Kevin Lee's article Crumbling Cookies Threaten SEM and Online Advertising (http://www.clickz.com/experts/search/strat/article.php/3492581) points to a large and growing problem for tracking online advertising where he suggests that the solution is through consumer education supported by trade associations.

There's nothing wrong with that idea, except it's not enough.

The large increase in cookie deletion isn't likely to be caused by users manually deciding to delete their cookies; it's caused by all the anti-malware software packages users have downloaded. This software is telling users that cookies are bad and telling them to delete them.

Example: Ad-Aware (http://www.lavasoftusa.com/software/adaware/)
Personal story: Despite repeated lectures on what not to do, our teenager manages to frequently gunk up her computer with malware. It got so bad I had to get Ad-Aware Professional to help keep the computer usable. Ad-Aware treats harmless cookies the same way it does browser hijackers, urging users to quarantine them.

Perhaps the anti-malware industry can be persuaded to change its mind about cookies. Perhaps not.

But maybe the most effective strategy would be for the industry players who need those cookies most, players such as Google, Yahoo, AOL, and MSN, to promote their own, free anti-malware software. Doing so would not only turn the tide on cookie deletion and help protect their advertising revenue streams, it would also a well-received value-added service that would give the first one or two a competitive advantage in gaining market share.

I think browsers should just be given a unique ID that is sent in their headers. Something that is hardcoded and can never be changed or duplicated. That way you don't have to rely on cookies for tracking. Kinda like a browser fingerprint.

Isn't that article the one that's started the heated debate with Jupiter Research???

For marketing purpose there are other ways to track users but they are far from as easy to implement and manage as cookies.

I agree that using the many trade organisations is not going to help a lot. Maybe a little bit so please go ahead but it won't stope people from using spyware removers and such that delete legitimate cookies.

I think this will soon become a competitive issue: The companies that can show the most reliable tracking will win the best performing affiliates, and will be able to bid the highest CPCs on PPC listings.

Companies left behind, with only cookie tracking to offer, will have to pay affiliates a higher cut (for the users lost in tracking) and the same companies will have a harder time calculating ROI.

I am sure we will soon begin to see more vendors offering alternatives to cookies. With more competition the prices will most loikely drop to a level acceptable for even smaller comapnies. Today, it is just too complicated and expensive for small sites.

Mikkel, so what do you think will be the most likely alternative tracking systems?

Mikkel, so what do you think will be the most likely alternative tracking systems?

Profiling - combination of factors that used together can create a unique identification with a very high degree of acuracy if done well

Mikkel, what do you think about about unique URL tracking?

It depends on what you want to track and what you expect to get out of it. I don't recomend URL tracking on a per user basis as it will create a lot of bad sideeffects

Another problem is that of cookies being over-written, but that's another issue.

Another problem is that of cookies being over-written, but that's another issue.

I am not sure I know what you are refering to - could you maybe detail it a little bit? :)

Just a guess, but she could be talking about cookies getting over-written by hijackers that replace affiliate codes or tracking codes with their own. This could happen for several different reasons or by different means. Or its possible for cookies getting overwritten by the same user that visits the same site under a different session except under multi-identities or names.

One way I prevent cookie problems, is to make alternative arrangements with the company for alternatives to cookies, such as hosting static forms. Establishing unique 1-800 numbers, dedicated email addresses to track certain parts of the site from various types of traffic. We then use cookies as a back up, just in case we might have missed a user along the way. Basically, I don't rely on cookies to track all programs or sales.

