Party First, Ask Questions Later: Interrogating The Privacy Implications Of First-Party Data Collection
In January 2020, Google announced plans to discontinue support for the third-party cookie on their popular Chrome browser within the next two years.1 The third-party cookie is a widely-relied-upon tool that enables marketers to gather information about consumer behavior across the Internet. Google gave privacy justifications for this move, claiming that it wanted to “make the web more private and secure.”2 Given the amount of tracking that third-party cookies enable, such justifications are not entirely off-base. Nevertheless, Google’s announcement created great concern among marketers, who worried about how they would advertise in a post-cookie world. The announcement also garnered justified antitrust scrutiny from academics and some European regulators because of Google’s ability to simultaneously set the rules to and play the AdTech game. But the potential privacy problems this move would create have yet to be as thoroughly examined.
By cutting off access to one of marketers’ key sources of consumer information, Google has inspired an industry-wide shift in data collection practices. Marketers are reorienting their data-driven marketing from relying heavily on purchased third-party data to aggregating as much first-party data, data collected directly from users, as possible. Marketers gather this information by asking consumers to provide personal information or by observing consumer behavior via the company’s digital properties. Data gathered through first-party relationships are often described as more pro-privacy and as a way to gain consumers’ trust. From a business standpoint, marketers believe that “owning” more of their data, rather than continuing to rent or buy most of it from data brokers, will give them more control over their marketing and a better understanding of their customers in a post-cookie world.
J.D., Georgetown University Law Center 2023.