Evolving privacy-first dynamics and a cookies refresher
Sreelesh Pillai
Co-founder ZEPIC
September 19, 2024
The best of the best businesses are finding it difficult to access, secure and use consumer data effectively.
Your team may be feeling the heat too with the increasing need of real-time, consent-ready customer data. Here are three businesses’ experiences we can take note from as we navigate the changing waters.
There wouldn't be a list of the most innovative technology companies without Apple and Microsoft in it. Unfortunately, these two companies will also occupy a list of companies who have been fined by privacy regulators for violations of data privacy laws or practices. France's privacy watchdog CNIL imposed fines of $8mn and $60mn respectively on Apple and Microsoft in early 2023, for allegedly breaching European privacy laws. What are they being accused of? Microsoft is being fined for not providing just as easy a way of rejecting cookies as they had for accepting cookies, while Apple is being accused of not getting consent from mobile users as it put identifiers into their mobile devices to allow for targeted advertising.
It is not just the big companies taken to task for privacy violations. Easylife Limited, a 50-member retail catalogue company based in the UK, was fined £250,000 by the Information Commissioner's Office (ICO) for breaching the GDPR and another £130,000 for over a million unsolicited direct marketing calls which is a breach of the Privacy and Electronic Communications Regulations (PECR).
As consumers, we can all appreciate and celebrate governments and technology players getting serious about privacy and data protection. The European Union kicked off with stricter web privacy standards with the Cookie Law that mandated websites to get visitor consent before any files were exchanged or tracking enabled. Apple in 2017 prevented cross-site tracking of users with its Intelligent Tracking prevention update and then in 2018 deprecated all third-party cookies in Safari, and so did Firefox in 2019. Google Chrome's been pushing out dates on deprecating third-party cookies since 2020 but looks like this will finally happen in Q3 of 2024. So 2025 would be the Internet's first full year of cross-site, cookie-less browsing.
A decade and more of web privacy developments
Before we discuss the big bang effects of Chrome shutting off third-party cookies, let’s do a quick refresher on first-party and third-party cookies. Here’s a good summary borrowed from Techtarget.
A first-party cookie, say from techtarget.com allows Techtarget to ensure your language preferences and site form fills are maintained every time you visit their website, while a third-party cookie, eg Facebook's share button on Techtarget's site, can track your browsing behaviour outside of Techtarget, and use that data to show you targeted ads on Facebook and other network sites.
While third-party cookies are being phased out, first-party cookies will remain a key tool for businesses to collect and use consumer data in a responsible, privacy-conscious manner. In fact, the GDPR allows for essential first-party cookies to be deployed without the need for user content. We must note though that first-party cookies are not being stored indefinitely by browsers. Which means the guest visitor who put in an item in the shopping cart may not find it there ten days later.
Here is a table showing how long by default these cookies are stored by the various browsers.
Many business leaders have come to respect the adage ‘data is the new oil’ but are yet to build capability within their teams to comply with evolving privacy and governance needs around customer data. The industry continues to evolve ever since Apple’s Intelligent Tracking Prevention update and the GDPR in 2018, and some might say, making business operations harder and riskier. It really is a case of the glass half full or half empty. Businesses and teams who keep abreast of the evolving needs of their customer’s privacy will find a new differentiator in the loyalty and trust bestowed on them by their customers.
As platform providers for Customer Data and Engagement, ZEPIC is embracing the privacy-first world that’s about to be hit by the Chrome cookie apocalypse. We are cooking up one of the easiest ways of collecting data across web properties and applications without any reliance on third-party cookies. If you are looking to improve your data collection, customer profiling, targeting and personalization, we’d love to chat. hello[at]zepic[dot]com.
The cookie apocalypse is really a Y2K moment for many of us! In our next post we dig into the immediate business effects of the third-party cookie phase-out.
Ofcourse we had to try Midjourney for "cookie apocalypse"
Desperate times call for desperate Google/Chat GPT searches, right? "Best Shopify apps for sales." "How to increase online sales fast." "AI tools for ecommerce growth."
