Net Marketers Worried as Cookies Lose Effectiveness

Saint Aardvark writes "The Globe and Mail reports that Internet marketers are worried about the decreasing persistence of cookies. Almost 40% of surfers delete them on a monthly basis, says Jupiter Research -- a fact one marketers attributes to incorrect associations with spyware and privacy invasion. United Virtualities' Flash-based tracking system is mentioned as a possible substitute...though they don't mention the Firefox plugin that removes them, or talk in any meaningful way about why people might want cookies gone. Still, the article is a good overview of life from the marketer's perspective."

Maybe now...

[Miros]

Maybe now marketing companies will try to discover new ways of generating usage statistics beyond catching, tagging, releasing, and tracking innocent internet users via cookies. This could be an excellent opportunity for innovation in the space resulting in better privacy and better statistics.

Hmmm

[DarthVeda]

Seems like there was some lobbying effort once upon a time to make them the company's property. Obviously it did not get anywhere. Or maybe I'm dreaming, but I could swear I remember something along these lines in the past...

Re:The other side of things.

[Compholio]

Knowing that "John Smith" visited our site 3 times a week isn't really any more insightful that knowing that "User #5233258" visited us 3 times a week.

Then why isn't user 123.456.789.012 good enough?

Re:The other side of things.

[afidel]

If you really ARE looking at agregate statistics then how does deleting the cookie really impact your analysis, other than slightly inflating your unique visitors numbers? I would think that things like best path through the site could be determined from session cookies, no need for them to be sustained. If you want to track return purchasers just associate their account with a cookie and if they return to purchase again just reassign them their original GUID or combine the GUIDs into one trackable metric. I don't think tracking me makes you evil, and in fact if I actually use a sites resources like customizable pages I am unlikely to remove their cookies. I personally only block cookies from cross site marketers that are trying to obtain some kind of privacy invading profile of me and my habits.

Re:The other side of things.

[mikes.song]

The problem is when this info is used to generate a price.

So you don't know that John visited, but you do know that "User #5233258" visited three times and looked at the same item each time. He must be interested. Lets use that info to charge "User #5233258" 15% more on his fourth visit.

Oops, he didn't buy. Lets correlate that data and sale it to the government.

Oops, looks like the hackers already broke in, correlated the data, and sold it on ICR.

Re:The other side of things.

[Saven Marek]

Yes. Simply put, my sense of privacy says that I do not wish to be tracked, in any way shape or form.

Your presumption that it is OK to do so and that because you want to make your site better you somehow have the right to presume that is arrogant and misled. I'm an anonymous visitor and I wish to remain anonymous. I do not want you recording any information on my IP, me, my browser, cookies, where else I've been on your site and how long I was there. I do not want to be given a customer number or an entry in a database. I do not want you to keep any record of where I go, whatever label you might put me under.

Disobeying my wishes is disrespecting your customers, and you wouldn't have a returning customer in me.

Re:Cookies are good

[Rosco P. Coltrane]

People can complain all they want, but cookies are necessary to make surfing experiences less problematic.

Oh yeah? I have my Mozilla configured to ask me, if a site wants to install a cookie, whether I want to let it or not. Usually, I just click DENY more or less automatically. Once in a while though, I do that and a realize the site doesn't work without cookies so I go and explicitely re-enable cookies for it.

How often does that happen? I'd say about 10 times this year, no more. And I can tell you, I click on the DENY button about 50 times per day, because just about every website owner and his dog wants to set cookies.

So, "cookies are necessary" my hiney. I don't buy that...

Fun with Cookies

[RagingChipmunk]

Every once in awhile I like to toy with the cookies. I'll edit their content - flip some bytes, add lots of corrupt text, delete sections. Occasionally, I'll flip all the cookies to "Read Only". Its fun to see a site occasionally puke from bogus cookie data.

Re:The other side of things.

[Anonymous Coward]

Because user 123.456.789.012 might be 1000 computers behind NAT.

Re:Dynamic IP's.

[Compholio]

How many visitors are on an old dial up connection or connecting via proxy? I.P. numbers simply aren't a reliable way of providing usage statistics.