i think we can easily say: PPA programs based on cookies are a fraud...
I'm not speaking here about aother tracking intentions, but when someone says to me: hey, put this ad online on yoursite, I'll pay u 10% of each sale...i want to laugh loud; cookie do not work AT ALL and for different reasons: first of all, the 'net buyers' usually have more than one computer and usally surf in a 'passive way' when at work and in an 'active' one when at home; for example, i work in a search engine and i'me always online, but when i want to buy something online, i do it at home; i 'search' at work (with another pc) and 'buy' at home; so the cookie does not work; and in my office i see every guy doing the same thing: nobody want to extract his cc in the office and start buying there; we want to do with calm at home, ins't it?? That is the first thing; the second one is that of the Jupiter; if u carefylly read the research u can see that 12% delete cookies oin a daily basis; now, do u think deletes cookies who surfs a lot or not? and do u think thebet buyer is a big surfer or a moderate surfer? It's obvious that the ones who delete cookies most frequently are the sames who buy a lot on the internet. i have a solution for tracking effectively the sales; it's very simple; just say: 5% discount if u put this code in your order form; almost 100% of nbuyers will add that code in the form...Its a sort of 'electronic coupon'. But why nor CJ, nor TradeDoubker, nor Zanox want to do it? simply because they want to 'sqeeze' their affiliates and editors, which are (99%) small sites which cannot sell adv theirselves and are 'forced' to accept programs that give traffic for free to big companies which - on the other side - spend ingent budget on the other traditional media...Just another thing: havre u read about Sbap.com. They'be introduced a PPA search engine...The funny thing is that u can see their revenues online (stats are public); so, their medium cpc is simply ridicolous; 1/10 of overture and Google as well.
Cookies does not work
PPA does not work...
or, better: it works only for advertisers...

we require cookies for registered users of our free SEO tools, and often get frustrated emails from members saying they have to keep logging-in. It would certainly be nice if the "general population" was educated about the differences between "good" and "bad" cookies...consumer education is right-on, IMO.

It would certainly be nice if the "general population" was educated about the differences between "good" and "bad" cookies...consumer education is right-on, IMO.

That would be a tough task given how little users understand and how much the anti-malware vendors treat cookies as spyware.

It's either going to get worse or better in terms of consumer education. Eventually it should get better or an alternative solution will have to be devised. People are largely clueless about this stuff, and deserve a right to be. It's really not worth time for most people.

So how do you proceed to counteract this? Raise consumer awareness via associations or find an alternative way to track? Surprisingly it seems the technology available to track is quite sophisticated and available, but low tech solutions seems to almost work better as they can't be circumvented and are easier to understand for most people.

That would be a tough task given how little users understand and how much the anti-malware vendors treat cookies as spyware.

Anti-malware is not the only concern...

In Internet Explorer 6, in the Tools | Internet Options dialogue box, there is a "Delete Cookies..." button.

Anti-malware is not the only concern...

In Internet Explorer 6, in the Tools | Internet Options dialogue box, there is a "Delete Cookies..." button.

IE does say in its "Help" topic "Understanding Cookies":

...Some Web sites store information in a small text file on your computer. This file is called a cookie.

There are several types of cookies, and you can choose whether to allow some, none, or all of them to be saved on your computer. If you do not allow cookies at all, you may not be able to view some Web sites or take advantage of customization features (such as local news and weather, or stock quotes)...

Not to jump to the defense of any MS product :p, but they seem to have summarized it pretty well. Perhaps this should be made into a song for Saturday morning cartoons!

I do have to disagree, malware is the only problem. IE is just trying to provide a solution.

The best solution to this issue is to get signups or some user buy in.

If a person signs up, you know their history, irrespective of cookie deletions. Get them to take an action first time to a site, and you can do a lot better IMHO than one can with cookie tracking.

The best solution to this issue is to get signups or some user buy in.

If a person signs up, you know their history, irrespective of cookie deletions. Get them to take an action first time to a site, and you can do a lot better IMHO than one can with cookie tracking.

One problem is that many industries cannot complete a sale on the first try. What you advocate works well for software purchases or ticket sales, perhaps, but in contrast a difficult service sale could take more. The emails or information provided may be false as well, at which point you may have offered value to someone without getting anything in return.

So how do you proceed to counteract this? Raise consumer awareness via associations or find an alternative way to track?

IMO it's the anti-spyware software that's the problem. Consumers don't understand cookies and really aren't interested. I bet it's only a few fanatics who are manually deleting them; the bulk of the deletions are done with software. Either these software providers have to be convinced to stop deleting cookies, or consumers need to be provided with software that doesn't delete the cookies. The firms that depend on ad-tracking cookies should be developing, distributing, and promoting heavily software that gets rid of the malware crud but leaves harmless ad-tracking cookies.

