What Are Third-Party Cookies

A third-party cookie is a cookie set by a domain different from the site (first party) the user is visiting.

For example, while browsing news site A, an ad banner from ad network B embedded on the page sets a cookie under ad network B's domain. This is a third-party cookie. When the user visits another site C that also displays ads from ad network B, the earlier cookie is read, recording the browsing history that "the user visited both site A and site C."

Through this mechanism, ad networks gain detailed insight into users' cross-site browsing behavior, enabling them to deliver targeted advertising based on interests.

Major Browser Responses

Introduced ITP (Intelligent Tracking Prevention) in 2017, completely blocking third-party cookies by default. The earliest browser to take action.

Blocks third-party cookies from known trackers by default through ETP (Enhanced Tracking Protection). Total Cookie Protection isolates cookies on a per-site basis.

With approximately 65% global market share, Chrome is gradually phasing out third-party cookies. Developing Privacy Sandbox as an alternative technology.

Blocks all third-party cookies and trackers by default. The strictest privacy settings.

Alternative Technologies After Third-Party Cookie Deprecation

With the deprecation of third-party cookies, the advertising industry is exploring alternative targeting methods.

Topics API (Privacy Sandbox): Proposed by Google. The browser infers topics (interest categories) from the user's browsing history and provides them to advertisers. Individual site browsing history is not shared.
First-party data: Leverages user data collected directly on the company's own site (membership information, purchase history, etc.). Not affected by cookie regulations since it does not rely on third parties.
Contextual advertising: Delivers ads based on the content of the page being viewed rather than user behavior history. Has the least privacy impact.
Server-side tracking: Processes tracking pixel requests on the server side, bypassing browser cookie restrictions. Privacy concerns remain.

Countermeasures for Users

The following measures are effective for preventing tracking via third-party cookies:

Block in browser settings: In Chrome, go to "Settings" → "Privacy and Security" → "Third-party cookies" to enable blocking. Safari and Firefox block them by default.
Install an ad blocker: Extensions like uBlock Origin block requests to ad network domains entirely, preventing tracking methods beyond just cookies.
Regular cookie deletion: Periodically delete cookies in your browser settings, or set up automatic deletion using extensions like Cookie AutoDelete.

However, even blocking third-party cookies does not prevent tracking methods that do not rely on cookies, such as browser fingerprinting and tracking pixels. Combining multiple countermeasures is important.

To learn more about this topic, see Cookies and Tracking: How Your Online Behavior Is Being Monitored.

Common Misconceptions

Once third-party cookies are deprecated, online tracking will disappear: Third-party cookies are just one tracking method. Cookie-independent tracking technologies such as browser fingerprinting, tracking pixels, and server-side tracking will continue to be used.
Blocking third-party cookies will break websites: Most third-party cookies are used for advertising and tracking purposes. Blocking them will not affect the majority of websites. In rare cases where login integration or embedded content is affected, individual exception settings can be configured.

Difference Between First-Party and Third-Party Cookies

First-Party Cookie

Set by the site you are visiting. Used for basic functions like login persistence and settings storage. Cannot be used for cross-site tracking. Less likely to be blocked by browsers.

Third-Party Cookie

Set by a domain different from the site you are visiting. Used for ad targeting and cross-site tracking. Being phased out by major browsers.

Third-Party Cookie