Speaker 0: Hey, everyone. We’re gonna give about thirty seconds for everybody to get moved over to this wonderful session. Um, let us know in the session chat if you can hear us.

Speaker 1: Yes. Test tech one, check two. Mic check one two one two.

Speaker 0: Uh, well, I can hear Crystal, so let’s go ahead and get us started. Everybody, welcome to day three of MarDreamin. It’s been an awesome week so far with everybody and some wonderful sessions happening. My name is Amanda Rhodes. I’m here from Sercante, and I’ll be monitoring today’s session. But before we get started, I’ve and I, uh, pass it over to our wonderful speaker. Couple important reminders. Yes. These sessions are recorded and will be available on demand after MarDreamin is over. We’ll send out an email with that information for you guys. And if you, for some reason, don’t wanna hear Crystal talk about marketing cookies, which is an awesome topic, uh, you can change a different to join a different track on the bottom left where it says change track. If you have a question, please post it in the q and a tab. If we have time for questions at the end, we will be going through with some of them as possible. If we don’t have time for q and a, we will be reaching back out to you to answer your questions later. So without further ado, take it away, Crystal.

Speaker 1: Sounds good. Thanks, Amanda. Alright. Well, TGIF, everyone. Day three, we all made it. We are here, and thank you for joining me today. I hope you can see my screen here that says everything marketers need to know about web tracking cookies. Again, my name is Crystal Solomon, and I serve as a marketing automation strategist and in a hybrid role as a privacy and compliance champion here at Circontes. So with that role, I’m gonna talk to you about web tracking cookies today. Alright. Of course, before we get started, we have to get to this beloved slide about thanking all of our sponsors for sending in their beloved financial support so that we can continue to bring you this great content that we’ve been giving you over the past three to four days. Alright. So today’s agenda. We are going to establish some cookie terminology and talk about the different types of cookies. Right? We got to know what we’re talking about first before we get into what you need to know. Secondly, we’re gonna talk about what’s the pulse in the industry surrounding cookies. It’s a buzzword. Right? And that along with UTMs, uh, cookie terminology or cookie tracking is uh, certainly a pulse going on in the industry. So we’re gonna talk about what’s changing and why. And lastly, we’re gonna talk about what does this mean for you and what’s next really on the pipe as it relates to the cookie, uh, landscape here. Alright. So jumping right into establishing cookie terminology and types. So first off, what is a cookie? Right? No. It’s not a double stuffed Oreo that you see on the bottom right of your screen, but a cookie is gonna be a small text file that a website places on your device while you’re browsing. Alright? They’re gonna be processed and stored by your web browser. In and of themselves, cookies are harmless, but they serve crucial functions for websites, um, that can generally and easily be viewed and deleted. Um, if you were on Bill Feder’s, um, discussion or chat right before this, he showed you exactly where to navigate to find where those cookies are in your web browser. Right? When you hit that right click inspect and take a look at that page source code. So what are they used for? Right? Cookies are mainly used for three purposes, Session session management, personalization, and tracking. For session management, think of, like, your login, shopping carts, um, anything else a server should remember when you revisit to that website right on Amazon. You’re thinking about those scented candles, and you’re going, maybe. Let me sleep on it a day or two. Right? That’s gonna log a session cookie to your browser. Personalization, let’s talk about more of, like, your user preferences or themes, like your Chrome theme, um, and setting within your browser. And then tracking. Right? Recording and analyzing your actual behavior and interaction with the website. So those are the three main purposes for cookies. And extending a little bit further, we’re gonna kinda break each of those down. Um, when we talk about duration, purpose, and source being really kind of the high level terms of cookies. Right? So duration includes a subset of cookies called session and persistent cookies. Purpose cookies have about three or four or five different types of cookies as well. You have marketing, statistics, performance, functional, and strictly necessary cookies. And then lastly, you have those source cookies. Right? The real big buzzwords of them all. The first party and the third party cookies here. So I’m gonna break those down here shortly. So first off, duration. Right? This kinda ties to that session management we talked about. Right? This category encompasses all cookies that remain on your hard drive until you erase them, or maybe your browser does, depending on the cookie’s expiration date. Sometimes that’s one month. Right? Thirty days. Sometimes it’s six months or maybe up to a year. Right? But let’s talk about really, all persistent cookies have an expiration date written into their code, and their duration can vary. But according to ePrivacy, they should not last any longer than twelve months. Okay? So, uh, think about that when we talk about the duration. Right? It could be as little as thirty days. Um, it really shouldn’t exceed past that one year, uh, mark as well. So, again, those session cookies are gonna be deleted when that session ends, and persistent cookies, uh, remain longer after the session ends. So even if you close out your browser, it could stay on your device, um, for, like I said, up to one year. Alright. There we go. Skip the slide. Next up, we’ve got purpose or personalization. Right? These cookies will generally be first party in nature. Right? First party session cookies. And, um, they’ve got kinda two types of purpose cookies. You’ve got those preference and strictly necessary, and the preference cookies are also known as the functional cookies. Remember going to a browser or, uh, sorry, a website maybe, and as soon as you see the website, that cookie banner shows up, and it asks you if you want to accept or decline or have more options. I always love, uh, pressing or clicking on the more options button, first off, to see if a website is compliant and actually providing me with an option to opt out of tracking. Um, but when I look in there, you’re always gonna notice that there’s those functional or strictly necessary cookies that you really wanna keep turned on, and sometimes they don’t even allow you to, um, untoggle that option, um, because it really impacts the way a website, um, will function. And so that cookie will allow website to remember choices you’ve made in the past, maybe like your language or region or, uh, what your username and password is. I know I don’t know about you, but even sometimes these password managers don’t get it right right as far as what all the passwords and usernames that, um, I’ve got stored, um, for all of my visits. So having that website maybe, um, remembering it is probably my best bet. And so those types of cookies are gonna be, again, essential for your browser experience, um, and maybe even accessing some secure sites of of secure areas of the site. So while these cookies are not required to obtain consent, right, in order to opt in, right, do you accept to be, uh, to these cookies to be placed in your browser? Right? That’s not really a requirement. What they do and why they’re necessary, um, should still really be explained to the user, um, on the website, either in the cookie banner or in your privacy