Cookieless tracking: privacy-compliant online marketing

The legal regulations on the web around the topic of data protection and the associated handling as well as the use of cookies on the part of advertisers can be confusing. We explain the legal framework and explain the different types of cookies, their tracking advantages and which types of tracking are still possible in the age of blocked cookies!

Why is cookieless tracking becoming more relevant?

The General Data Protection Regulation (GDPR) has been in force since May 2018. Because the GDPR does not clearly regulate the use of cookies and the issue of user tracking, it has been supplemented by the Telecommunications Telemedia Data Protection Act (TTDSG) since December 1, 2021. Until then, rulings by the Federal Court of Justice had specified the handling of data collection by cookies. The law states that explicit and informative consent, e.g. in the form of cookie banners of a cookie consent management tool, is mandatory for the setting of cookies or similar mechanisms. The only exceptions are cookies that are technically absolutely necessary and those that are used to transmit messages via a public telecommunications network.

Cookies are a practical tool for analyzing the performance of advertising measures and websites. Due to the obligation to obtain consent, the collection of sufficiently valid data has become a major challenge. According to various evaluations of cookie consent management platforms, an average of 40-50% of website users reject the use of cookies, which means that a large proportion of sessions and thus user behavior on the site can no longer be measured. Some sources even say that only 14% consent can be achieved with legally compliant cookie consent queries.

And that's not all: some browsers block cookies automatically. For example, the Google Chrome browser is the only one that still allows 3rd party cookies, and even 1st party cookies are deleted by the Apple Safari browser after 1-7 days and by the Mozilla Firefox browser after just one day (always up-to-date information on the subject of "cookie status" here: https://www.cookiestatus.com/).

What is cookieless tracking and what is possible with it?

So what can be done at a time when it has become difficult for marketers to obtain relevant cookie-based information? With regard to the playout of advertising, a form of targeting that is not new is gaining in importance again: semantic targeting or contextual advertising. It enables advertising to be played out to specific target groups without the use of cookies. To do this, website operators use keywords to indicate which subject areas their pages contain. Based on these keywords, advertisers can then place ads that are relevant to the topic.

Google & Co. will not give in so quickly and are working on solutions as alternatives to cookies. In this context, Google introduced the "Topics" and "FLEDGE" concepts. The aim is to continue to play out target group-specific advertising. To this end, the user's interests are stored in the browser and he or she is added to interest groups. Advertising from the website visited and its advertising partners is then played to these groups.

All is not lost for web analytics and conversion tracking either. There are some technical alternatives that allow the collection of relevant data for performance optimization. It must first be noted that cookieless tracking does not necessarily mean tracking without consent! According to the GDPR, cookieless tracking methods that enable the recognition of a user also require the user's explicit consent. Likewise, in the case of cookieless tracking, no data may be transferred to unsafe third countries such as the USA without the consent of the user. This applies in particular to the use of the web analysis tool Google Analytics. In the following, we will now present a few options for cookieless tracking that allow users to be recognized on their own website over a longer period of time.

Woman gives lecture
Woman working in front of screen
Laptop with coffee

What are cookies, what is cookie-based tracking and what does it enable?

Get our expertise in your inbox!

Subscribe here

Cookies are text files that are stored in the user's browser when a website is called up and can be called up again by the web server at a later time. In the world of cookies, a distinction must be made in particular between 1st and 3rd party cookies.

1st party cookie
This type of cookie makes it possible to recognize users on your own website. This is used, for example, to save items in shopping baskets in online stores, but also to track user behavior on a website as well as customer journeys up to conversion, including the touchpoints and marketing channels involved.

3rd party cookie
These cookies are usually advertising cookies that do not originate from a website operator itself, but from a third party, as the name suggests. These in turn provide third parties with data about the behavior of users on certain websites for the purpose of playing out advertising by creating movement profiles.

With regard to 1st party cookies, it is therefore no longer possible to recognize users over a longer period of time in website sessions where cookies are no longer set. As a result, some analyses are no longer possible and the following data, among others, is lost:

  • new and returning as well as unique visitors
  • Customer Journeys & Multi-Touch Attribution
  • Days since last visit
  • Visits & time to conversion

Cookieless tracking capabilities

Learn more about Data Driven Marketing now

Find out more
Fingerprint icon

Fingerprinting

Fingerprinting uses an algorithm to convert characteristics and settings from the user's terminal device into an ID that can be used to recognize the user.

Check icon

ETags

This variant uses the browser's cache. When a page is called up, an ID, the ETag, is stored in the cache for recognition until the cache is deleted.

Security icon

Authentication Cache

This method works similarly to the ETag, but here fictitious access data are automatically generated and stored in the cache.

Tracking without user identification and "hybrid" solutions

And last, but not least, there is of course the option of to collect relevant marketing and website usage datawithout identifying and "tracking" the user. This data can be collected on the basis of legitimate interest without the user's consent. This works via the browser: Information that is transmitted through the browser is compiled into an identifier (the so-called "hash method"). This information is constant during a visit. In this way, interactions with the same identifier can be assigned to a visit and users can be distinguished. No data is stored on the end devices. However, in order to meet the legitimate interest within the meaning of the GDPR and to prevent recognition over a longer period of time, the IP address of the users must also be anonymized. This is possible, for example, by adding a random value that changes daily. This method can also be used to collect the following information, among others

  • Recording of referrer and campaign parameters
  • Page views and allocation to areas based on the URL structure
  • Audio and video as well as external, mail and telephone link calls, downloads and individual click events
  • Devices used and browsers used including language settings

Some providers also offer so-called "hybrid" solutions. In this case, the consent query determines whether cookies may be set. If the user consents, the corresponding information is then collected via the use of cookies. If the user refuses, the cookieless tracking variant takes effect, which only collects data within the scope of legitimate interest.

Our conclusion

In the future, it will not become any easier to play out targeted advertising and measure the performance of websites and communication measures. But it is not impossible, and marketers should consider the alternatives in good time.

Our experts will be happy to support you on this topic as well as with further questions on the topics of performance marketing and marketing analytics!

Learn more about customer centricity now

Find out more
Woman works
Sonja Rösler, Projects

Interested?

I look forward to your questions and exciting conversations.

Send an e-mail