Delete Cookies, Inflate Net Traffic Estimates

eldavojohn writes "In my browser, I regularly go to the tools menu and clear my private data. This includes my cookies. As a result, people like me who destroy cookies by the thousands may be inflating estimates of Web traffic by up to 150 percent. People have good reasons for clearing out cookies — we've heard about bad cookies before (and I think the FCC is still investigating the issue). But every time you delete cookies, many of the sites you've visited count you as a new visitor next time."

On the other hand...

[Yusaku Godai (546058)]

...you could be like me--I block all cookies from all sites until I've added them to my whitelist.

Re:On the other hand...

[dattaway (3088)]

and be sure to set your browser to "googlebot"

That way no one has visited but another web spider!

Re:

[FFFish (7567)]

I spoof my MAC address and re-boot my DSL connection once a week, getting a new IP Address each time!

Re:On the other hand...

[by Anonymous Coward]

I just forward all my cookies on to Santa - I get good presents

Oh boy...

[Seoulstriker (748895)]

Dear Anonymous Coward,

So, you're the little bastard who keeps forwarding me that crap.

This year... no presents for you!!!

Sincerely,
Santa H. Claus
santa@northpole.net

Re:

[Derek Pomery (2028)]

Heh. I do the same thing.
Of course, a site could also try tagging me by serving me a uniquely timestamped file modification date on some piece of server content. Assuming I cache, that'd also serve for tracking.

Isn't like everything is just cookies and IP tracking.

Or heck, SSL session ID makes for short-lived tagging to determine a visitor, as does analysing site access patterns.

Re:On the other hand...

[Goldenhawk (242867)]

Hmmm. I wonder if this inflates the apparent popularity of Firefox (not that I consider that a bad thing, mind you).

After all,

1) it's geeks who tend to both use FF *and* block cookies
2) the FF extension architecture makes it easy to use selective cookie blocking tools
3) FF settings allow automatic cookie deletion each time it exits, unlike IE (=IE6, at least)

All in all, I suspect that (*IF* the subject article is accurate) FF users probably account for a disproportionately large chunk of those "re-visits".

I bet M$FT hates that.

Re:On the other hand...

[xENoLocO (773565)]

On one hand, your post is intriguing and thought provoking.

On the other hand, this is slashdot and that kind of behavior is not allowed here. We demand you say something funny.

Re:

[rapidweather (567364)]

In my livecd linux [geocities.com], based on Knoppix 3.4 (see screenshots, below) I use control scripts for Firefox, Flock and Opera that does several things.
First, if any ~/.flock ~/.mozilla or ~/.opera happens to be in /ramdisk, it deletes the entire ~/.flock, ~/.mozilla, or ~/.opera then installs a new, default one, that I have set up. The browser then displays a local copy (in the cd) of this page:

http://www.geocities.com/rapidweather/web.html [geocities.com]

A default set of RSS feeds is on the Firefox favorites toolbar, the "My News

...And?

[xlsior (524145)]

News at 11 -- Water still wet.

Re:

[mandelbr0t (1015855)]

Oh darn. An audience that varies from day to day that is very large to begin with is difficult to count. Find a metric that everyone is happy with it, realize it isn't reality any more than any other metric, and move on with actually being a BA. The worst problem with most BAs is that they are constantly inventing reasons that something has to be analyzed again. Accurately counting television viewers, sports event attendees (as opposed to ticket holders) raindrops and grains of sand might keep you entertain

Re:

[amper (33785)]

And in other news, Generalissimo Francisco Franco is *still* dead.

Re:Not users fault

[causality (777677)]

It's not the fault of the person who deletes the cookie.

What you say there is absolutely correct, but it begs the question: How would it ever be the fault of the user in any possible case? I have a newsflash for the advertisers -- you do not have a God-given inalienable right to store data on my computer. It's mine, I paid for it, and I will selectively accept or freely remove any data that you attempt to place on it, for any reason or for no reason at all. The world does not owe anyone a reliable way to track the Web surfing of others.

This and DRM are two categories where marketers act like my personal property is theirs to do with as they please, and I'm sick of the way the average "consumer" puts up with this concept or anything resembling it.

Any Web site owner who doesn't like this can feel free to block me from their Web site; since it is theirs after all, I certainly do not dispute their right to do that (they would do so to find that I can live quite well without them). But please, let's dispose of this idea that some marketer not being able to track me is somehow my fault or my problem.

I say that if your business model relies on the ability to effectively spy on people, often without their knowledge or consent, then your business model is flawed and any difficulties you encounter are well-earned. I further say that the current situation exists only because of widespread ignorance; that is, if every single person who ever went online were a thoroughly educated uber-geek and fully aware of all tracking techniques used, then no one or practically no one would ever allow any of it and the marketers would have to come up with a more reasonable way to make money.

