Understanding the SameSite Cookie update

The SameSite Cookie update in Chrome, effective from February 2020, alters how cookies are handled to enhance user privacy and impacts analytics tracking, particularly affecting third-party cookies. Cookies that do not specify the SameSite attribute will default to SameSite=Lax, limiting cross-site tracking. Additionally, cookies marked as SameSite=None must now also include the Secure attribute to be transmitted over a secure connection (HTTPS). These changes necessitate adjustments for websites relying on third-party cookies for analytics, as such cookies may not be sent under the new default settings, potentially disrupting user identification and cross-site tracking. To maintain tracking functionality, particularly for analytics tools like Snowplow, cookies must be configured with the SameSite=None and Secure attributes, and where feasible, tracking should be shifted to first-party contexts by operating services on the same domain. The changes are part of broader efforts by browser vendors to enhance online privacy and restrict third-party cookies.