I thought the whole purpose of using third party JavaScript and third party cookies in advertising is that the advertisers don't trust the host backends. What's to stop a site operator from "boosting" the stats in order to make more money?
Useful for people using Facebook pixel, Google Ads pixel. They have no incentive to lie (they aren't making money out Facebook or Google), it's just about making sure their users are being tracked after clicking an ad on Instagram, etc.
So you just do a get adprovider.foo/track/<id> from the browser with no cookies and batch send from your backend -- they then just make sure the data you send them roughly matches?
For most big sites this isn't a problem as you're not going to be gaming the stats (presumably the legal costs outweigh the benefit) -- for the scammy small sites faking ad rev.. Well, if this kills them then good riddance ?
Can't the big sites negotiate directly with advertisers? I thought I read somewhere that the New York Times does this. In that case, why bother with the bloat of ad networks and their monstrous JavaScripts and other garbage?
If it's (as you say) good riddance to the small, scammy sites then I think it's the medium-sized sites which will really have a problem. Not big enough to negotiate directly, not small enough to disappear overnight.
Except a few very rare cases, ad networks can statistically deliver a far more effective ad than a manually curated ad.
The network also has the infrastructure in place to track the user all the way from the ad click to completing a purchase, potentially across many devices or even in a physical store. They use those numbers to demonstrate their value with hard figures rather than marketing fluff.
And how do they do that? The "advantage" of third-party tracking is that a cookie set by the analytics service on site A gets sent back when the user goes to site B and C and D (etc).
Without that, they have to somehow figure out that user 34 on site A is the same as user 95 on site B. That's often possible, but much less reliable.
I assumed the grandparent meant how do "you" track across your own properties..
For the likes of google and co, I wouldn't be surprised if we start seeing more ad companies requiring you to send some other PII via the api so they can turn a random tracking ID into an email address or whatever though.
The same user on a.com and b.com get different ID's, but a.com and b.com both send data to tracker.com which maps that ID to an email address and then tracker.com can easily combine 'em. Not sure it's legal to do so, when I was working in this space we were quite forbidden from mixing up tracking information from various properties
No, I meant across different properties of different publishers. I assume that's still only possible with browser fingerprinting, IPs etc.
So blocking third-party cookies is a good start to avoid tracking across different publishers (which is the big no-no for me, the fact that a single publisher knows what i read of his is not such a big issue and not that different to what has always been done by just crawling the ht_access logs...)
It does prevent them from reading too: "Domains classified as trackers are not able to access or set cookies, local storage, and other site data when loaded in a third-party context." (emphasis mine)
Routing tracking traffic through a subdomain that proxies through to the third party is already a thing. And my adblocker, at least, already blocks that too.
It's not death anyway; it's just that blockers will have to adjust to blocking bits of third party content.
