Achtung! Cookie-Monster!

Ben Edelman’s Cookie research which was sponsored by Vinny Lingham who also commented on it as well, sparked discussions (again) about the anti viruses, now also anti Spyware vendors that delete Affiliate Cookies and thus hurt the Affiliate marketing industry because commissions that should have been due are not.

Wayne Porter picked up on that story and bloged about the issue and also ceased the opportunity to get Linkshare to talk about their Tracking since their claim that they don’t rely on cookies for their commission tracking. Well, that is right and not right, but read the details about that at Wayne’s blog.

The Issue regarding Affiliate Tracking as well as Ad Display Networks Cookies being removed by default by a number of larger software providers started a few years back.

The biggest reason for this issue is the problem that to this day people do not understand web browser cookies, how they work, what they can do and what not. Big Companies and even government agencies did expensive researches 8 years and more ago and proved that there is no threat caused by the activation and use of cookies as believed by the majority of the internet users … yes, to this day.

This is something where we as Marketers affected by this can do something against. Yes, you can. Really.

AchtungCookieMonster.jpgMost People don’t understand that every time they click a link, submit a form, refresh the page, a complete new request is made to the website as if they would hit it for the very first time ever.

The site can’t greet you, hold products in a shopping card for you nor remember any preferences you set without cookies, especially across browser sessions. During a browser session are Session IDs in the URL an alternative which I hate for a lot of reasons, security, usability, seo, web development etc.

Next time you hear somebody bitching about those ugly URLs with those long cryptic parameter that changes every visit and makes you loose everything you didn’t finish if you hit a URL without the ID;educate them and tell them, that this ugly ID is supposed to be in a tiny file called cookie and being managed automatically without all the pain for the user. The cookie is only accessible by the domain that wrote it to prevent theft of “Account/Shopping Cart Hijacking”.

Make it a good point, if the session ID is showing up because he disabled cookies and the merchant went through the extra length to make the site at least work without cookies.

A 1998 Research for the US Department of Energy regarding Cookies on the Internet. There are more studies like that you can reference to.
There has been no proven cases where cookies just by itself were the cause of any severe hack or fraud cases. I preaced that years ago already to our customers when the problems with the software vendors just started to emerge , but users more and more cookies disabled.

Now why Companies like Norton and some others removing or suggesting the removal of Affiliate Cookies, Ad Network Cookies and Cookies from large hosted Analytics and Tracking Service providers?

Counter Questions? Did you ever see Pepsi Cola being available at a Mc Donald’s restaurant? No? Mc Donald’s does not recommend Pepsi, but that does not make Pepsi bad and it should also not be implied that Pepsi is endangering the customer. It does not do that of course. Why this example? The Answer to the Mc Donald’s Question comes pretty close to some parts of the answers to the question about the anti viruses and anti spy ware software providers. I don’t belieeve it to be the most relevant and not focus on it. The real issue is much more important and should get our undivided attention.

Todays Anti-Virus/Anti-Spyware also have to show the customer something for his money. How much they protected the customer. From dozens of attacks every day. It’s a War out there. If you want to rely on something, then you can rely on the fact that you will gather tracking cookies every day you use the internet, unless you block all cookies, but then I don’t think you use the internet much anyway.It is quite annoying to acknowledge 2-3 or more cookie warnings every time a page is loaded or have most websites act “funny” if You simply block all cookies always and automatically.

Okay, you are normal user and accept cookies and use the internet every day. Every night does the Anti Spyware do a “deep” scan of your System to hunt down any threat that even thinks to enter your computer.

In the morning waits a message that everything was scanned and checked. x medium and yy low risk threats were taken care of for you and your Identity, money and life saved ones again.

If the software would only act on the real issues like they uses to do back in the days when the anti virus software only rang the alarm bell 1-2 times per year when a real virus was hitting your machine and cause the loss of data and hard ware and worse.

Then was it time for Spyware, AdWare and Scumware. Perfectly legal did they enter wanted or not the “fortress” users home-computer being greeted by the anti virus software as another legit app running on the machine. The discussions and debates were heated but not much people cared and played the issue down.

Then the first free anti Spyware Tools became available, not from the established Anti Virus Software Providers, no , individual people an small start-up companies. The issue grew and grew, but more and more people noticed the side affects of this “stuff” that are now permanent background tasks eating your computers resources and draining its performance.

In some cases was it even so bad, that the old computer with internet dial up connection and by now 5-6 parallel spy and AdWare programs running that the internet connection was +90% used by that junk rendering the internet virtually unusable. The worries user assumed a virus or damaged hardware, but the latest ant virus software did not find anything and the bill from the repair shop still reminds you that you just wasted some money to learn that everything is “perfectly okay:and nothing broken based on current laws and regulations.