policy. Okay. Moving on to more purpose cookies. Right? We’ve got those statistics and mark main cookies that extend beyond, um, those previously mentioned cookies right of just how website performs. These statistics cookies are gonna be cookies that collect information about how you use the website, like which pages you visited or which links you’ve clicked on. Uh, actually, none of this information can be used to identify you as their sole purpose is to really improve website functionality. K. Again, going back to just taking in the information to really be able to see, um, from a user standpoint, is our website really functioning well the way we want it to be? So we’re gonna collect that data by placing a cookie on your browser. Um, then lastly, the marketing cookies. These cookies track your online activity to help advertisers deliver more relevant advertising or to really limit how many times you can see an ad. Now because these cookies can share information with other organizations or advertisers, they are and have been almost always a third party origin. So keep that in mind as we move forward in this discussion. So rounding out here with, uh, the types of cookies, we’ve got source as our final type. Right? More personalization and tracking type of cookie. And this is set by websites to really store your user preferences and track your behavior. And, generally, these cookies are of either first party or third party in nature going back to those marketing cookies, right, tracking that behavior. And, again, these are gonna be put on your device to store, uh, that relevant information. Right? So when we think about first party, though, we’re thinking about it in a way that is a one to one relationship with you and that browser and that device. Right? And that’s you going on that domain and you opting into that domain and, uh, saying, yes. I agree to be cookied and tracked. And that is a one to one relationship with myself in that one to that domain. Right? I’m on Amazon. I’m only giving Amazon my first party consent that I want Amazon to track me. Now when we talk about third party, we’re talking about a cookie that’s placed in your device not by the website you’re visiting, but by a third party, like an advertiser or maybe an analytics system, like marketing cloud account engagement. So these cookies generally follow you along, right, your browsing experience. So beyond the point of Amazon, you’ve you’ve you’re finished looking for those sticky candles on Amazon, and now you’re, you know, on some potential maybe Wall Street Journal website just checking out some financial data, but you’re like, why do I keep seeing these scented candles? Those third party cookies from Amazon kept following you along. Right? Think about that as that relationship between the first party, meaning just the one to one relationship between yourself and the actual, um, domain and third party. It’s gonna actually extend beyond that browsing experience. So now let’s talk about, you know, what’s the buzz in the industry? What’s changing and why? So first, before we talk about what is changing, let’s talk about, you know, why are these things changing? Well, based on what I’ve just actually described as far as the definition of these types of cookies, you can imagine that cookies can store a wealth of data, really enough to potentially identify users without their consent. Remember, some of those cookies don’t really require that opt in, uh, for being tracked, um, especially those third party cookies of nature. Right? Cookies are the primary tool that advertisers use to track online activity so that they can target users with highly specific ads. Um, given the amount of data that cookies can contain, they are considered personal data in certain circumstances and therefore can be subject to a lot of your major privacy laws like GDPR. Alright? So if you’re in that region or if you, uh, work for a company, I’m sure, uh, that’s EU um, directed from a territorial standpoint, you know that both EU GDPR and the ePrivacy Directive both regulate the use of cookies and list cookie identifiers as an example of personal information. Okay? So when people complain about the privacy risk presented by cookies, they’re generally speaking about third party, persistent, and marketing cookies. Right? Remember those cookies from our previous slides? These cookies can contain significant amount of information about someone’s online activity, preferences, geolocation. Right? That all gets stored in that cookie. So when we think about that, we go, well, who’s responsible for all this? Right? The chain of responsibility who can access this cookie information for a third party cookie can really get complicated. Right? Who’s gonna raise their hand and say, oh, yeah, that was us. Right? So this only heightens the potential for their abuse and who gets access to your personal data. So it’s likely because of this, the use of third party cookies has really been in decline since the passage of GDPR several years ago. So because of all this, right, what’s changing in the industry? Google Chrome, right, represents 60% of the market share. I’m sure you’re looking at me right now on a Chrome browser experience. Um, they’ve actually begun to limit insecure cross site tracking, meaning cookies that don’t include the same site label, SSL, as first party, but are labeled for third party use. They actually are requiring you to access that over HTTPS. Right? That s gives that extra SSL certificate, um, that says that you are a trusted, um, domain, um, that can be, um, presented from for a user. Right? As of February 2020, that began. This process began. And, really, if you’ve been following this, they really were setting it out, right, two years after that, and then they pushed it another year. And now it’s really pushing out another year from 2023. It used to be the end of next year, but it’s been extended another year by the 2024. Third party cookies are set, I’m gonna put that in quotes, right, to be made obsolete. That’s the new target at this point. After that point, B2B and B2C companies and individual website creators who collect and process website user data will no longer be able to do so via third party cookies. Yes. I know. Right? I’m just kidding. These entities will need to become cookie compliant under new privacy changes and collect, track, and process user information via first party cookies. Okay? So what does this mean for you? So if you’re a publisher or digital advertiser, any brand really should think about how you’re currently tracking online behavior today. Right? If you’re using marketing automation system, like marketing cloud account engagement, this should be a topic of discussion. Where are we at? Right? So in the absence of cookies, contextual advertising will become the new cookie for many advertisers and folks like yourself providing relevance to consumers who are increasingly concerned they’re being watched and listened to or followed by cookie based behavioral targeting. So when we talk about contextual advertising, what is that? Right? Think about placing an ad for QuickBooks on a finance blog site. Right? I’ve got an example down here below. Right? This is more relevant. I’m looking at a financial, um, blog piece, right, talking about the Dow. Gosh. You’ve been following the stock market like I have. We’re clutching our pearls and holding on for dear life. Right? But an ad for QuickBooks is more relevant than maybe that scented candle, right, that I mentioned earlier being placed on here. And, also, maybe if you’re looking on a a running shoe or running forum, right, you see an advertisement for running shoes. Right? That’s more relevant. It’s more contextual to what you’re experiencing. That’s really the move and and what you should be thinking about moving forward, um, and not just trying to