ITP2.1 and its effect for Snowplow users

Hey folks. I’ve written up some notes about the impact of the new Safari cookie changes and particularly how they impact Snowplow users.

The TL;DR is that if your collector domain is in the same root domain as your site, you should be okay. Otherwise, 7 day cookies.

Read it here.

4 Likes

Hi @Simon_Rumble,

looks like google will implement some cookie changes too, namely the sameSite attribute for 3rd party cookies. Will the snowplow collectore handle this too? Release is about to happen soon. See here: https://blog.chromium.org/2019/05/improving-privacy-and-security-on-web.html

Hey Christoph. My understanding of this is that the Chrome changes will give users more control. In practice that means the tiny proportion of people who find the place to selectively clear cross-site cookies will do so. These are the kinds of people who are already running ad/tracking blockers though.

I think there is more to it. Have a look here: https://web.dev/samesite-cookies-explained
If the collector does not set the sameSite attribute for the network-user-cookie, Chrome will put a default value, which will prevent the cookie to be sent to the collector, if page and collector are on different domains. At least in our scenario this is the case. Not sure how many others will be affected.

Hey @christoph-buente,

I’m no expert here, but we do have a feature in the works for the Scala Stream Collector which I think is relevant - it allows for configuration of more than one cookie domain on the collector.

@christoph-buente Snowplow R116 introduces a new version of the Scala Stream Collector that lets you set a SameSite attribute for the network_userid cookie:

1 Like

Thanks @dilyan for the headsup. Happy to see that our, or better @aparra’s contribution has been accepted and released.

1 Like