Re:

[prockcore (543967)]

if every single person who ever went online were a thoroughly educated uber-geek and fully aware of all tracking techniques used, then no one or practically no one would ever allow any of it and the marketers would have to come up with a more reasonable way to make money.

I'm fully aware of the tracking techniques used.. and I don't delete my cookies. I'm an anonymous number to them.

I bet you go shopping in a ski mask too, because every store video tapes you.

Re:

[toadlife (301863)]

Prove they are not tracking your MAC address.

I doubt he's in the mood to give you a primer on networking.

No surprise

[HomelessInLaJolla (1026842)]

I hadn't thought about counting it this way until this article appeared but, now that it's said, I'm not surprised. It doesn't matter what the consumer does. The business analysts will always find a way to spin it for their profit. Initially the business analysts thought that this would be a perfect way to track all of the visitors. When some of the visitors decided they didn't want to be tracked then the business analysts decided that, well, maybe tracking them (in that particularly way) wasn't the important metric for the shareholders to see. The more important number, obviously, is how many discrete visitors they have.

Brilliant.

So what?

[EveryNickIsTaken (1054794)]

If the primary concern is for unique visitor tallies for traffic-based advertising, wouldn't web sites be affected (mostly) across the board? If all web traffic is artificially inflated close to the same amount, then this becomes a non-issue.

Re:So what?

[Red Flayer (890720)]

If all web traffic is artificially inflated close to the same amount, then this becomes a non-issue.

True. But I'm certain some websites have a higher proportion of visitors with cookies disabled... slashdot, for example. The trick, then, in order to make discrete visitor metrics truly useful (from a marketing standpoint) is to normalize for cookies-disabled visitors. Some factors that would have to be considered are how many cookies-disabled visitors access your site, and whether disabled visitors exhibit the same repeat visit habits as enabled visitors.

This is why there is research out there to use methods other than cookies and IP addresses to identify users -- see this article [slashdot.org] from last September.

I'm sure this concept can get some VC if companies begin distrusting current traffic anlayses -- it would be a useful adjunct to traditional traffic monitoring.

150%?

[catbutt (469582)]

That assumes an awful lot of people do that.

I don't do it because it is a pain to constantly log back in everywhere. But I seriously doubt more than 2% of the non-slashdot crowd does it.

Re:

[Sparr0 (451780)]

No, it's just bad math and/or horrible reporting. The article states that 31% of visitors deleted their cookie. That means the increase in reported traffic might be (31%/69%)=45%. They probably meant an increase *OF* 50%, which is an increase *TO* 150%.

Re:

[pla (258480)]

I don't do it because it is a pain to constantly log back in everywhere.

As someone who has cookies automatically deleted when I close my browser...

You don't actually need to log in to every site you visit - Only if you want to buy or post something, in general (in fact, I prefer they can't track me while "just looking").

And not only do I get a somewhat increased level of privacy, I get massively increased security as well - Someone needs to actually know my passwords, not just sit at my computer, to

Re:

[Beetle B. (516615)]

Use the CookieSafe extension. It'll let you easily:

1. Whitelist sites whose cookies you want to keep.
2. Blacklist cookies from some sites (doubleclick, anyone?).
3. Set most other cookies to be killed after you exit FF.

I know Firefox lets you do that anyway, but the difference is that Cookiesafe lets you do it easily.

FTC, not FCC

[Eric Smith (4379)]

The FCC has little reason to investigate cookies.

Re:FTC, not FCC

[Aladrin (926209)]

That's funny, maybe you should tell them...

http://yro.slashdot.org/article.pl?sid=06/11/15/16 22251 [slashdot.org]

Re:

[gEvil (beta) (945888)]

The FCC has little reason to investigate cookies.

I thought the FDA was responsible for investigating cookies...

Re:

[Flunitrazepam (664690)]

Obviously you didn't see the sesame street where Cookie Monster called Big Bird a "nappy headed ho"

Re:FTC, not FCC

[Fozzyuw (950608)]

Obviously you didn't see the sesame street where Cookie Monster called Big Bird a "nappy headed ho"

The worst part is that they didn't fire Cookie Monster him until the letter Q and the number 4 pulled their sponsorship. Of course, I think he didn't need to go on Bert and Ernie's talk radio program either because they're hypocrites themselves.

What I do in my computer is my business

[140Mandak262Jamuna (970587)]

I delete cookies, permit them, leave them on, it is all my business. I am under no obligation to provide web site operators reliable count of how many uniqie visitors they get. They should stop complaining and develop better ways to count unique visitors. If they cant, it is still not my problem.

Re:What I do in my computer is my business

[catbutt (469582)]

While I mostly agree with your sentiments (I don't think anyone said it was your obligation) --- to be the devil's advocate: if they can't make money and shut down their site, it does become your problem.

