As early as 2019, Firefox implemented extended cookie protection in which cookies from providers known to be particularly persistent and annoying trackers were blocked. With the latest version, to protect the privacy of Firefox users, storage locations for cookies that are integrated in the browser are blocked for third parties and treated in isolation.

The new Total Cookie Protection aims to further improve user privacy by significantly limiting third-party cookies’ access to information about the websites visited through decentralization.

What are third party cookies?

In order to shed some light on this, we take a practical approach to help. Let’s assume you visit example page-1 on which a Facebook pixel, a Like button or a Share button is implemented. As soon as example page 1 has been loaded completely, including such a Facebook element, Facebook stores a cookie with a unique ID in your browser’s memory. Based on this ID, you can now be clearly recognized later as a user.

In the next step we close the first example page and now open example page-2. This also contains one of the aforementioned Facebook elements. And again, a cookie from Facebook is stored in your browser. This cookie from example page 2 automatically recognizes the cookie already set by example page 1 and can recognize you using the ID that has already been uniquely assigned. In this application, Facebook is the third-party provider that sets cookies here. And although you may be one of the few who have never used Facebook, this company can track you on the Internet and thus create a user profile over time based on the visited websites that have a Facebook element such as Share Button / Like Button which is becoming more and more accurate. And now you can find the Like Buttons / Share Buttons on pretty much every website you can find on the Internet.

So Facebook is the third-party provider in this use case. But it’s just one of the many third-party providers out there.

To get to the privacy settings in Firefox, where you can activate Total Cookie Protection, among other things, go to Settings in the top right corner of the browser and then to Privacy & Security

see fig. (click to enlarge)

Incidentally, the cookies that have already been set can also be viewed under this settings menu and deleted or managed separately. You may be wondering which sites have set cookies in your browser. Because the cookie notices are all too often simply clicked away without hesitation instead of using the settings menu. But ultimately cookies are not fundamentally something negative, but also have advantages for users.

The days when third-party cookies still have a future in order to be able to use retargeting on the Internet in a targeted manner seem to be history soon. In the short term, users will probably see less, but less personalized advertising. Difficult times are ahead for companies and website operators, because companies naturally only want to invest in advertising where an ROI (return on investment) can also be expected. However, this is becoming increasingly unlikely with advertisements that are distributed with a watering can rather than in a targeted manner.

You will have to try to find ways within the framework of the GDPR that will somehow continue to make it possible to maintain and increase sales through targeted advertising. With the option to classify users into groups, Google has also considered ways in which (at least to a certain extent) users can be targeted with advertisements. Because here there is no personal assignment and tracking. That would be one way of being able to act within the limits of the GDPR.

For website operators who run smaller but still very good blogs, the situation should also be difficult, because if the advertising revenue collapses too much, the motivation to invest energy and time in good articles that we all read every day could also drop here. It could lead to the fact that some blogs no longer operate because the advertising revenue is not even enough to cover the costs of running the website.

All in all, website operators, advertisers, browser manufacturers and also the legislature must find a middle ground in order not to end up doing more harm than good for the sake of data protection.