What are third-party cookies?

Third-party cookies are cookies created by a different domain than the one you see in your URL bar. Set in third-party code, these cookies are typically used for tracking and online-advertising purposes. Overall, third-party cookies can enhance the browsing experience, but they often do this in exchange for personal data.

How are third-party cookies created?

The way third-party cookies are created is quite similar to the creation of first-party cookies. That said, they are set by a different domain than the one you are currently visiting. Third-party cookies are essentially created when the website you’re on loads content or code from a different domain.

Let’s say you are on the website xyz.com. Your web browser sends a request to the web server for the content of the site you are on. In response, the server sends back the code for the website. This code may contain images, videos, ads, or tracking pixels that are hosted on a different domain than xyz.com, such as abc.com.

Therefore, when your web browser loads the code it received from the xyz.com website, it may simultaneously be loading resources or code from the third-party domain abc.com. In this process, a third-party cookie is set in your web browser, making it accessible by any website that also uses that same third-party domain.

How do third-party cookies work?

To understand how third-party cookies work, let’s look at a real-life example. You’re visiting a clothing retailer’s website. You browse through shorts, as it’s almost summer, and you’re looking to get your wardrobe updated.

What you might not realize is that this website you are on has embedded content from a third-party domain and sets a cookie with that domain as the cookie’s “domain” attribute.

You decide not to buy any shorts and you leave the website. The next day, you’re on some other website and you see ads for the shorts you were checking out the previous day. This is the result of third-party cookies that were present on the clothing website.

Third-party cookies allowed that clothing website to send you targeted ads across the web, even if you were visiting an entirely different webpage. Their goal, in this case, is to collect user information and then use it to boost the chances that you will finally decide to return to the clothing website and buy those shorts.

First-party cookies vs third-party cookies

The primary difference between a first-party cookie and a third-party cookie lies in the domain that sets the cookie.

First-party cookies are set by the domain you are visiting, that is, the one that’s visible in your URL bar. This domain uses them to help personalize your browsing experience. First-party cookies are only accessible to the website that sets them, so they are generally considered safer and less intrusive.

Third-party cookies are set by a different domain than the one you are visiting. Typically, these are linked ads or web banners visible on the website you are browsing. This is also what makes them a source of concern for many. Third-party cookies give third parties, that is, advertisers or analytics companies, access to your browsing history. This doesn’t even require you to click on any of the links or ads, as the cookies are set directly in the code.

Privacy laws and third-party cookies

The General Data Protection Regulation (GDPR) is a regulation enacted by the European Union that pertains to data protection and user privacy in the EU and the European Economic Area. It regulates how websites collect user data, store it, and then remove it. This regulation prohibits websites from storing third-party cookies without the user’s explicit consent.

In the US, the California Consumer Privacy Act (CCPA) defines the data found in cookies as personal information. It requires website owners to include a privacy or cookie notice, providing users with details about the use of third-party cookies and their intended purpose.


Should I disable third-party cookies?

Blocking third-party cookies doesn’t affect how the website you visit operates. As third-party cookies track users’ online activities for online advertising purposes and to collect analytics data, many people block them to prevent cross-site tracking.

That said, if you don’t mind that social media sites and websites are out there collecting user data, yours included, you may leave third-party cookies enabled, thus providing yourself with a more personalized viewing experience.

How to block third-party cookies in Mozilla Firefox?

To block third-party cookies in Mozilla Firefox, you’ll need to:

  1. Click on the menu button and then “settings
  2. Click on the “privacy & security” panel
  3. Select the “custom” radio button under “enhanced tracking protection
  4. Check the “cookies” box and select the type of cookies you wish to block in the drop-down menu
  5. To apply, click the “reload all tabs” button

That’s it, you’re good to go! And if you ever change your mind, you can always re-enable third-party cookies.

How to block cookies in Google Chrome?

To block third-party cookies in Google Chrome, you’ll need to:

  1. Click the ellipsis (three dots) at the top right of your browser and select “settings
  2. Click “cookies and other site data” under “privacy and security
  3. Select the desired option, in this case, “block third-party cookies

What happens if I don’t accept third-party cookies?

Not accepting third-party cookies won’t allow the third party to place cookies and will, in effect, disable cross-site tracking.

Who are the providers of third-party services?

Third-party service providers can include marketing agencies, software services, web-hosting platforms, consultants, and more. 

Updated on: March 29, 2023

Is this article helpful?
Scroll to Top