded in a first party context for 7 days, after which they too will be purged if there is a lack of activity.  This presents a challenge for marketers.  

So what can you do?

Server-side tagging, such as Google Tag Manager Server Side can be useful for marketing departments. This allows for the hosting of a server side GTM container. In this container, GTM gets data from the client-side tracking codes, processes it, manipulates it and then sends it to any third party vendors that have signed up for this. 

One of the benefits of this is that as the cookie is stored server-side, it avoids ITP’s 1-7 day limit before the cookie is erased.  

However, for the server container to work as a replacement for a browser or app-based tracking, the vendors to whom you want to send data need to be able to collect the HTTP requests sent by the server container. Most of the Google tags are ready to be switched to the server-side tags, but other vendors’ tags are not. For example, HotJar’s services are so tightly coupled with client-side interactions, so you probably will have to download their JavaScript in order to use tags.  

This solution only works with Google cookies and most organizations tend to use a combination of tracking tools. It’s also important to point out that where opt-ins are required – for GDPR compliance for example, consents will need to be obtained.  

Cassie’s Identity Service

Cassie’s Identity Service module has a persistence feature that regenerates the cookies and critically, the identifiers by storing their users’ cookie consents, or indeed the actual cookie scripts themselves, in Cassie’s centralized platform. Regardless of whether these cookies have been categorized as first or third party, Cassie’s identity service will assign each anonymous visitor to your site a unique identifier and create a record of the consent provided for each cookie loaded to that user’s browser. Should that particular individual visit the site again at a later date, Cassie will recognize the visitor based on their unique identifier and regenerate the purged cookies. 

This innovative solution simply delivers the consent that the visitor originally made.  It is compliant and ethical and resolves the inaccurate attribution data caused by ITP.  The solution has a low-tech stack, allowing you to use your existing solutions, so is quick and easy to deploy.   

See how we can help.

If you’d like to see how ITP will impact your organization you can use our ITP Calculator by clicking here