Preparing for Privacy Sandbox: What is CHIPS?

With Google's postponement of the Cookie phase-out process to the first quarter of 2025, many brands and digital marketers must take full advantage of the Privacy Sandbox and the transition process.

That’s why in the first post of our new blog series, we’ll briefly introduce CHIPS within the scope of the Privacy Sandbox.

CHIPS, or Cookies Having Independent Partitioned State, gives developers the ability to include cookies in partitioned storage, enhancing user privacy and security through separate cookie jars for each top-level site.

Without partitioning, third-party cookies allow services to track users and combine their information across unrelated top-level sites — a practice known as cross-site tracking.

Browsers are moving toward phasing out unpartitioned third-party cookies. When third-party cookies are blocked, CHIPS, Storage Access API, and Related Website Sets will be the only options for reading and writing cookies in cross-site contexts like iframes. (We’ll cover those later.)


Partitioning is currently supported only in Chrome and Edge browsers. It’s not yet available in Firefox or Safari.

For example, imagine you have a website named retail.example and you want to integrate a widget hosted on support.chat.example, a third-party service, to support your users via chatbot.





Many embedded chat services already rely on cookies to track user actions.

Without cross-site tracking adjustments, support.chat.example typically has to find more complex alternatives to store those cookies. Another option might involve embedding it on retail.example with higher privileges—such as access to authentication cookies—which comes with security and legal risks due to potential exposure of PII (Personally Identifiable Information).

This is where CHIPS comes in, offering an easier way to continue using cross-site cookies without the risks associated with unpartitioned cookies.

So, Where is CHIPS Used?

CHIPS generally applies to any cross-site scenario where subresources require a session or persistent state specific to the user’s interaction within a single top-level site. Common use cases include:

• Embedded third-party chat widgets
• Embedded third-party map widgets
• Embedded third-party payment method widgets
• Subresource CDN load balancers
• Headless CMS providers
• Third-party CDNs using cookies to serve gated content depending on authentication status on the first-party site (e.g., social media profile images hosted on third-party CDNs)
• Remote API endpoints that depend on cookies
• Embedded ads that need publisher-specific state (e.g., capturing ad preferences per website)

More info:

• https://developers.google.com/privacy-sandbox/3pcd/chips

If you’d like to learn more about cookieless measurement beyond Privacy Sandbox, take a look at our AnalyticaHouse Cookieless project.