Protecting Cookies from Deletion

[cline]

Kevin Lee's article Crumbling Cookies Threaten SEM and Online Advertising points to a large and growing problem for tracking online advertising where he suggests that the solution is through consumer education supported by trade associations.

There's nothing wrong with that idea, except it's not enough.

The large increase in cookie deletion isn't likely to be caused by users manually deciding to delete their cookies; it's caused by all the anti-malware software packages users have downloaded. This software is telling users that cookies are bad and telling them to delete them.

Example: Ad-Aware
Personal story: Despite repeated lectures on what not to do, our teenager manages to frequently gunk up her computer with malware. It got so bad I had to get Ad-Aware Professional to help keep the computer usable. Ad-Aware treats harmless cookies the same way it does browser hijackers, urging users to quarantine them.

Perhaps the anti-malware industry can be persuaded to change its mind about cookies. Perhaps not.

But maybe the most effective strategy would be for the industry players who need those cookies most, players such as Google, Yahoo, AOL, and MSN, to promote their own, free anti-malware software. Doing so would not only turn the tide on cookie deletion and help protect their advertising revenue streams, it would also a well-received value-added service that would give the first one or two a competitive advantage in gaining market share.

[seomike]

I think browsers should just be given a unique ID that is sent in their headers. Something that is hardcoded and can never be changed or duplicated. That way you don't have to rely on cookies for tracking. Kinda like a browser fingerprint.

Isn't that article the one that's started the heated debate with Jupiter Research???

[Mikkel deMib Svendsen]

For marketing purpose there are other ways to track users but they are far from as easy to implement and manage as cookies.

I agree that using the many trade organisations is not going to help a lot. Maybe a little bit so please go ahead but it won't stope people from using spyware removers and such that delete legitimate cookies.

I think this will soon become a competitive issue: The companies that can show the most reliable tracking will win the best performing affiliates, and will be able to bid the highest CPCs on PPC listings.

Companies left behind, with only cookie tracking to offer, will have to pay affiliates a higher cut (for the users lost in tracking) and the same companies will have a harder time calculating ROI.

I am sure we will soon begin to see more vendors offering alternatives to cookies. With more competition the prices will most loikely drop to a level acceptable for even smaller comapnies. Today, it is just too complicated and expensive for small sites.

[cline]

Mikkel, so what do you think will be the most likely alternative tracking systems?

[Mikkel deMib Svendsen]

Quote:

Mikkel, so what do you think will be the most likely alternative tracking systems?

Profiling - combination of factors that used together can create a unique identification with a very high degree of acuracy if done well

Mikkel, what do you think about about unique URL tracking?

[Mikkel deMib Svendsen]

It depends on what you want to track and what you expect to get out of it. I don't recomend URL tracking on a per user basis as it will create a lot of bad sideeffects

[Marcia]

Another problem is that of cookies being over-written, but that's another issue.

[Mikkel deMib Svendsen]

Quote:

Another problem is that of cookies being over-written, but that's another issue.

I am not sure I know what you are refering to - could you maybe detail it a little bit?

[Phoenix]

Just a guess, but she could be talking about cookies getting over-written by hijackers that replace affiliate codes or tracking codes with their own. This could happen for several different reasons or by different means. Or its possible for cookies getting overwritten by the same user that visits the same site under a different session except under multi-identities or names.

One way I prevent cookie problems, is to make alternative arrangements with the company for alternatives to cookies, such as hosting static forms. Establishing unique 1-800 numbers, dedicated email addresses to track certain parts of the site from various types of traffic. We then use cookies as a back up, just in case we might have missed a user along the way. Basically, I don't rely on cookies to track all programs or sales.

i think we can easily say: PPA programs based on cookies are a fraud...
I'm not speaking here about aother tracking intentions, but when someone says to me: hey, put this ad online on yoursite, I'll pay u 10% of each sale...i want to laugh loud; cookie do not work AT ALL and for different reasons: first of all, the 'net buyers' usually have more than one computer and usally surf in a 'passive way' when at work and in an 'active' one when at home; for example, i work in a search engine and i'me always online, but when i want to buy something online, i do it at home; i 'search' at work (with another pc) and 'buy' at home; so the cookie does not work; and in my office i see every guy doing the same thing: nobody want to extract his cc in the office and start buying there; we want to do with calm at home, ins't it?? That is the first thing; the second one is that of the Jupiter; if u carefylly read the research u can see that 12% delete cookies oin a daily basis; now, do u think deletes cookies who surfs a lot or not? and do u think thebet buyer is a big surfer or a moderate surfer? It's obvious that the ones who delete cookies most frequently are the sames who buy a lot on the internet. i have a solution for tracking effectively the sales; it's very simple; just say: 5% discount if u put this code in your order form; almost 100% of nbuyers will add that code in the form...Its a sort of 'electronic coupon'. But why nor CJ, nor TradeDoubker, nor Zanox want to do it? simply because they want to 'sqeeze' their affiliates and editors, which are (99%) small sites which cannot sell adv theirselves and are 'forced' to accept programs that give traffic for free to big companies which - on the other side - spend ingent budget on the other traditional media...Just another thing: havre u read about Sbap.com. They'be introduced a PPA search engine...The funny thing is that u can see their revenues online (stats are public); so, their medium cpc is simply ridicolous; 1/10 of overture and Google as well.
Cookies does not work
PPA does not work...
or, better: it works only for advertisers...

