This is episode 31 of Season 2 for the OMGrowth podcast.

There’s something I’ve been itching to talk to you about since we finished Season 1 so I’m starting Season 2 with answers to the question that every online marketer has been asking: what the hey is happening with conversion rates in 2021.

Let’s start by saying I’m not your attorney and in no way am I providing you with legal counsel at this time. If you have any doubt or concerns, I encourage you to reach out to a legal professional who can comment on your specific situation and needs.
American-based resources can be found here and Canadian-based resources can be found here.*

Having said that, here’s a fun fact that unless you know me personally, you probably didn’t know this about me: I used to be a Data Privacy Officer and am still a card-carrying member of the IAPP – the International Association of Privacy Professionals. The gig for a Data Privacy Officer is to enforce privacy legislation as it relates to how your personal information is being collected, used, shared and disclosed.

You would be surprised about the liberties with which YOUR personal information has been collected, used, shared and disclosed.

**In fact, I’m still surprised on a regular basis. To provide you with an example, I just posted a video on my Instagram feed to demonstrate how popular websites like are monetizing your personal information by sharing it with way more advertisers than you may realize.

When you look at companies like Facebook and Google making record profits and positioning its leaders as the wealthiest people in the world – companies we all use and none of us pay for – you have to realize that the reason these services are free is because you, my online friend, and all of your online data ARE the product they’re selling.

Of course, this isn’t new. At least, not in internet years.

And again speaking in internet years, the data privacy legislation in place to protect you isn’t exactly new either. To paint a brief overview, let’s go back to the future:


If you’re an online veteran, you’ll recall the Chicken Little panic brought on by the General Data Protection Regulation put in place by the European Union in 2016, also called GDPR. By 2018, the EU would begin to enforce this 2-year old regulation designed to give individuals the right and control over how their personal information was being used for commercial purposes. What’s so wrong with that, right?

Now, this was not the proudest moment of marketers and online business people. It wasn’t a good look for us because we became opera-star level dramatic over how this would be the end and total ruin of our email lists and reach.

And if you were a gross-y pants unethical marketer, that actually was a fair conclusion! But for the rest of us just trying to offer value to people who wanted it, GDPR mostly meant that we had to add a little checkbox to our forms that said, “hey! do you consent to us keeping in touch?”

We tend to glaze over the fact that around the time GDPR was being enforced, California was also putting similar regulations in place but we’ll get to California in a moment.


The following year, in August 2019, Google launched what is called the Privacy Sandbox. This was created as a means of putting web standards in place for websites to access information about its users without compromising their privacy.

Here’s another fun fact about yours truly: I have a real pet peeve with the term “users”. I wish we could come to a consensus over another term because, I mean, who speaks about their clients using terminology like “users” other than maybe drug dealers? I frown at how exploitative it sounds – and maybe that’s the point! – but, my irritations and I digress…

In January 2020, Google announced that they will render third-party cookies obsolete by 2022; in June 2021, they actually pushed that deadline out to Q3 2023 but it’s an important move on Google’s part and it’s one you want to understand because it’s going to and probably currently is impacting you.


Cookies are the little blocks of data – including your personal information – that make it possible for your browser activity to be tracked across platforms. First-party cookies are the ones that store information on the domain you’re visiting. For example, when Amazon recognizes that you added that new best-seller to your cart on your last visit and it’s still sitting in your cart, that’s first-party cookies in action.

Third-party cookies, though, are the ones that store information across other domains you’re visiting. For instance, when you’re scrolling through Facebook and you’re targeted with an ad for a t-shirt related to the best-seller you were looking at over on Amazon, that’s third-party cookies in action. 

Third-party cookies are the stuff your aunt gets worked up over at the holiday dinner party for being so “creepy”. And she’s not wrong because the Safari browser agrees and as of August 2020, it also blocked the use of all third-party cookies. It’s all happening and it’s only a matter of time before all the other browsers are also onboard.


Now we come to the California Consumer Privacy Act I mentioned earlier. Known as the CCPA, it’s very similar to GDPR but instead of protecting the personal information of EU residents, this one protects residents of California; and while it was created back in 2018, as of July 2020, it was announced that this Act would be enforced. Again, it’s all happening and it’s only a matter of time before other states and countries get onboard with this precedent, and you should anticipate these privacy laws to be coming to a region near you.

So we have the browsers prioritizing privacy, and we have governments doing the same, and what we are seeing with the Apple updates everyone is freaking out about is basically them joining this conga line. Like that scene from Beetlejuice, it was inevitable that they would have to follow suit.


Apple launched what it is calling the App Tracking Transparency (or ATT) with its iOS 14.5 update from April 2021. The basics of this is that this update will ask its users to consent to having their browsing habits and personal information tracked, and they are given the rights and ability to opt out. Essentially, it’s giving people agency as to how their online behaviors are being tracked.

What does the iOS 14.5 update mean for you and your conversion rates? It means your ability to target people based on browsing behaviours and personal information is and will continue to be impacted.

Then, there’s the iOS 15 update of September 2021, and this is giving people agency over how their email behaviors are being tracked by limiting the use of invisible pixels within their inbox.

What does the iOS 15 update mean for you and your conversion rates? It means your ability to track things like open rates for your email marketing campaigns is and will continue to be impacted.

Your performance isn’t necessarily lagging because of the iOS updates; it’s your ability to continue relying on the pixels that have been tracking your performance that is lagging.

So, yes, your conversion rates look like they’re hurting right now and that totally isn’t in your head or just a “you” thing.

However, these changes are all happening as a result of protecting your human rights. While you, my humble and honest marketer, may feel annoyed at how it’s impacting your ability to continue marketing the way you always have been, the change is necessary because there have been liberties taken far beyond reason – or your consent! – as to how every detail about you is being collected, used, shared, disclosed and monetized.

Keep in mind that this whole digital world is relatively new. Just as you test a marketing strategy by doing it, collecting the information and making decisions about how you want to move forward, it’s the same sort of deal with online business. We did things one way for a while, saw room for improvement and these changes you’re seeing – from Google, from Apple, from your browsers, from your governments – are the collective agreement as to what changes we need to make the online marketing world a better and safer place for all.

So let’s get to the most important part for any of these conversations: what do these privacy changes mean for you?

It means that if your motive for collecting information is as a means of exploiting the people whose information you are collecting, it’s going to get bumpy for you.

However, if your purpose for data-collection is to guide you towards making smarter business decisions, I’m happy to share that the ethical, law-abiding marketers will be just fine because there are ways you can continue to see how you’re performing.

Now, you WILL have to change some things because as we’ve established, the way we’ve BEEN doing it is flawed… but we’re at that “when you know better, you do better” phase of online marketing, and on next week’s episode, I’ll walk you through that better way.

*This post contains affiliate links for products I know, use and recommend.