Well, then get the marketers to push for IPv6 - which has absolutely no support for dynamic addresses. Plus, with a delete-age of almost 40% I imagine that using your IP is just as effective as a cookie.

Be Very Scared of IPv6

[Nom du Keyboard]

If you think this is bad, then you should plan on being very scared of IPv6 since that will have the ability to give every device a permanent non-NATted IP address that will uniquely identify you. No need for cookies on your machine. Just a central site where everyone in the sharing of information pool can go to see what user 111.111.111.111.111.111.111.111.111.111.111.111.11 1.111.111.111 has done recently, and what we should serve him up next.

And depending on how they're assigned, they may well know your actual address as well, just from the number.

Re:Tinfoil hat security...

[periol]

And this is paranoia on crack... it assumes that people will ALWAYS do the wrong thing and will ALWAYS try and screw you about, and that customer profiling NEVER results in a better service.

I fail to understand why people like you refer to corporations as people. I will trust any single individual more than I will ever trust any corporation. Corporations exist to extract as much money from me as possible. That's it.

I think it is a safe assumption that corporations will *always* end up doing some things wrong, and will *always* end up making a decision at some point that compromises what is best for me (or the world in general) in order to make a profit.

It's not the people in the corporation. I would probably get along with most of them if we ever met. I also realize that corporations are a necessary evil, because many of the products I currently enjoy could only be manufactured by large corporations. That doesn't mean the corporations in any way care about me.

They only care about my money.

I'm not being paranoid, I'm just being realistic.

No benefit to consumers, then no cookies

[Vellmont]

Should web marketers really be surprised that constantly tagging people and most of the time and giving them no benefit at all makes them nervous? What if you had your hand stamped with invisible ink every time you went into a store, and received nothing for it? How many people would want to allow that?

The thing is that these marketers want something for nothing. I enable the "ask for each cookie" option in mozilla, and generally click "allow for session" on 99% of most sites because they offer me NOTHING in return for tagging me. On sites like Amazon.com I can add things to my wish list without logging in, or on slashdot I can login without typing in passwords. Tvguide.com will show me my local listings, cool. I've gotten a benefit from the site knowing who I am, so I'm much more likely to allow them to know that.

Most sites that hand out cookies give you nothing for identifying you. Why should I give them somthing they want for nothing? I certainly don't trust the average marketer to not do skeevy things like targeted pricing (looks like I visit bmw.com a lot.. I must be rich. Raise my prices by 10%).

Cookie Monsters

[Doc Ruby]

A client/server system without persistent client state is unuseably crippled. Cookies are a simple way to get that. If users are flushing them once a month, but need not, they must be balancing the convenience of persistence with their perceived "privacy". If just the marketers are complaining, I don't care. When the engineers complain that no persistent client state is crippling our apps, then I care.

Marketers could stop complaining, and fund better UIs that decrease the false perception that cookies are bad. Their stealth makes them sinister, and their unmanageability makes people throw out the benign majority with the tiny malign minority. But only a generation of marketdroids could taint the deep-seated pleasant associations with "cookies" into fear of deadly poison. If they rechanelled their complaints into better UIs, they'd be "engineers", not marketdroids. So they're doomed. If only they were as doomed as the cookies they mourn.

Re:Why not?

[NickFortune]

I mean, I completly understand your love of privacy, and I believe that it is your right to keep that information to yourself if you want to. Excellent. That is all I ask.

If they know their customers a little better, they can improve their business, just as any salesman who recognized a regular customer would.

To the benefit of whom? I feel no incentive to assist in this process.

But if you feel better always being a stranger then I dont see any problem with that. A stranger to whom? To doubleclick.net? Yes please! And let us not forget the resale value of aggregated marketing data. I think I'd like to remain a stranger to a lot of people online.

But not everyone. I don't post as an AC for example. I think I can manage my own privacy thank you.

But ultimatly, most users would probably enjoy the massive improvments in customer expierience that could be achieved using this information.

"could" being the significant term. I have no confidence that this information would be utilised to improve my life. What they going to do? Give me targetted ads? Adverts that more closely match my interests? Only an adman thinks of that as a benefit.