Been there. Done that. Installed way too many apps. But here's what nobody tells you while you're doom-scrolling through Shopify app reviews at 2 AM—that magical online sales-boosting app you're searching for? It doesn't exist. Because if it did, Jeff Bezos would've bought (or built!) it yesterday, and we (fellow eCommerce store owners) would all be retired in Bali by now. Growing a Shopify store and increasing online sales isn’t easy—we get it. While everyone’s out chasing the next “revolutionary” tool/trend (looking at you, DeepSeek), the real revenue drivers are probably hiding in plain sight—right there inside your customer data. After working with Shopify stores like yours (shoutout to Cybele, who recovered almost 25% of their abandoned carts with WhatsApp automation), we’ve cracked the code on what actually moves the needle. Ready to stop app-hopping and start actually growing your sales by using what you already have? Here are four fixes that will get you there!
The Painful Truth: You're probably losing about 70% of your potential sales to cart abandonment. That's not just a statistic—it's real money walking out of your digital door. And looking for yet another Shopify app for abandoned cart recovery isn't going to fix it if you're not getting the fundamentals right.
The Quick Fix: Everyone knows you need multi-channel recovery that hits the sweet spot between "Hey, did you forget something?" and "PLEASE COME BACK!" But here's the reality—most recovery apps are a one-trick pony. They either do email OR WhatsApp, not both. And don't even get us started on personalizing offers based on cart value—that usually means toggling between three different dashboards while praying your apps talk to each other.
Enter ZEPIC: This is where we come in. With ZEPIC's automated Flows, you can: Launch WhatsApp recovery messages (with 95% open rates!) Set up perfectly timed email sequences (or vice versa) Create personalized recovery offers not just on cart value but based on your customer’s behavior/preferences Track and optimize everything from one dashboard
Fix #2: Reactivate past customers today
The Painful Truth: You're probably losing about 70% of your potential sales to cart abandonment. That's not just a statistic—it's real money walking out of your digital door. And looking for yet another Shopify app for abandoned cart recovery isn't going to fix it if you're not getting the fundamentals right.
The Quick Fix: Everyone knows you need multi-channel recovery that hits the sweet spot between "Hey, did you forget something?" and "PLEASE COME BACK!" But here's the reality—most recovery apps are a one-trick pony. They either do email OR WhatsApp, not both. And don't even get us started on personalizing offers based on cart value—that usually means toggling between three different dashboards while praying your apps talk to each other.
Enter ZEPIC: This is where we come in. With ZEPIC's automated Flows, you can: Launch WhatsApp recovery messages (with 95% open rates!) Set up perfectly timed email sequences (or vice versa) Create personalized recovery offers not just on cart value but based on your customer’s behavior/preferences Track and optimize everything from one dashboard
Offering light at the end of the tunnel is Google’s Privacy Sandbox which seeks to ‘create a thriving web ecosystem that is respectful of users and private by default’. Like the name suggests, your Chrome browser will take the role of a ‘privacy sandbox’ that holds all your data (visits, interests, actions etc) disclosing these to other websites and platforms only with your explicit permission. If not yet, we recommend testing your websites, audience relevance and advertising attribution with Chrome’s trial of the Privacy Sandbox.
Top 3 impacts of the third-party cookie phase-out
Who’s impacted
How
What next
Digital advertising and acquisition teams
Lack of cookie data results in drastic fall in website traffic and conversion rate
Review all cookie-based audience acquisition. Sign up for Chrome’s trial of the Privacy Sandbox
Digital Customer Experience
Customers are not served relevant, personalised experiences: on the web, over social channels and communication media
Multiply efforts to collect first-party customer data. Implement a Customer Data Platform
Security, Privacy and Compliance teams
Increased scrutiny from regulators and questions from customers about data storage and usage
Review current cookie and communication consent management, ensure to align with latest privacy regulations