Re:

[jandrese (485)]

Sure, since neither cookies nor IP addresses are good ways to count traffic you'll start seeing an increase in sites that don't let you do anything until you register. Frankly, this is already happening. I've searched for plenty of technical questions on google that land me on forums that require you to register to even read the posts. This means you have to give them a valid (well long enough for you to get the confirmation) email address and username/password. The worst part is that a lot of times tho

Sometimes that's for traffic, though.

[Kadin2048 (468275)]

I'm sure there are lots of reasons for doing it, but most bulletin boards that require registration in order to read, at least in my experience, do it in order to limit traffic, not count it. It's a way of keeping costs down, albeit at the expense of making the board less useful as a resource to the general public.

Unfortunately the best board relating to Knoppmyth is like this; it was just too expensive for the maintainer to run openly; the traffic cost too much. By requiring registration to read, it cut do

Re:

[jandrese (485)]

See, I disagree there. This means a lot of the valuable information is locked up in a forum that people may well not find because it doesn't show up very highly in Google. The public may be better served by abandoning the guy on a shoestring budget and posting in forums that get indexed by search engines.

CookieSafe is my current favourite

[KenAndCorey (581410)]

Cookiesafe allows me to keep my permanent cookies to a minimum, yet allow me all the functionality of session cookies. Of course, it does inflate the stats as the article mentions. In my previous job I worked with stats quite a bit (using WebSideStory/Hitbox), and it is such an inexact science that it ranks right up there with Lies and Damn Lies.

https://addons.mozilla.org/en-US/firefox/addon/249 7 [mozilla.org]

Anyone have other suggested software they prefer?

Not a surprise

[Kelson (129150)]

...though it may be to some people.

Anonymous user stats are always going to be an estimate. Cookies aren't reliable, because people clear them. IP addresses aren't reliable, because some are dynamically generated, some are shared, and people move around.

You can only really know how many users you have if (a) they're registered and (b) they visit the site while logged in. (And even then, people could be sharing accounts -- bugmenot, anyone?)

Personally, I don't think this is a problem, as long as you're willing to look at the estimates for what they are and not treat them as if they were precise.

Hmm... how long before someone claims that Firefox's/Opera's/Safari's stats are inflated because they make it easier to wipe cookies than IE?

just plain wrong

[eneville (745111)]

i think this is very wrong. who counts the number of cookies as bandwidth? the bandwidth is measured at the routers, if it's not, then dont read too much into bandwidth estimates as it's nothing more than a wet finger in the air.

Visitors vs. Unique Visitors..anyone?

[madsheep (984404)]

But every time you delete cookies, many of the sites you've visited count you as a new visitor next time.

Yea in like 1999 this was true. Don't most websites that actually care about traffic or try to reasonably measure it go off of UNIQUE VISITORS? I think the most basic of webstats programs for 5+ years now know and show the difference. What exactly is the point of all this? Who realistically tracks their users and bases their counts off of cookies? This is absurd. IP address has been the standard for quite some time now.

Re:

[Todd Knarr (15451)]

Unfortunately IP address doesn't work. NAT can put anywhere from a couple (small home network) to thousands (corporate networks) of individual machines behind a single IP address. The common ISP practice of using dynamic addresses can result in a single machine having anywhere from one address for years at a time to a different address every hour. Most web-statistics companies have abandoned IP addresses as a valid identifier.

Most of them do in fact rely on cookies of one sort or another. Most rely on brow

Re:

[Eivind (15695)]

The practical limit for users doing websurfing is huge. 13 ports per user is much much more than you need, infact 1 port pr user may be more than you need.

A single TCP-connection is identified by a quad: ip and port for the two destinations.

So, you only really need a new source-port for every internal user who visits the same site.

NAT is implemented by maintaining an internal table of what external ips/ports should be mapped to which internal ip/port. An example:

• Internal machine X makes a connecti

Inflate the estimate?

[dctoastman (995251)]

If I go to the site twice, I go twice. If I delete my cache, I have to re-request everything on the page. In any case, I _AM_ causing more traffic.

It would be like saying you don't count as traffic for streets you've previously driven on.

Umm... So?

[pla (258480)]

But every time you delete cookies, many of the sites you've visited count you as a new visitor next time.

I have Firefox clear my cookies on browser close... So I look like a new visitor every time I visit a site.

Perhaps someone would explain to me why I should care about this? The only use I can see for unique visitor counts (other than the trivia value) involves ad revenue - And I aggressively block almost all adverts, so don't care about that, either.

Huh?

[CrazyTalk (662055)]

But every time you delete cookies, many of the sites you've visited count you as a new visitor next time."