And I've yet to hear mention of any other

Re:Fun with Cookies

[KillShill]

sounds like a perfect idea for a firefox extension.

maybe some smart "cookie" can code one up in an afternoon...

Re:Why not?

[NickFortune]

First party cookies are useful to both you and the places you frequent. Confusing them with 3rd party tracking cookies just means you'll pay more than other customers, take longer to find what you want, and miss out on deals.

Worse still, you'll grow a second head, become really unpopular with girls, and inevitable become sucked into a life of violent crime, culminating in an death row jail cell.

Seriously, your argument could just as easily work the other way. "This one bought some expensive stuff off us last week - add 30% to all the prices. He can afford it. This one buys from us every week - no point in wasting discounts on him - save it for the ones we haven't hooked yet".

It may be unreasonable, but I'd like to be charged the same price as everyone else, please.

Re:Flash tracking? like hell

[rainmayun]

I suspect that amongst the non-technical sheeple, some may have figured out enough to know that Flash = annoying advertising, but probably very few know enough about how their computer operates to figure out that it's slowing the CPU down, or even how to monitor CPU usage, or distinguish CPU slowdown from disk cache slowdown from net lags from normal operation of the computer. And of those few, if they're using IE, they probably have no idea how to disable it.

Sad to say, Flash as a technology is pretty cool, but the way it gets used in practice is pretty depressing, most of the time. I've worked on some cool Flash apps in my day, but those days are pretty much behind me.

Re:Yes, yes it does.

[Kazoo the Clown]

Marketeers often forget that the user actually has some say in the process as well. Just as services like Paypal allow you to mask your credit data from a vendor, eventually anonymous buying services will provide the ability to mask your identity completely. Imagine a service, say, BuyMaster.com, combined with a new AnonyShip service from UPS or FedEx where you can purchase through them and all the vendor site knows about the purchase is it was placed through BuyMaster and then must turn the product over to FedEx with only an ID number. Only BuyMaster knows who bought it and only FedEx knows where it's being sent. The vendor is completely disconnected from his market data-- the majority of purchases being placed by a single entity from his perspective. Now providing you can trust buymaster and the shipper this sounds like a valuable service-- at the very least the customer limits the propagation of his data. The customer could at his option, enable the ability to reveal certain aspects of his demographic in order to improve services, such as age, gender, interests, etc., but completely at the customer's discretion.

Marketeers have to get over characterizing customers as consumers. There's a difference. Really, what does it say about a company that views their buyers in that way? Do they provide a customer-friendly service, or are they simply tossing their products into a brightly painted swill bucket and opening the gate to the hog pen? If companies can't remember the adage, the customer is always right, they may lose all contact with their consumers.

Re:The other side of things.

[neiras]

I think you make some really interesting points. From one aspect, you are tracking users by depositing information on their computer. While you claim this information could not be used to identify them elsewhere, it's certainly a concern with less careful web developers at the cookie helm.

Cookies cannot be accessed by sites that did not put them there in the first place. The carefulness of web developers has nothing to do with anything.

Advertising companies that embed ads in the web pages you surf can read values from a cookie that they set, and they can do this on any page that embeds their ads. It's the same thing as hitting the advertising company's web site whenever you see an ad - of course they can set and read that cookie, and all they're storing is an id number and some frequency cap values (if you block cookies, it might be assumed you haven't seen a popup - so you see more popups!)

As a web developer, I know that cookies are a good solution to the problem of maintaining state in a stateless medium. It's too bad that they've garnered so much attention as a tool of unscrupulous advertisers - it's hard to write a decent web application without them. The paranoia surrounding cookies is largely unfounded.

There *are* other methods of tracking session IDs, though, and the smart advertising companies are using them.

Re:Oh, I forgot one...

[Anonymous Coward]

Now they're abusing DVDs by putting unskippable ads on those. It remains to be seen what the backlash from that one will be, but probably either people will stop buying them

I bought Shrek 2 on DVD.

Honestly, if another DVD comes out from DreamWorks that I really want then I'll probably buy it.

