Privacy compliance for nonprofits: Navigating the cookie chaos

If you’ve been in the nonprofit tech space for a while, you already know how constantly things evolve. One day it’s all about cookies. Next we’re in a post-cookie world with Unified ID 2.0. And now we’re back at square one with the age-old cookie.

If you’re in nonprofit communications and marketing, and you’re more focused on connecting and engaging with your community than keeping up on tech trends, then you’re in the right place. We’re going to break down the story of cookies and how Google can’t get rid of them.

We think the conversation around cookies is important because it’s all about protecting people’s privacy.

Even though cookies may be around for a while longer, governments and regulators are increasing their oversight on how they’re being used. And the big players like Google and Apple are offering everyone better options on how they’re tracked as they travel the web.

As someone who wants to send the right people the right messages, we want you to be informed about the technologies you can leverage to learn about your unique community while still putting their privacy first.

You don’t eat these kinds of cookies

I’m sure you’ve heard all the talk about cookies, so I’m not going to spend a ton of time or get way into the tech weeds on this. But a little bit of history will help show us where we’re headed.

Cookies are a piece of HTML code that’s stored on a person’s computer that’s downloaded through their web browser. As they travel around the website, their browser sends the HTML cookie back to the site, showing where they’ve been and how long they were there. 

Cookies can be collected from people who directly traveled to a company’s website or used their app. But they can also be collected through a different website like Facebook or YouTube or Weather.com or wherever an ad shows up. And then the cookies are shared with the company or advertiser.

And even though cookies alone only offer anonymized website data, when linked to an individual IP address, they can carry more data than a visitor may have intended, like an email address and first and last names.

Cookies have been around for quite a while now ─ ever since Lou Montulli wrote a little bit of HTML code back in June 1994. The first browser to use cookies was Netscape, but in 1995 they were rolled out on Internet Explorer. And the rest is history.

Ever since cookies existed, people ─ and their governments ─ have been questioning if it’s ok for companies to know these facts about web visitors. Isn’t it all a little invasive?

A note about third-party cookies

There are many kinds of cookies that a website can place on a visitor’s computer, but all cookies fit into one of these two categories: first-party and third-party cookies. First-party cookies are from the website that the person is visiting while third-party cookies belong to a separate domain.

As the web has become more and more interconnected, websites often house images or ads from other websites, so some of this cross-interaction is natural.

But some companies have abused third-party cookies to track too much. It’s one thing to have a website store items in your cart, but it’s something entirely different for a large company to know everywhere you go online. And this happens a little too often.

How did Google end up in the driver’s seat?

The reason why everyone’s still talking about cookies in the 2020’s is because governments and regulators still haven’t fully solved how to get privacy back in the hands of internet users. But a lot of the conversation revolves around Google’s plans of ending the use of cookies within Chrome and creating a post-cookie world.

And that’s a big deal because in the US over 52% of people use Chrome as their primary browser.

Because so many people use Google search and Chrome, Google has gained considerable power over the information that people either intentionally or unintentionally share about themselves.

One thing old and one thing new

Only time will tell what happens to the cookie. But at least for a little while Google and other advertisers will continue to use them to learn about people’s actions online.

We recommend continuing to use cookies ─ that is, with an opt-out popup included ─ while also diversifying your marketing channels so that you’re prepared for whatever the future brings. Here’s one thing old and one thing new to consider as you search for cookie alternatives:

• Email: We know this is nothing new for your organization, but it’s important to remember that you don’t need cookies to send effective emails that bring in big results. As long as you’re practicing good data management techniques, and you have the right information linked to your supporters, then you’re ready to connect!
• SMS: If someone shares their cell phone number with you, then you don’t need to worry about cookies and browsers and what Google changes or doesn’t change in the future. The average open rate for SMS marketing messages is 82%. That’s a good deal better than the average open rate for email!

Will we ever live in a post-cookie world?

Whether it’s cookies or Unified ID 2.0, these are the two big ideas: that you learn all you can about the people who are visiting your website while continuing to place their privacy as a top priority.

We think that governments and regulators are going to continue to crack down on companies who aren’t playing fair in the digital information game. And this is going to be a huge advantage to your organization.

Because your organization is all about making the world a better place, you’ll be building trust by making privacy compliance central while leveraging technology in an honest and effective way to engage new audiences.

In the end, it’s all about balance. By offering web visitors the ability to opt-out of cookies, you’re being honest about how you’re engaging with your valued guests. You’re simply saying, “Hey, welcome to the website! What’s your name?”

We know that all this technology stuff can often feel like a distraction. But we believe that when technology is used right, it better connects you with your community. And when that happens, you’re able to make an even greater impact on the world. And that’s a good thing!