Cookie

Data & Tracking

Also: browser cookie · tracking cookie · HTTP cookie

What it isSmall data file stored in your browser
LifespanSession to 2 years
The shiftThird-party cookies phasing out

Quick definition

A small text file a website stores in a visitor's browser to remember them across sessions or pages. Cookies power login persistence, cart memory, personalisation and the majority of digital ad targeting.

Where it shows up in the data

First-party cookies

Set by the website you're visiting. Used for logins, cart persistence and on-site analytics. These are safe and will continue working.

Third-party cookies

Set by external domains (ad networks, tracking pixels). Used for cross-site retargeting. Being blocked by Safari and Firefox, being phased out by Chrome.

Session vs persistent cookies

Session cookies expire when you close the browser. Persistent cookies last until a set expiry date or manual deletion.

Consent and GDPR

Under Australian Privacy Act and global GDPR standards, non-essential cookies require explicit user consent. Consent banners are now legally required for most AU businesses with EU visitors.

What it actually means

Cookies are how the web remembers things between page loads and visits. When you log into a site and come back tomorrow still logged in, that's a first-party cookie at work. When you look at a pair of shoes and then see ads for that exact pair on every website you visit for a week, that's third-party cookies. The marketing industry built its targeting infrastructure almost entirely on third-party cookies — which is why their deprecation is a genuine structural shift, not just a privacy story.

The cookie isn't dying. The third-party cookie is. Your own first-party data just became your most valuable asset.

How it shows up

Cookies appear in your browser developer tools under Application > Cookies. In your marketing stack, they underpin GA4 session tracking, Meta Pixel firing, Google Ads conversion tags and remarketing audiences. When users block or delete cookies, attribution gaps appear — sessions that look like direct traffic, conversions that don't tie back to a campaign.

The Australian context

Australia's Privacy Act reforms (expected 2024-2025) are moving toward GDPR-equivalent consent requirements for tracking cookies. Australian businesses with any European traffic are already subject to GDPR. The practical result: consent banners are no longer optional, and your consent rate directly affects how much of your audience you can legally track and retarget.

Where people get this wrong

Treating all cookies as third-party cookiesFirst-party cookies are your own and are not going away. The deprecation affects cross-site tracking, not on-site memory or analytics.
Ignoring consent banner conversion ratesIf 60% of visitors decline tracking, you lose 60% of your retargeting pool. Consent UX design directly affects audience size.
Not building a first-party data strategyWaiting until third-party cookies are fully gone means starting from zero. Build your email list and CRM now while ad audiences still exist to drive sign-ups.

Related terms

PixelTechnicalGDPRTechnicalThird-Party DataAnalyticsCustom AudiencePaid Media

Common questions

Are cookies being banned in Australia?

Third-party cookies are being phased out by browser makers (Apple, Google, Mozilla), not by law. Australian Privacy Act reforms are tightening consent requirements but not banning cookies outright. The practical effect is similar — you need explicit consent and first-party alternatives.

Does GA4 use cookies?

Yes. GA4 uses first-party cookies (_ga, _ga_XXXXXXXX) stored on your domain. These will continue working. The shift away from third-party cookies does not break GA4, though it does affect cross-site attribution and remarketing audiences.

Keep exploring

About New Rebellion

New Rebellion is a marketing intelligence consultancy. We build tools, score Australian businesses on how their marketing actually performs, and publish Debrief every day. This dictionary is part of how we work in the open.

How we think →