But I know absolutely for certain that I'll never buy or go to see Madagascar. The experience of being forced to sit through their advert in order to watch the DVD I PAID FOR has left me with a deep and lasting loathing for that movie which I mght otherwise have liked (since I liked other DreamWorks movies). Furthermore, if I ever meet the guy who does that intro I swear I'll kill him.

Spyware and Image Cookies

[yintercept]

I use cookies for session management and tracking usage in a site.

Spyware abuse generally occurs when a big company (doubleclick, valueclick, etc) want to track your usage between sites. The spyware fears generally arise with third party cookies.

These cookies generally come attached to images. For example the image ad on top of this slashdot page might access cookies that get used to build a profile of my slashdot usage.

Preventing spyware is a matter of blocking third party cookies.

Personally, I can't see any real reason why images (the IMG tag) should be allowed to set cookies.

When the main page sets a cookie, it is almost always to provide service to the end user. When an image sets a cookie, it is almost always so marketers can build profiles. My ideal browser would not allow third party cookies nor would it allow cookies to be set by img tags.

Built in session tracking

[squoozer]

I have often wondered why there isn't a push for browsers to support real grown up session tracking that is properly user configurable. Session tracking is something that has to be done so frequently I'm amazed someone has come up with a better solution.

At it's simplest session tracking could be implimented as a cookie that contains a fragment of XML (or maybe just formatted text if you're alergic to XML) which gives various pieces of information identifying the site.

To ensure that it's all above board make sure that the session identifier is digitally signed. By default the browser would be set to accept session requests (as happens now) but could query a repository of "abusers" and block certain sessions (much like email black lists only more effective because it's digitially signed).

Since this system only does one little thing it should be easy to implement and you could probably turn off other cookies.

Anyway just thought you might like to kick that idea about a bit and see how it fits.

Consumers have only themselves to blame

[Anonymous Coward]

The pattern is that people spend (a lot of) money on products sold through phone calls, TV commercials, pop-ups, Flash, cookies, spam, etc.
Marketers wouldn't spend money on those things if they didn't bring in enough sales to make them worthwhile.

Re:Tracking customer behavior

[Migraineman]

Like it or not, the cashier represents the store during the sale. During my experience at the store, I probably have the most "face time" with the cashier, and checking out ends up being the part of the sale that tends to stick in my mind. I want it to be pleasant and hassle free.

Asking for personal information will get you a polite but terse "no." I have no intention of justifying my response to you or anyone else. Pressing the matter restults in me getting annoyed. Pressing *again* puts you in risk of losing the sale, and yes, I'm going to tell the manager why. I recognize that the cashier doesn't set the store policy. I don't think I've ever yelled at a cashier for that very reason. However, unless the store management hears about the cheesed customers and the lost sales, the store policy won't change.

I vote with my wallet and my feet. Yelling and screaming just gets you written-off as a whackjob. Telling the manager why you're taking your business elsewhere, and then doing so, punishes the crummy vendor and rewards the competitor who doesn't have the crappy policy.

Re:Tracking customer behavior

[jayloden]

I vote with my wallet and my feet. Yelling and screaming just gets you written-off as a whackjob. Telling the manager why you're taking your business elsewhere, and then doing so, punishes the crummy vendor and rewards the competitor who doesn't have the crappy policy.

Unfortunately, that has the same problem as I was discussing in my original post - the store manager doesn't care either, in most cases. The store manager in a major chain gets paid a few dollars more an hour than the cashier, has a lot more rules and some more resonsibilities, maybe even a set of 'manager keys'.

What he STILL doesn't have, is a stake in the business. If you leave and go elsewhere to make a purchase, so what? Yeah, it loses the store money, but as a store/shift/dept manager, he'll still get paid, and the odds are extremely slim that it will affect him in any meaningful way.

I'm not saying it's totally pointless, but don't kid yourself into thinking you're putting the hurt on the store and they're going to feel bad about it.

Re:3rd party cookies

[JetTredmont]

Well, the browser seems to be smart enough for that. I don't get third-party cookies showing up (and I also don't see third-party images on iframe-based ads either).