An ETag also referred to as an entity tag is a part of the HTTP protocol. It is in the first place one of the many mechanisms for cache validation and instructs browsers to make a conditional request. In this way, caches save the bandwidth, and servers are not required to provide a full response header if the files were not changed.
The ETag is an identifier assigned by the webserver to each resource and at any URL. In this way, the ETag is similar to tracks, and once compared it can reveal whether they are identical or not. But ETag can also be used to track user activities and avoid cookies setting for the least.
This Etag mechanism enables websites to track users across sessions despite changing the IP address, disabling JavaScript, cookies, and/or local storage. This is achieved as a result of sending the Etag data in the http-header. In other words, ETags are saved in the browser’s cache, and in this way it can track user behavior.
Initial Purpose of ETag
ETags’ main function is to optimize performance and enhance the communication between the client and server processes. For example let’s take a website element, any: icon, image, piece of text. Well, the web server generates & returns a validation token in the HTTP header in the form of a hash. The next time a user requests the resource, the Etag value will be checked with the server, and if the values match there is no need to request that resource again.
For a long time, ETag has served as one of the best options for its core purpose, and only when the GDPR and cookies policy started to become a privacy issue, the ETag started to be considered as an opportunity to avoid problems – on a large scale.
ETag Can Replace Cookies: Is It Real? And How?
The use of cookies in web applications is extremely convenient and universal. But in some countries, the law requires placing additional information on a website that uses cookies. To avoid this in the web application, some consider using the ETags instead of cookies. Mainly about using it is to technical approach, such as maintaining user session, in particular for tasks such as logging and storing information about the state of product basket. Another advantage ETags instead of cookies in the web application could be:
- Protect from attacks associated with cookies.
- Protect from clearing browser’s cookies by a user (but not from clearing browser’s cache of course)
So the difference between ETag and cookies is simply reduced to how users clear their browsers. Now let’s be honest, most of the users don’t clear anything on purpose, and perform this action only when something happens. Of course, there are users that also clear their cookies almost immediately, but the group is small. And the main thing about ETag is that most of the users clear cookies, but not cache – which is in our opinion the advantage of ETag.
Other Alternatives To Third-Party Cookies
By far ETag is not the only alternative to third-party cookies, which makes the competition more interesting among all other tools and options. Of course, each alternative has its cons and pros, which we will talk about. But in addition, not all types of cookies alternatives are suitable for your specific website/business/app or whatsoever.
So here comes the list of what you might take into consideration when choosing to avoid cookies and implement an alternative solution:
- The Birds – this came once Google announced User Identity in the “Privacy Sandbox”. This means that instead of user data, will be used browsing history – which is also some sort of user data if you’ll ask me. The real concern and reason why its testing was postponed: it could violate the GDPR regulations in the EU.
- Data Pools – It’s an independent data storage, where the brand could upload its 1st-party data from one side, and publishers do the same thing from their side. As a result, advertisers get insights about their audience from the publisher’s resources and can activate the audience with publishers targeting. It happens securely and complies with the existing privacy regulations, and does not require other alternatives to third-party cookies.
- User Identity Graphs – This solution binds together different identifiers, both PII (like emails, phones, physical addresses) and non-PII (like 1st-party cookies and pubs). The main advantage of such an alternative to cookies is that through user graphs, advertisers can activate audiences across different channels and connect users’ activities in different environments. The biggest pitfall of this method is it hard to develop and deploy in-house, without accidentally compromising privacy. To ensure user data safety, advertisers and publishers need to choose a trusted vendor that will provide the necessary technical infrastructure.
- Fingerprints – this method identifies users not by special codes stored on their system but by their browser, system, and device’s unique features:
- IP
- Installed plugins
- Screen resolution
- Time zone
Final Thoughts
The question about third-party cookies disable is not IF but when – so yes, it’s coming. But before considering other alternatives, including ETag, we consider that Google would not take a step backward towards its own product and source of income if they wouldn’t have a plan already. What will come instead of cookies will be a balance between privacy and more ads.