From what I've seen, both browsers and anti-spyware packages treat cookie deletion as something novice users should do without hesitation. There's no "Are you sure?" type warning, advising them that deleting cookies from preferred sites may cause loss of login info and other hassles.

Perhaps cookie deletion should be treated as an advanced user option, complete with "Are you sure?" popups that contain the sort of info Chris Boggs was pointing out from IE.

I've been doing some tests with the SEMs that use cookies. I'm going to write about the full results soon, but so far:

Yahoo/Pest Patrol: Ignores cookies from Performics, Did-it, Digital Grit, KWR and iCrossing. Points out doubleclick cookies and affiliate network cookies.
Spybot: Ignores cookies from Performics, Did-it, Digital Grit, KeyWordRanking and iCrossing. Points out doubleclick cookies and affiliate network cookies.
Adaware: Surprisingly ignored most tracking cookies too--But didn't like the Overture cookie!

Public perception doesn't seem to great. Look at who is bidding on atdmt, avenue a, doubleclick, etc...

But it does seem like the major three anti-Spyware programs aren't that malicious to us. Haven't checked out Microsoft if anyone wants to contribute...

Blame Google for the perception that cookies are evil.

Google is dishonest. They claim that the cookie is required to set user preferences. The cookie is not required to do this; only a well-crafted bookmark is needed to set preferences.

If a cookie is used to set preferences, it sure doesn't need a globally-unique ID in it. It doesn't need any ID at all.

And it sure doesn't need to expire in 2038, and this same cookie doesn't have to be served up across all of Google's various services.

Microsoft Explorer instituted cookie control as a result of the cookie wars waged by privacy advocates in 1999-2000. That was also when President Clinton issued an order forbidding all federal websites from using persistent cookies altogether. This order still stands.

Since then, the privacy advocates have lost ground because of the changing political climate. But Google's reckless and dishonest use of cookies has helped us recover some of the ground we lost.

I think the ecommerce sector is largely to blame for the bad reputation of cookies. You've over-used them, and now all browsers offer cookie control, something that was not available in 1999-2000.

Too bad for you.

Adaware: Surprisingly ignored most tracking cookies too

Was that the standard or the professional version of Ad-Aware you tested? My experience is that the professional version is more paranoid than the standard version.

Was that the standard or the professional version of Ad-Aware you tested? My experience is that the professional version is more paranoid than the standard version.
I used the standard. Do you have the pro version to test with?

Perhaps cookie deletion should be treated as an advanced user option, complete with "Are you sure?" popups that contain the sort of info Chris Boggs was pointing out from IE.

This is where various organizations like SMA-NA might be able to help in lobbying the various software vendors.

Microsoft, eg, is involved in web marketing too, but the browser division may not know what the tracking people are doing.

Clickz article today: Frenzy Begins Over Cookie Alternative (http://www.clickz.com/news/article.php/3494101) . Macromedia Flash has a functionality that can do what cookies do -- and more.

Here is what I have now, after some more testing on 3 PCs (Work, Home and Laptop). I used Yahoo! Pest Patrol, Adaware (pro and regular gave me the same results, but pro is much faster) and Spybot.

http://www.did-it.com/chart.jpg
HTML Chart (http://www.payperclickanalyst.com/elifeldblum/archives/2005/03/thats_the_way_t.html)

Bottom line is this: Kevin wants to know how to save the cookie. I have another answer: Go after these anti-spyware programs. Many don't diffrentiate between actual spyware and tracking cookies.

What needs to happen for the at-risk agencies is for them to actively court the anti-spyware programs and convince them that they are not placing malicious cookies. These programs also have a huge influence over people's behavior when it comes to safety (If cookies didn't seem so evil, users wouldn't clear as often)

Kevin says to woo the people. You have to woo the leaders too.

P.S. I am so spyware-free!

Feldbum, thanks for the research...does the "yes" indicate "ignores cookies?"

Feldbum, thanks for the research...does the "yes" indicate "ignores cookies?"
Sorry,
Yes: Consider Cookie an "Item"
No: Ignores Cookie
N/A: No Cookie placed