What are first party and third party cookies?

First party vs third party cookie

If you want to surf in incognito mode with the Chrome browser, you will probably already be familiar with this notification. One click on the small button and so-called “third-party cookies” are blocked to protect your privacy. This is also offered by other browsers such as Mozilla Firefox – even outside of the incognito mode.

Chrome incognito mode screenshot block 3rd party cookies

But what are third party cookies? What are first party cookies? What are the differences and why are data protectionists anything but in a celebratory mood when it comes to third party cookies?

We explain it to you!

We must point out that the following statements do not constitute legal advice. Therefore, we can only give you evaluations from our intensive experience with the EU legal regulations in practice and a technical assessment of the situation.

Cookies are plentiful on the internet. Different types of web cookies fulfil different functions. Hardly any user can see through the jumble of cookies – let alone know which ones are set in the background. But one thing is clear: no Internet user wants personal data to be passed on without being asked.

Only HTTP cookies are divided into first-party cookies and third-party cookies, whereby cookie-like information (e.g. local storage and session storage) also belongs to a domain.

What are First Party Cookies?

Let’s start with the more harmless type of web cookie: first party cookies. First party cookies – also called “1st party cookies” – are web cookies that are set when you browse a website. First party cookies can only be read by the website or third-party scripts (e.g. Google Analytics) on which they were set. However, since first party cookies can only be read by e.g. Google Analytics on the visited website, you as a website visitor cannot be tracked across several websites.

First-party cookies are very useful to make browsing more comfortable for internet surfers, as information is already stored automatically. For example, you would not have to re-enter your saved data each time you make a purchase, or the website remembers which language you prefer.

Examples for 1st Party Cookies

  • Technically necessary cookies: are required for the basic functionality of the website. They only contain technically necessary services. Example: Shopping cart of an online shop.
  • Functional cookies: are necessary to provide features beyond essential functionality such as prettier fonts, video playback or interactive Web 2.0 features.
  • Statistics cookies: are responsible for collecting information about user behaviour on the visited website.
  • Marketing cookies: are used, for example, to display personalized advertising to users and to remember their interests.

What data is stored by first party cookies?

First-party cookies store data such as the user’s individual website settings. This includes the language set and log-in data. They can also assign a unique identification number to you as a website visitor, so that you can be recognised when you visit the same website again later.

Advantages of First Party Cookies

First party cookies are enormously valuable for website operators because they can be used by analysis software that provides information about the user behaviour of website visitors. Based on these results, the customer journey can be traced, and user profiles can be created. Based on the collected data, measures can be derived that, among other things, are intended to make surfing on the website more pleasant.

One advantage for website visitors is that only the website operator, and no external sites, have access to the visitor’s unique identification number. In addition, settings, selections or specified data can be saved in your browser so that you do not have to enter them again and again.

Consequently, as a visitor to a website, you should not block first party cookies in order to enjoy a full and comfortable user experience. First party cookies are allowed by default in your browser and can be disabled manually.

What are Third Party Cookies?

Unlike 1st party cookies, third party cookies are made accessible by browsers across domains. Third party cookies are also called “tracking cookies” because they can track you as a website visitor across multiple websites. Third-party cookies also have the benefit of capturing the behaviour of the website visitor to be able to display targeted advertising, for example. If the user now visits another website that also displays advertising from this provider, the user will be recognized.

In this way, their behaviour, preferences and interests can be tracked over a longer period of time. Tracking information about user behaviour helps advertisers, among other things, to understand the individual customer journey on one or more websites (time spent on the website, click behaviour, etc.) and to display more accurate advertising. This is why third-party cookies are not very popular – at least among website visitors and data protectors because in online marketing, people love 3rd party cookies 😉

☝️ Note: 3rd party cookies are blocked by default by many browsers. In Mozilla Firefox, 3rd party cookies no longer have any chance since September 2019. And Apple Safari has also no longer accepted these cookies since March 2020.

Examples for 3rd party cookies

  • Statistics tools: For example, Google Analytics can aggregate your behaviour across multiple websites. For this purpose, you are assigned a unique identification number so that you can be recognized on several websites.
  • Advertising: Advertising networks such as Google Ads have an interest in displaying advertising that is as appropriate as possible to your interests and your current goal. For example, if you are actively searching for new slippers on the internet, you will certainly have experienced that you are displayed ads for slippers on different websites. This happens because of 3rd party cookies, your behaviour on several websites, including their content, is recorded in detail to understand exactly what you want to do on your computer or smartphone.
  • Disguised advertising networks: Advertising networks do not always act obviously as such. For example, the Facebook Like button that you find on some websites collects precise data about your behaviour on the internet. In this way, targeted advertising can later be played on Facebook on topics that you have previously searched for on the internet.

Do I need consent for web cookies?

For general information on when you as a website operator need consent at all, see our article What do I need consent for?

The myth that consent is required for all cookies is incorrect. Unlike third party cookies, not all first party cookies require prior active and informed consent from the user. For technically necessary cookies (essential cookies) you do not need consent. Without them, the elementary function of your website would not be given. Example: Shopping cart in an online shop.

Such consent must be given by a so-called opt-in procedure. Non-essential cookies may not be set before consent is given. It must also be possible to view, change and revoke consent at any time. The easiest way to implement the opt-in procedure is with the help of a cookie banner.

Legal compliance of first and third party cookies

Good news for data protectionists and concerned internet users, bad news for advertisers because soon there might be no more third-party cookies – but not too soon. Originally, the internet giant Google also planned to no longer allow third-party cookies in its Google Chrome browser by 2022. However, this will probably be delayed by a year. After all, Google’s business model is to play advertising on the internet with as much data as possible – and cookies are simply helpful 🙃

Find cookies and integrate them in compliance with the law with Real Cookie Banner

Tracking cookies on a website can be very tedious and difficult. Often, many cookies are not found and, as a result, correct consent is not obtained – which can sometimes be very costly. To avoid this work and especially costs, the Consent Management Plugin Real Cookie Banner offers you an already integrated scanner function and numerous cookie/service templates. Try Real Cookie Banner now!