get in anywhere that you can. Right? Throwing those darts out even if it’s not relevant to your brand and your industry. So contextual targeting is where the cookie conversation is headed, and trend reports have shown a 60% positive sentiment from consumers towards brands when ads that appear are more relevant. Right? This is only gonna help you out. Right? You’re gonna get better brand trust and loyalty for being more relevant in sending those advertisements or, um, emails or one to one engagement or personalizations for things that are more relevant to your audience anyways. So some additional steps to take to get to this point. Right? Set aside some time to audit your current website. Right? That would be Salesforce and your marketing automation systems to make sure you’re prepared for these changes. And one way to do that is to see if you’ve got first party tracking turned on. This is the most simplest and easiest thing you could do. Go to your Pardot settings and take a look at your account and see if this has been turned on. You wanna also make sure force HTTPS is also turned on and enabled in your marketing account settings. K? And lastly, I would say, um, consider investing in a cross device platform and give you a three sixty view of your customer. I know CDP is a big, uh, hotbed topic going on, but there are additional, um, cross device platforms that will really kinda help you understand the holistic, as they say, view of your customers so that you can be providing more contextual, um, marketing and advertisement to your audience. So you wanna also think about this as it relates to regulations. Right? Are we compliant from a cookie standpoint as it relates to GDPR and CCPA or CPRA? GDPR, right, is territorial based related to those doing business in the EU, European Union, And you wanna make sure you’re receiving your users consent before using any cookies. Right? Except those strictly necessary cookies that are required, as I mentioned earlier. You also wanna provide accurate and specific information about the data each cookie tracks and its purpose in plain language. Right? None of that legal jargon that anyone can understand, but you wanna have it in plain language before consent consent is received. So placing that on the cookie banner itself to say, hey. This is why what we’re gonna do if you opt in. Then you wanna document and store consent received from your users in your marketing automation, CRM systems, or tech stack, however you want to do that. Allow users to access your service even if they refuse, right, to opt in. I’m I’m guilty. I hit I hit decline on a lot of things, right, because I don’t wanna be trapped. But you still have to give people, um, the option to just go ahead and browse. You can’t penalize people, uh, for that, for not wanting to opt in. And you wanna make it easy for users to withdraw their consent as it was easy easy for them to give it. Alright? If you do all those things, you are could be compliant within GDPR. On the California side, right, the biggest thing you can do, um, although nothing, um, really, um, from a a regulation standpoint, again, really speaks to it like GDPR does, it still, uh, has some language in there about what you can do, and that is display a do not sell or share my personal information, uh, page on each web page where third party cookies are set. Wanna make sure people have the option if they are California resident that they can place a data subject request in to say, hey. Don’t sell my information if I ended up, um, opting in where there are third party cookies set on this website. Alright. So what’s next? Rounding it out. Okay? Google is working through their privacy sandbox initiative to develop advertising methods that protect users’ privacy, but enable some form of for focus targeting. Right? The big old brother sister Google is watching us still. Right? But here’s here’s kind of their next step. Um, they’re working on this project called Google Topics, which is an API based solution. It replaces the previously proposed solution of this, uh, federated learning of cohorts or flock as the latest interest based advertising privacy solution. Essentially, this is the next thing that they’re saying is gonna replace third party, uh, cookies. It’s this Google topics, which basically will allow advertisers to serve different topics from the same individual through the API, right, in attempt to protect an anonymity team. So anonymity. So from what I’ve kind of read about this, basically people, uh, websites will send data to the source, right, to this Google topics, or it will aggregate this information. And I’m sure it will be revenue based, right, where advertisers can then be able to browse different topics based on a set of profiles or or genres out there where they can then serve up advertisement to that particular persona or profile. That’s how, um, I gather it to be. But there are other industry wide efforts, um, going on such as a nonprofit consortium by AIB. They’re trying to develop a less invasive alternative to third party cookies, um, maybe similar to what, um, Trade Desk is doing with an open source ad ID framework. And there’s also a provider like TapIt and Switchboard who are also maybe even looking at a cookie list ID space. So some innovative, uh, things tinkering around in the space and in technology in addition to what, uh, the main player of Google is doing. So kind of talking about it from a regulation standpoint, um, while there’s not really been any further progress on the e privacy, uh, regulation side or or really on the, um, e privacy side, which the regulation is a replacement of a directive. Right? So a directive really isn’t a bull. It’s more like a suggestion. Um, so the regulation would kinda submit, um, the EU’s, um, information on that point. There’s really been not not been any progress for that regulation. Um, but other EU digital legislations are gaining ground, such as the DSA, Digital Service Act, which will seek to hold search engines, social media networks, or marketplaces accountable for policing content on their sites. So, um, as you’ve been hearing this entire Marjorie Mann, uh, conference that rules and regulating regulations and privacy space or consent space are still being set. Right? So the cookies themselves are continuously evolving, which means maintaining a current cookie cookie policy will be a continuous job. Right? That’s a good thing for us. Right? Keep us in our seats. Right? And pay through this inflationary and this uncertain time. Right? We want that. We want that continuous job. Um, so, um, but what we need to do though while we’re, um, here in our positions as marketers, we wanna make sure we’re properly informing our users about the cookies that are gonna be set on our site, um, and we receive their consent. Um, that will help, um, mitigate any, uh, again, those complaints or data subject requests. The last thing you wanna do is get a note from your attorney general, uh, or regulator that you’re in violation. Alright. So in conclusion, um, like I said in my, uh, chat yesterday, I’m not a lawyer. I’ll play with that, sir Conte. Even with that, this presentation is general and educational in nature, and it’s just, um, something that you should make sure you’re going back to your legal team to really make sure you understand the regulations related to your company, um, as it relates to, uh, what how you can, um, execute cookie compliance. Um, and so we definitely wanna make sure you are taking it back, um, this information as a source of information to your legal team or representative. So thank you very much. I appreciate your time and attendance. I haven’t even looked at the time to see how much time we have left, so I’m gonna actually, um, exit out of here and see about a stock share here and get back. What how am I doing? Oh, six

