Cookies, consent, and what comes after. How the industry still recognizes users — without the third-party cookie.
Almost everything ad tech does well depends on recognizing the same user across sessions:
Without a stable identifier, all three become probabilistic at best. CPMs for "unknown" users drop 30–60%.
For 25 years a tiny browser cookie set by a domain other than the one you were visiting let ad-tech vendors recognize the same browser across the open web. It was the substrate for retargeting, frequency capping, and most cross-site measurement.
Safari (ITP) and Firefox (ETP) blocked it years ago. Chrome — ~65% of the web — was on a multi-year deprecation path; in 2024 Google pivoted to a user-choice model, but the cookie's practical signal value has been collapsing all along.
Third-party cookies sync IDs across DSPs/DMPs. Cross-site retargeting works out of the box.
Mobile IFAs (IDFA, GAID), GDPR/CCPA consent, ATT prompts. Match rates fall, IDs fragment.
Email IDs (UID2, RampID), browser cohorts (Topics), contextual, clean rooms, SDA, MMM.