Partitioned cookies, or CHIPS, could be an elegant solution to the deprecation of third-party cookies. But how do they work? And, what problems do they solve?
Why it matters — CHIPS offers the technical integration of third-party cookies but with the privacy protections of site-scoped access to data, permitting first parties to work with vendors to manage their first-party data with reduced risk of data leakage, but how do they work and when should we ask for a side of CHIPS?
TripleLift has been actively involved in the various W3C (World Wide Web Consortium) working groups, such as the Improving Web Advertising Working Group, the Privacy Community Group, and the Private Advertising Technologies Working Group (PATCG). Some of the well-known proposals, like FLEDGE and PARAKEET we’ve already profiled in this blog, but one proposal that hasn’t received as much attention is the Cookies Having Independent Partitioned State, or CHIPS proposal in the Privacy Sandbox.
CHIPS is part of Google Chrome’s efforts to deprecate support for third-party cookies, and is a middle ground that still permits third-party cookies to operate, but not across sites. Today, third-party cookies permit the third-party cookie owner to see the same cookie ID across different sites the user may visit, permitting the third party to see that it is the same user across multiple sites. CHIPS proposes that the browser instead isolate the third-party cookies through the scope of the first party. From the perspective of a third party, their third-party cookies still permit them to identify users within a site, but they can no longer link the users across sites.
Why Permit Some Third Party Functionality?
The CHIPS proposal outlines 3 core use cases CHIPS should enable:
- SaaS providers offer as a widget to a publisher that requires identifying different users within the scope of the first party but not across sites.
- Headless Content Management System providers, such as platforms that make it easy to manage the content of a blog as a service, while letting the first party control the actual presentation of the blog content on their first party page.
- Sandbox domains for serving untrusted user content, such as googleusercontent.com, which is a domain where Google users can upload content and therefore Google wishes to ensure the user-uploaded content can never access the cookies in the google.com domain.
Limitations & Implementation
To set cookies that are partitioned to the first party, third parties should add the new “Partitioned” attribute to the cookie, signaling to the browser that the third party expects and intends the cookie to be scoped to the current first party domain. Chrome proposes that all partitioned cookies must be secure, including the Secure attribute and __HOST prefix.
Looking Forward
The CHIPS proposal is, on balance, an elegant solution. By continuing to rely on the technical rails of third-party cookies but limiting their scope to single-sites, CHIPS threads the needle to help third parties to move towards the first-party-scoped contexts for cookies that we expect to see when the Privacy Sandbox is fully implemented for all cross-site channels.