Speaker 0: Doing great. We’ve actually got six minutes left. So if you do have any questions for Crystal, please post them in the q and a tab of our chat, and we’ll be able to go through those in particular. But in the meantime, I had one good question for you, Crystal, as well. If somebody watching the session wants to learn more about the differences between cookies or anything else about cookies and the regulations in or around them for their country, do you have any resources that you would advise they look to first to get more information and kind of brush up on the topic?

Speaker 1: Absolutely. There are tons of information, uh, informational resources out there, Amanda. And yesterday, we talked about a deck in our if you go to the email compliance, um, session yesterday, there are links to some resources for all the regulations I mentioned. And, um, also, I would say iapp.org, I’ll type that in the chat here, Is, um, the industry leader on privacy. They’re a international association, I believe, of privacy professionals. So they have all types of webinars, prerecorded information, documentation. They actually release a lot of content, uh, cutting edge and and news breaking content on everything from cookies to the latest privacy changes, so I would definitely bookmark that link. And I also mentioned this data guidance as well. Um, I think it’s [suspicious link removed]. It might be .org. I’m gonna put that one on, but check the.com as well, um, to see if that one is the link. I I have it bookmarked over off top of my head. That one’s powered by OneTrust, and they have a repository of all the regulations in there as well. Great library of resources. And that’s another thing that you can kind of browse through some more legal jargon if your legal team is unaware as well. I would have them look at that repository. You can sign up. I think they have free trials and, um, paid versions where if you want to get into the weeds, you can. But those are the top two. And I would say I had this question asked yesterday, Amanda, about, like, a blog that had some conflicting information with GDPR, and I said, um, those two websites that I recommended are from industry, like, Stamped Professionals. These are, like, credible sites. Some of these blogs do have conflicting information, so I recommend making sure you actually go to the official GDPR website, the official CCPA website. Um, and you can recognize that because the the header banners will have the logo and the URLs will be, um, do will be shortened. So, um, yep. Thanks, Katie, for dropping that in. One trust is pretty awesome. So, um, those are my recommendations. Alright. Doing good. All on time. Yeah.