Changes happened as we all now and old and established anti-virus companies had to play catch-up. There was a lot to clean-up. The number of software junk out on the Net was growing big and fat by then. Customers were amazed about the amount of stuff the old version of their anti virus software left behind. Now the computer is clean x-times faster than before and the software in the background does not only look out for harmful viruses but nasty Scumware as well. The issue did not go away, but was reduced considerably.

Getting hit with that junk is becoming more and more rare nowadays, unless you frequent areas of the internet who’s real-world counterparts you should also not frequent too much for very similar reasons.

The great reduction of thread caused the software to return less and less problems found and the user might was asking himself why he pays so much subscription fee for so little risk, that is at least what some of the providers much think to explain the seemingly irrational drive to “Plan Uebererfuellung”. There is always no simple answer for questions like this and it usually has multiple answers that all play some part in it.

Okay, I admit it, Cookies can, but should not be used to store sensible information, at least not unencrypted, because you have to protect the customer from threads that have nothing to to with threat from the internet directly, but from danger that lurks in the real world. This is as clear to software developers as to users that they should never write the username and password on a sticky note and attach it to the monitor or put it in the drawing in reach by hand, right? Nobody does that? Of course not!

Also nobody uses passwords anymore that are very obvious to somebody that does not have to know much about you or worse obvious to a complete stranger, right? Passwords like: password, admin, master, secure, protect or the first name of a family member, especially if you have kids. We got over that issue during the early 1980’s right? Not? What?

So a Site can write and access cookies for/from itself if it needs or wants to and if the user allows that. Since a cookie can be used to store all kinds of data on the users machine in a controlled way, its really up to the site what to put in there and what not. Cookies are not designed and meant for large data storage. That is good. It somewhat limits the amount of stuff on your computer and made a lot of stupid or ugly ideas to use and abuse it never see the light of day.

It is used for tracking though. By the marketing teams of the site you visit or the 3rd party service or agency that is doing this for various advertisers . Your privacy concerns are understandable, justified and should stay where they are. Not complete paranoia of course. In reality are advertisers collecting what is called NON-PII Data (non personal identifiable Information). That data becomes then part of a general statistic where your data are one of many and all anonymous. Like it you participate in a survey via physical mail where you do not provide a return address nor your name when you send back the survey with your answers.

The problem is, that it can be used to collect PII data and this is the part you should be concerned about and monitor. Then make an educated decision for yourself, if things are acceptable for you or not.

Marketers would like to track everything, but there are legal limits that can not be ignored. Why? If you use Amazon.com and bought also stuff there more than once, that you will notice how Amazon tries to make guesses about what you are interested in based on a mix of PII and NON-PII Data. Its a choice to prove the PII Information to them that they can make more relevant recommendations catered to your interests.

Although a nice feature , you have to make to be aware of the fact how they do those things and what type of information they must have stored somewhere to make sometimes very precise recommendations that fit your needs as if they just read your mind. Well, they did, kind of. Display Advertising Companies like ValueClick are also working on enhanced trancking and usage of of Non-PII Data and invest a lot of money in behavioral targeting and things are being improved more and more.

When it comes to ecommerce then it is pretty harmless, but you don’t want those information suddenly make their way to 3rd parties and may be even to people you don’t want to know certain things at all and could potentially harm you, if they find out. I am just saying: Politics, Career …). Also when it comes to go to far with what is tracked by whom, are people watching and act if necessary.

So Turn on your Cookies again and leave them where they are. Turn off the removal of them in your Anti Spyware/Virus Software if you can.and rather read the privacy policy of the merchants you frequent use for stuff and who gathered a lot of information about you to see what they say about how they use that data. Call the Merchant if the privacy policy is missing of if something is not clear. If you don’t like what you see, turn of those things or in the worst case close your account and have the Merchant your data destroyed as soon as legally possible.Sometimes is it okay to be rather safe than sorry later. You might come to wrong conclusions, but hey that happened to me too. We are only humans after all.

When the masses learn this and be educated, the argument of the Software providers that customers expect them to remove them because of the “negative” experiences that had.

C’mon “Kinders” simply use the tools and mechanisms provided for very good reasons for the stuff they are meant for. Don’t abuse them okay? And to the people on the other end,please don’t disable them because of the abuses, they promise not to do it anymore… okay? No? Okay, lets continue to talk about it …;)

About Carsten Cumbrowski

Internet Marketer, Entrepreneur and Blogger. To learn more about me and what I am doing, visit my website and check out the “about” section.

Twitter: ccumbrowski

4 Responses to Achtung! Cookie-Monster!

  1. Jonathan (Trust) says:

    Was ist los? Das ist eine long post 🙂

  2. There are only 4 German words in the whole post, promise 🙂

    Well, old and long running issue. Plenty of things to consider. I recommend to read it though 🙂

  3. Adam Riemer says:

    Nice meeting you at CJU! Good Recap.

  4. Thanks Adam. It was only brief, but we might get to chat a bit more at Affiliate Summit 2007 West.