Big Interview: Inside Google’s Decision To End Third-Party Cookies With CPO Keith Enright

In recent years, there has been a ‘great reckoning’ of sorts when it comes to user privacy.

From the European Union introducing the General Data Protection Regulation (GDPR) in 2018 to the ACCC’s Digital Platforms Inquiry – user privacy is now firmly in the view of regulators and consumers alike.

At the coalface of this has been Google’s global chief privacy officer Keith Enright [feature image].

As an internet user, it is virtually impossible to avoid the Google ecosystem. This means Google’s stance on privacy and data security impacts almost everyone.

“Anyone who’s paying attention can see that the world is evolving in the context of user expectations, regulator expectations,” Enright tells B&T.

“We’re seeing a tremendous amount of regulatory and legislative activity, all over the world in the space of privacy and data protection.”

Having spent nine years with Google, Enright has overseen the constant development of Google’s privacy policy as various regulations have come into place.

While he acknowledges privacy is an ever-evolving topic, he explains Google’s fundamental outlook on the matter has remained quite steady.

“We design products to bring value to our users’ lives, to make them more productive, to allow them to experience technology and the internet in ways that make their lives easier,” he says.

“In the course of doing that, users choose to share certain kinds of information, and in some instances that information is sensitive and personal.

“We want to ensure that the user is always in control of that experience.

“When we do that and when we’re doing that correctly, legal compliance shouldn’t be difficult.”

inside the third-party cookies decision

For the media and marketing industry at least, Google’s most influential decision in recent times has been the call to discontinue third-party cookies on Chrome.

First announced in 2019, Google caused a stir in January this year when it announced it would be removing cookies within two years.

“Sadly I wasn’t surprised,” Enright says about the reaction that was caused.

Critics came from two sides.

Those who thought the two-year timeframe was unreasonable and those who wanted Google to deprecate cookies immediately.

“One of the things that I don’t think is as widely understood as it needs to be is the immediate blocking of third-party cookies by default could incentivise undesirable behaviours that are actually corrosive to user privacy,” he says.

“Behaviours like device fingerprinting, hardware and software fingerprinting, which would allow third parties to track users across websites, but not allow any user resettable controls.”

For Google – a company that profits billions each year from its online advertising business – third-party cookies have no doubt played a role in shaping the business.

But it’s also an imperfect and ultimately outdated technology that can encroach on user privacy.

So was it hard to finally say goodbye?

“No,” says Enright. “We recognise that this is an inevitability.”

“Cookies as a technology have now been deployed to support all kinds of all kinds of functionality and purposes that exceed the expectations of the technology at the time of its design. We recognise that.

“And we recognise there is a growing user hostility towards the notion of using third-party cookies or ad tracking in a way that is not consistent with user’s expectations in the future.

“We want to make sure that we are on the right side of user expectations, that we are giving them the right controls and that all of these services are operating in a way that is consistent with their expectations.”

riding the wave

Enright makes it clear – Google is on the user’s side when it comes to data privacy.

But he doesn’t believe this has to disadvantage advertisers.

Online advertisers must now innovate and collaborate to build the solutions of the future, he says.

“If all of the innovation that has occurred in internet advertising over the last 20 years can continue focusing on this particular opportunity and figure out: how do we deliver advertising that works and that performs for publishers and for advertisers?” Enright says.

“[If we can figure this out] in a way that is consistent with user expectations as they continue to evolve in the future, then we’re all going to win.”

For Google at least, ‘winning’ in this scenario depends heavily on the development of the Privacy Sandbox.

Billed as a way to protect user privacy while supporting free access to content online, Google hopes the Sandbox can right third-party cookies’ wrongs.

Enright says the Chrome team will start trialling the new tracking technology later this year, with conversion and measurement the initial focus, then personalisation.

“Chrome’s intention is to phase out cookies within two years, once the approaches they develop have addressed the needs of users, publishers, and advertisers, and they have developed the tools to mitigate workarounds,” he says.

As well as getting the tools right, Google is also resting heavily on industry feedback to ensure the new solution can be effective.

“The team has stated that they need the entire ecosystem to engage on these proposals in order to reach this goal,” says Enright.

“They’re working actively across the ecosystem so that browsers, publishers, developers, and advertisers have the opportunity to experiment with these new mechanisms, test whether they work well in various situations, and develop supporting implementations.”