Speaker 0: I like to think that if there’s no questions in the q and a, it means we gave our information so clearly and and effectively that there’s no questions. But, um, one quick question I figured might be useful to talk about is this is Marjreaman or was formerly Parjreaman. Um, Pardot has recently been changing to first person cookies. Isn’t isn’t that correct?

Speaker 1: Yes. 100. Which is on that one slide I mentioned about auditing your marketing automation system, is go ahead and check your product settings and make sure that first party, uh, tracking is enabled. And you can still leave on the third party cookies until the official cutover is been deemed. And so, um, that is the first step becoming, uh, cooking compliant and also just getting your toes in the water. And I wouldn’t even say your entire feet and your legs and your body in the water because, um, at some point, we’ve gotta just go ahead and take the swim into this new, uh, water here, and that is gonna be the way that you kind of take the fur I’m not a swimmer, but I think that’s the first move that you do, uh, right there. But just go ahead and just turn it on that setting. It’s real easy. And then when you do that, there’s a tracking code generator that generates in your domain management that, um, relates to your website tracking code. Right? And so you’re gonna wanna make sure that that’s also replaced and updated on your website so that first that first party relationship is being established between your marketing automation system and your website. And, of course, there’s all other I’m not gonna go down the weeds about Google Tag Manager and some other ways to fire and and get that kicked off, but those that’s the most the simplest and basic way to get going.

Speaker 0: Awesome. Well, thank you so much, Crystal. This has been an amazing session talking about the second best type of cookies. The first type is, of course, chocolate chip, which I’m gonna go get here after this is done. Uh, we’ll go ahead and call the session for today. Thank you guys again for joining us for this wonderful session. Um, and then we also wanna, of course, shout out to our sponsors for their support. Um, without them, our dreaming wouldn’t happen, and we love having this happen every year and getting a chance to learn about more topics. So do check out. We do have some sponsor booths that you can learn more about all of those sponsors and all the cool things they do related to marketing. And then, of course, we do still have some great sessions left today that are coming up right after this one. Thank you guys again so much, and thank you, Crystal.

Speaker 1: Thanks, everyone. Bye.