Spyware heats up the debate over cookies

Internet users now routinely delete cookies, leaving marketers scrambling to find another tool to measure their effectiveness.
The New York Times

The story "Spyware heats up the debate over cookies" published August 15, 2005 at 5:55 AM is no longer available on CNET News.

Content from The New York Times expires after 7 days.

[Norseman]

"We need to have users love their cookies, for the right reasons."

Ummm-let's see. And the "right reason" would be-so the user can
get flooded with a shipload more ads, right? Oh, excuse me. I
have to go delete my cookies now.

[Norseman]

"We need to have users love their cookies, for the right reasons."

Ummm-let's see. And the "right reason" would be-so the user can
get flooded with a shipload more ads, right? Oh, excuse me. I
have to go delete my cookies now.

[ChazzMatt]

help us advertise to you more!

"For example, cookies help a computer limit how many times a user sees annoying ads like a floating, animated message. Last year, though, Ross said, executives at the company debated how effective their frequency limits were, since a growing number of Internet users were deleting cookies and possibly seeing lots of animated ads."

See, there's the problem to begin with. Why even have annoying, animated ads? That's why I use a web browser (Avant, built on IE core) that allows me to block flash ads and other bothersome advertising. AND I delete my cookies. At home, not the ones that remember my newspaper and website logins, but ones that try to track my visits. (My anti-spyware software does it automatically with my final step approval. It never bothers my logins.) At work, however, I manually delete them all because I have no software to help me differentiate and I don't have time to look through the list and decide between good and bad.

I work in an advertising based industry. Commercials pay my salary, if you will. But, if people at home want to skip the TV ads using TiVo, it's THEIR TV and it's their right.

In the same way, it's OUR computers and hard drives. I decide what I want to reside on that hard drive. I paid for that hard drive -- I even installed it myself! I want programs that I've installed -- not spyware or malware. I also don't want "tiny text files" left on my computer by companies who make money by tracking me like I'm some safari rhino they've bagged.

See, there are "tracking cookies" for the express purpose of tracking a user's websurfing history. WHY would I want that on my own computer -- on my hard drive? What good does that do me? (I don't make money off that -- someone else does. Also, some merchant sites actually give bigger discounts to "first time" visitors to make them come back again. I'm a perpetual first time visitor!)

It's just a little ingenuous for some of these companies to tut-tut about us deleting "innocent" cookies when they really salivate over learning our identity so they can "effectively" market to you.

I semi-trust the cookies necessary to log me into sites. All others I don't -- and it's my computer so I can do what I want with it.

[ChazzMatt]

I also specifically block ALL Macromedia Flash animation

I'm sure it's a wonderful product -- but seems like it's the choice of advertisers for those annoying floating ads that race onto your screen. And they make the close button (it it's even there) so small and in such an obscure place, you can't find it before they finish their little routine.

Those ads traumatize me. They take away my control of MY computer. So, I found a flash animation blocker (it's an option on the web browser I use, but I got that web browser just for that one option). Now blocking flash animations may degrade a few innocent websites that depend on Macromedia Flash for sparkle and effects, but I don't care. I am no longer subjected to advertiser harrassment.

[ChazzMatt]

help us advertise to you more!

"For example, cookies help a computer limit how many times a user sees annoying ads like a floating, animated message. Last year, though, Ross said, executives at the company debated how effective their frequency limits were, since a growing number of Internet users were deleting cookies and possibly seeing lots of animated ads."

See, there's the problem to begin with. Why even have annoying, animated ads? That's why I use a web browser (Avant, built on IE core) that allows me to block flash ads and other bothersome advertising. AND I delete my cookies. At home, not the ones that remember my newspaper and website logins, but ones that try to track my visits. (My anti-spyware software does it automatically with my final step approval. It never bothers my logins.) At work, however, I manually delete them all because I have no software to help me differentiate and I don't have time to look through the list and decide between good and bad.

I work in an advertising based industry. Commercials pay my salary, if you will. But, if people at home want to skip the TV ads using TiVo, it's THEIR TV and it's their right.

In the same way, it's OUR computers and hard drives. I decide what I want to reside on that hard drive. I paid for that hard drive -- I even installed it myself! I want programs that I've installed -- not spyware or malware. I also don't want "tiny text files" left on my computer by companies who make money by tracking me like I'm some safari rhino they've bagged.

See, there are "tracking cookies" for the express purpose of tracking a user's websurfing history. WHY would I want that on my own computer -- on my hard drive? What good does that do me? (I don't make money off that -- someone else does. Also, some merchant sites actually give bigger discounts to "first time" visitors to make them come back again. I'm a perpetual first time visitor!)

It's just a little ingenuous for some of these companies to tut-tut about us deleting "innocent" cookies when they really salivate over learning our identity so they can "effectively" market to you.

I semi-trust the cookies necessary to log me into sites. All others I don't -- and it's my computer so I can do what I want with it.

