OPINION: The Shitshow of Cookieless Solutions

The industry built on surveillance—programmatic advertising, digital targeting, real-time bidding—was always a house of cards, held together with the flimsy glue of third-party cookies. Those cookies, little crumbs of recognition, of tracking, of pseudo-intimacy, made the machine hum. But Apple yanked them. Firefox, too. Google, ever the reluctant executioner, announced its own slow-motion killing spree for Chrome. And so the ad industry, worth hundreds of billions of dollars, swung into action, summoning its greatest minds, marshaling its best resources. The result? A pile of cheap knockoffs.

"Cookieless solutions," they called them. Alternatives. Progress. A great reimagining. Except they weren’t. Instead of innovation, we got new flavors of the same poisoned candy—badged, renamed, and slathered in industry doublespeak.

The Identifiers That Weren’t

Two camps emerged, each peddling its own half-baked answer to the cookieless conundrum. The first: deterministic identifiers—hashed email addresses (HEMs) masquerading as privacy-friendly alternatives. The second: probabilistic identifiers—an elaborate shell game built on the illusion of precision.

The deterministic IDs are a sick joke. A hashed email is still an email. Scrambling it like a cheap spy novel cipher doesn’t change the fact that it’s trackable, that it’s persistent, that it creates an eternal thread connecting user to ad to data broker to platform to whoever pays enough for the scraps of your digital life. The Trade Desk, ever the opportunist, propped up Unified ID 2.0 as the savior of the open web. But take a step back, and the winner is clear: Big Tech. Google, Meta, Amazon—the gods of walled gardens. They don’t need to bet on probabilistic alchemy. They have billions of logged-in, trackable, monetizable users who consent—unknowingly—to the whole game.

Then come the probabilistic identifiers, a scam wrapped in a statistical illusion. Scale, they promise, because they don’t rely on login data. But how do they work? Fingerprinting—both active and passive—means sniffing through your device settings, your IP address, your user agent, and patching together a guess. “Cross-device identity” sounds impressive until you realize the underlying logic is that if two people share an IP, they must be the same person. That same nonsense fuels ‘ID bridging,’ where an adtech vendor confidently declares that a Chrome user is also a Safari user because—why not? In the end, these methods degrade into a grotesque parody of accuracy. The "advertising profiles" cobbled together from them are legendary in their absurdity: a single person, simultaneously 19-29, 29-39, 39-49, and 49-59 years old; both unemployed and a CEO; both male and female. Xandr was caught red-handed in this kind of rubbish, stuffing its pipes with contradictions.

None of this, mind you, is an accident. It’s by design.

The Silent Collapse

While ad tech grifters scream about the death of cookies, the truth is more complicated: ID-based advertising is already broken.

Here’s a dirty secret: even with all the tracking and identifiers, most programmatic impressions fail to match a user ID. The industry operates on a belief that ads are hyper-targeted, laser-precise. But 60% of global impressions have no matchable identifier. That’s right—60%. In the US, it’s about 58%. In Europe? Probably worse.

What happens to those untrackable impressions? Three things:

1. They’re discarded. SSPs and DSPs filter them out before a bid even happens. No ID, no dice.

2. They float in the bidstream, ignored. Unsold, or sold for pennies on the third attempt.

3. They’re stuffed with garbage IDs. Faked data, "bridged" identifiers, black-box sorcery to trick DSPs into bidding.

This isn’t a bug. It’s a feature.

Because advertisers don’t care about data integrity. They care about ROAS—Return on Ad Spend. And as long as the numbers look good, the engine keeps running. Here’s the trick, though: ROAS is relative. If an entire industry is underperforming at the same rate, no one notices. And as long as everyone is buying into the same bad IDs, the same broken attribution, no one questions the foundation.

The Hidden Tax

This fixation on IDs—on trying to keep alive a tracking model built for a pre-regulation world—has consequences.

• 60% of the internet is unreachable. That’s not a cookieless problem. That’s a structural failure.

• Reduced supply drives up costs. Less inventory means higher CPMs for advertisers. Good for platforms, bad for brands.

• Measurement is broken. Advertisers aren’t just bidding on known audiences; they’re bidding against each other for the same small, measurable scraps.

• Walled gardens win. The less measurable the open web becomes, the more ad dollars flow into Facebook, Amazon, and Google.

The Incentive to Do Nothing

So if ID-based advertising is a joke, why does the industry cling to it?

One word: inertia.

Nobody wants to rearchitect the system when they can just layer more duct tape over the cracks. DSPs, who shouldn’t be as powerful as they are, profit from the status quo. These platforms have no direct access to data—they sit at the end of the line, far from where users actually interact with content. But identifiers bridge that gap, allowing them to profit off a system where data flows toward them, even when it shouldn’t. They call it "smart decisioning." Publishers call it "data leakage." The truth? It’s a racket.

The Scrappy Cowboys

A few startups are trying to break free from this mess. The rebels, the weirdos, the ones actually attempting to build something new. Their weapon of choice? ID-less advertising. Context-based, privacy-compliant, engineered to work in a world where identifiers don’t exist. The IAB, sensing the shift, even published guidelines to separate them from the grift of “cookieless” IDs.

The good news? ID-less solutions offer access to the 60% of unreachable impressions. They don’t rely on tracking, meaning they won’t break when the next Chrome update nukes another half-baked adtech scheme.

The bad news? They don’t scale. They require advertisers to think. They lack measurement frameworks. They don’t fit neatly into DSP bidding logic, which means they’re ignored by the gatekeepers.

But if they scale—if measurement can be solved, if integrations can be built, if optimization can be achieved—the industry might have a real alternative. And it’ll be necessary, because when the next wave of browser restrictions rolls in, when Google finally pulls the trigger, the tracking-based model dies.

The Final Act

This is the moment. The fork in the road. Keep doubling down on a system that doesn’t work, or actually start building something sustainable. If the ad industry keeps fucking around with ID hacks, it’ll wake up one day to find itself locked out of the future. Google won’t save them. Meta won’t save them.

If the industry wants to survive, it has to start thinking beyond identifiers. Because make no mistake: the platforms will pull the plug.

And when they do, programmatic will either adapt—or die.