Erik Geurts is one of the co-founders at Aqua Platform, a company specializing in technology and services for the online advertising industry. He plays a key role in the Revive Adserver project since September 2013, and before he was a prominent member of the OpenX Source community from 2003 to 2013.

What Are Third Party Cookies?

by | Mar 11, 2024 | Featured, Frequently asked questions


Much has been said already about the efforts by Google (and other manufacturers and software companies) to get rid of third-party cookies.

However, not everyone actually knows what cookies are, and why there’s so much emphasis on their presumed “negative” effects.

In a future article, we will describe in more detail how the Revive Adserver software uses cookies. We’ll also explain what the technical consequences are for users of Revive Adserver when third-party cookies get blocked.

But in this article we will start by explaining what cookies are, and what the difference is between a first-party cookie and a third-party cookie.

What is a cookie?

Cookies are small pieces of data stored on a user’s device by websites. They help websites remember information about a user’s visit, such as their preference for light or dark mode, or their location to be used for the weather forecast.

A cookie is not a program, it doesn’t do anything by itself. It is just a bit of data, and it just sits on your device, waiting to be read in the future.

Frequently, cookies also have an expiration date, meaning that after the expiration date they will automatically be removed.

Some cookies are even “session based”, meaning that as soon as you close your web browser or shut down your computer, they automatically disappear.

What is a first-party cookie?

Imagine placing an order at your favorite coffee place. After completing your order, the barista hands you a button to be worn on your clothing. It mentions your favorite coffee flavor, to save you the trouble of mentioning it again next time you go for coffee. Next time you come in, the barista can just take a quick look at the button, so they already know what your preferences are, and prepare your favorite coffee before you even get to a seat.

For this imaginary button, it is important to mention that only the barista in that one coffee place can see and read the button. In any other store or shop, it is simply invisible, for all intents and purposes it does not exist.

That’s similar to a first-party cookie. It’s a piece of information stored on your own device by a website you’re visiting. This cookie helps the website remember things like your preferred language settings, dark of light mode, and so on. It’s specific to that website and doesn’t share information with anyone else. It is stored on your own device, it doesn’t actually leave any trace on the site’s server at all.

So, the next time you visit, the website already recognizes you because your device shows up with the cookie and the data in it, and then personalizes your experience based on your known preferences, just like remembering your favorite flavor in your coffee place.

What is a third-party cookie?

Now, imagine that another business, like a dry cleaning service, has an employee stationed at the coffee place. You can drop off your dry cleaning with them, and you can pick it up again once it’s ready. The dry cleaning employee can also hand you a button, this time with a discount code on it for future cleaning services. If you come back to the coffee place in the future, with a new item to be dry cleaned, the staffer can glance at the button and know that you qualify for the discount.

And on top of that, if you ever enter any other store where the same dry cleaning service is also present, those staffers can also see your button and give you the discount.

The button can only be seen and read by dry cleaning staff, nobody else will even see it, not the coffee store and none of the other customers there. Most likely, the dry cleaner won’t even know where you first received your button.

This is similar to a third-party cookie. It’s created by a site or service that’s different from the website that you’re actually visiting. For example, while browsing a news website, an external weather service might set a cookie to store the geographic location you’ve specified.

This allows them to display the weather information for your town when you visit the news site again in the future.

Unlike a first-party cookie, this third-party cookie is not specific to the news website. If the same weather service is used on other sites, your location is already noted and you will see weather information for your location automatically on those other sites as well.

Final notes

These are not perfect analogies, by the way, because a cookie is only available on that one specific device where it was first created.

Imagine you have a laptop and a tablet. A cookie that gets created on your laptop does not exist on your tablet, nor the other way around. That’s true for both first-party and third-party cookies.

In the next article in this series, we will give you some examples of how the Revive Adserver software uses first-party cookies, and how it uses third-party cookies.

Articles in this Series:

What are Third Party Cookies?

This article explains what a cookie is, and what the difference is between a first-party cookie and a third-party cookie.

How does Revive Adserver use Cookies?

This article describes how first party and third party cookies are being used by the Revive Adserver software.

Why are some people concerned about 3rd party cookies?

We discuss the extensive use of cookies for retargeting, causing them to be labeled harmful by some people.

How is Revive Adserver affected by blocking third-party cookies?

We look at the effect on the Revive Adserver software, when browsers no longer allow the creation of third party cookies.