[Chris Boggs]

we require cookies for registered users of our free SEO tools, and often get frustrated emails from members saying they have to keep logging-in. It would certainly be nice if the "general population" was educated about the differences between "good" and "bad" cookies...consumer education is right-on, IMO.

[cline]

Quote:

Originally Posted by Chris Boggs

It would certainly be nice if the "general population" was educated about the differences between "good" and "bad" cookies...consumer education is right-on, IMO.

That would be a tough task given how little users understand and how much the anti-malware vendors treat cookies as spyware.

[Phoenix]

It's either going to get worse or better in terms of consumer education. Eventually it should get better or an alternative solution will have to be devised. People are largely clueless about this stuff, and deserve a right to be. It's really not worth time for most people.

So how do you proceed to counteract this? Raise consumer awareness via associations or find an alternative way to track? Surprisingly it seems the technology available to track is quite sophisticated and available, but low tech solutions seems to almost work better as they can't be circumvented and are easier to understand for most people.

[Robert_Charlton]

Quote:

Originally Posted by cline

That would be a tough task given how little users understand and how much the anti-malware vendors treat cookies as spyware.

Anti-malware is not the only concern...

In Internet Explorer 6, in the Tools | Internet Options dialogue box, there is a "Delete Cookies..." button.

[Chris Boggs]

Quote:

Originally Posted by Robert_Charlton

Anti-malware is not the only concern...

In Internet Explorer 6, in the Tools | Internet Options dialogue box, there is a "Delete Cookies..." button.

IE does say in its "Help" topic "Understanding Cookies":

Quote:

...Some Web sites store information in a small text file on your computer. This file is called a cookie.

There are several types of cookies, and you can choose whether to allow some, none, or all of them to be saved on your computer. If you do not allow cookies at all, you may not be able to view some Web sites or take advantage of customization features (such as local news and weather, or stock quotes)...

Not to jump to the defense of any MS product , but they seem to have summarized it pretty well. Perhaps this should be made into a song for Saturday morning cartoons!

I do have to disagree, malware is the only problem. IE is just trying to provide a solution.

[projectphp]

The best solution to this issue is to get signups or some user buy in.

If a person signs up, you know their history, irrespective of cookie deletions. Get them to take an action first time to a site, and you can do a lot better IMHO than one can with cookie tracking.

[Chris Boggs]

Quote:

Originally Posted by projectphp

The best solution to this issue is to get signups or some user buy in.

If a person signs up, you know their history, irrespective of cookie deletions. Get them to take an action first time to a site, and you can do a lot better IMHO than one can with cookie tracking.

One problem is that many industries cannot complete a sale on the first try. What you advocate works well for software purchases or ticket sales, perhaps, but in contrast a difficult service sale could take more. The emails or information provided may be false as well, at which point you may have offered value to someone without getting anything in return.

[cline]

Quote:

Originally Posted by Phoenix

So how do you proceed to counteract this? Raise consumer awareness via associations or find an alternative way to track?

IMO it's the anti-spyware software that's the problem. Consumers don't understand cookies and really aren't interested. I bet it's only a few fanatics who are manually deleting them; the bulk of the deletions are done with software. Either these software providers have to be convinced to stop deleting cookies, or consumers need to be provided with software that doesn't delete the cookies. The firms that depend on ad-tracking cookies should be developing, distributing, and promoting heavily software that gets rid of the malware crud but leaves harmless ad-tracking cookies.

[Sapphire]

From what I've seen, both browsers and anti-spyware packages treat cookie deletion as something novice users should do without hesitation. There's no "Are you sure?" type warning, advising them that deleting cookies from preferred sites may cause loss of login info and other hassles.

Perhaps cookie deletion should be treated as an advanced user option, complete with "Are you sure?" popups that contain the sort of info Chris Boggs was pointing out from IE.