Huh? Isn't the entire POINT of cookies pretty much so sites recognize you when you return? Sorry, but this statement wins todays "No Duh" award.

server's fault, not the user

[brunascle (994197)]

it's the server sending the cookies, not the user. in fact, if the user is deleting the cookies then the HTTP request the user sends to the server is using less bandwidth. it's not my fault the server keeps sending me these god damn cookies.

Every time you delete cookies...

[chinard (555270)]

...god kills a kitten!

Re:Every time you delete cookies...

[DreamerFi (78710)]

Approximately 70,000 [icraeastbay.org] dogs and cats are born in the U.S. each day, or 25,567,500 each year. Of these, roughly 54% [petpopulation.org], or 13,806,450, are cats. Since 34.5% [rapidvet.com] of cats don't live to see their first birthday, we can assume that about 4,763,225 kittens die each year in the United States alone. We'll take for granted that God in His divine Wisdom purposely smote each of these kittens.

Let's assume that the idiom is talking only about male masturbation. Let's further assume, highly conservatively, that males do not start masturbating until they reach age 15. Of the total U.S. male population, 107,199,356 [census.gov] would then be masturbation-age males. Again, let's conservatively estimate that teenagers masturbate no more frequently than adults, and that all men masturbate an average of 20 times [wikipedia.org] each month or 240 times per year. This means that each man in the United States masturbates approximately every 1.5 days. It also means that there are approximately 25,727,845,440 male masturbation sessions in the United States each year.

There are nearly 26 billion male masturbation sessions in the U.S., yet there are fewer than five million kitten deaths annually. Far from a one-to-one correlation, there are 5401.5 masturbation sessions for every single kitten death. This means that the average American man can masturbate regularly for 22.5 years before he is responsible for the death of a single kitten. Indeed, with a life expectancy of less than 75 years, the average man will be responsible for only two or three kitten deaths in a lifetime of vigorous masturbation.

That's nothing, think of people use muliple PC's

[Xenna (37238)]

I use a PC at work.
And another one at home, well even two sometimes.
And a smart phone equipped with a browser.

So I inflate web usage statistics with 100 to 300%?

And then there are people sharing the same PC/account deflating the stats...

All of us who host websites know how unreliable statistics are. Nothing new there...

X.

Yeah, we know

[smooth wombat (796938)]

As the article from 2005 that I linked to in a comment from yesterday [slashdot.org], advertisers are going apeshit over people like me who delete cookies and skew their traffic results.

Oh boo hoo, cry me a river. Produce something people want and they'll come back time and again and you won't have to worry about your traffic.

Privacy is an illusion

[bahwi (43111)]

As soon as you log on to a site connected with certain advertisers your brand new not you unique cookie is again linked back to your old account thru backend calls between advertisers and accounts. Yeah, there's a minor % that is wrong because of people using other's computers, but it's better than having people delete cookies being new customers again. Yeah, a lot of random sites you probably will never go to again don't know you from one to the other, but others get who you are from your cookie linked to their advertiser, and as soon as you log in to any of the sites that have the same advertiser, you're linked up again and some sites do it retroactively. Of course, if you want privacy, better than a cookie blocker is actually adblock and the filterset.g updater. Those give you more privacy than deleting your cookies. But yes, it's possible to track you past the cookies.

There's a few fingerprinting companies out there, track you by stuff plugins give away(dates, versions, etc.. anything the plugin will give up). I've even heard of a company using the time offset from your computer from your web browser(which passes the time back in milliseconds since 1970, IIRC) and combined with some other methods it really helps you track people down. Not to mention you can combine all this with your IP address and you're pretty good. But deleting cookies doesn't really help you, it's more of a minor inconvenience to the small companies who don't really care to track you that much, and a tiny hurdle to larger companies who do care and who are already doing it and some that even know you before the cookie. (Don't accept cookies? Check for that, and IP address, flash version, time offset(if it's possible), what plugins are installed via navigator.plugins and you're pretty close to a positive ID. Of course there are many other ways and I don't know any of them. So, delete your cookies if you want, but realize it's not much of a help.

Adblock is, and ultimately those who really want to track you probably can.

Why would I care?

[rbowen (112459)]

I simply don't care, and can't fathom why I should care. It is not, never has been, and never will be my responsibility to ensure the accuracy of statistical reports on sites that I visit. What data is stored on my personal computer is my business, and nobody else's. Is there seriously anybody who thinks that this is actual news? Are there seriously people who are able to get funding for such intuitively obvious research? Where do I get my cut?

Re:150%? Please

[w3woody (44457)]

There are also other ways of tracking people like IP addresses possibly in combination with browser UA string.

Unless you're on a corporate network behind a NAT with a standard-issue OS install with a standardized browser.

Re:

[catbutt (469582)]

Smart software can detect that. At least if they click to another page, or if it brings down images etc.