[ChazzMatt]

I also specifically block ALL Macromedia Flash animation

I'm sure it's a wonderful product -- but seems like it's the choice of advertisers for those annoying floating ads that race onto your screen. And they make the close button (it it's even there) so small and in such an obscure place, you can't find it before they finish their little routine.

Those ads traumatize me. They take away my control of MY computer. So, I found a flash animation blocker (it's an option on the web browser I use, but I got that web browser just for that one option). Now blocking flash animations may degrade a few innocent websites that depend on Macromedia Flash for sparkle and effects, but I don't care. I am no longer subjected to advertiser harrassment.

[hutchike]

There's always a price for "free"

If you're going to read free sites like news.com, then you should accept they will want to advertise to you. And by accepting persistent cookies, you are helping to improve the targetting of the ads - so you might even see something you're interested in buying. Surely this is good for the web site (they make more sales) and good for you (because you see what's interesting)?

From the marketing perspective, things aren't nearly as bad as some people suggest. Most people accept and keep third party cookies signed with a P3P signature. But when they resist, giving them 1st party cookies via locally hosted JavaScript is simple. And people are far less likely to delete 1st party cookies because of all the convenience benefits they provide (e.g. rememebered usernames).

Here's hoping the cookie, that classic invention of Netscape Communications almost a decade ago, stays with us for a long time to come.

[201293546946733175101343322673]

Cookie 2.0 Maybe?

Since it has been used for almost ten years, isn't it time to have a major upgrade? I believe those marketers will be very happy to do so :)

[hutchike]

There's always a price for "free"

If you're going to read free sites like news.com, then you should accept they will want to advertise to you. And by accepting persistent cookies, you are helping to improve the targetting of the ads - so you might even see something you're interested in buying. Surely this is good for the web site (they make more sales) and good for you (because you see what's interesting)?

From the marketing perspective, things aren't nearly as bad as some people suggest. Most people accept and keep third party cookies signed with a P3P signature. But when they resist, giving them 1st party cookies via locally hosted JavaScript is simple. And people are far less likely to delete 1st party cookies because of all the convenience benefits they provide (e.g. rememebered usernames).

Here's hoping the cookie, that classic invention of Netscape Communications almost a decade ago, stays with us for a long time to come.

[201293546946733175101343322673]

Cookie 2.0 Maybe?

Since it has been used for almost ten years, isn't it time to have a major upgrade? I believe those marketers will be very happy to do so :)

[Scott W]

what right do they have?

like someone posted earlier, it's our computer. we can do what we want with them. if we are going to delete cookies then we will and there is nothing they can legally do to stop us.

[Scott W]

what right do they have?

like someone posted earlier, it's our computer. we can do what we want with them. if we are going to delete cookies then we will and there is nothing they can legally do to stop us.

[Earl Benser]

Cookies are no problem....

I keep a current set of cookies for sites I like. My browser deletes
all others at the end of the browser session. Saves a lot of trouble
that way.

[201293546946733175101343322673]

Cookies are NOT That Bad

For people who go to amazon.com or some forums often, it is a real pain to delete cookies because that means you have to log on once again. And please, now spywares and trojan horses ARE bad :)

[Earl Benser]

Cookies are no problem....

I keep a current set of cookies for sites I like. My browser deletes
all others at the end of the browser session. Saves a lot of trouble
that way.

[201293546946733175101343322673]

Cookies are NOT That Bad

For people who go to amazon.com or some forums often, it is a real pain to delete cookies because that means you have to log on once again. And please, now spywares and trojan horses ARE bad :)

[powerclam]

disgusting nonsense

"And this erosion of control over a tool for gaining insight into consumer behavior has many of them fretting."

Cookies are NOT that. They were intended for site-customization, not marketing-surveillance.

"We need to have users love their cookies, for the right reasons."

Then STOP USING THEM AS SPIES.
Any site that relies on cookies for basic functionality is fundamentally flawed.

[powerclam]

disgusting nonsense

"And this erosion of control over a tool for gaining insight into consumer behavior has many of them fretting."

Cookies are NOT that. They were intended for site-customization, not marketing-surveillance.

"We need to have users love their cookies, for the right reasons."

Then STOP USING THEM AS SPIES.
Any site that relies on cookies for basic functionality is fundamentally flawed.

only a story bc ie still has 90% market

use firefox...only see animation on sites you have whitelisted. only have popups on sites you have whitelisted. only get cookies on sites you whitelisted. never see ads.

[My-Self]

Ads on the web ? Not with Firefox

I nearly never see them, and when I do, they usually don't last long !

<a class="jive-link-external" href="http://adblock.mozdev.org/" target="_newWindow">http://adblock.mozdev.org/</a>

only a story bc ie still has 90% market

use firefox...only see animation on sites you have whitelisted. only have popups on sites you have whitelisted. only get cookies on sites you whitelisted. never see ads.

[My-Self]

Ads on the web ? Not with Firefox

I nearly never see them, and when I do, they usually don't last long !

<a class="jive-link-external" href="http://adblock.mozdev.org/" target="_newWindow">http://adblock.mozdev.org/</a>

[joespr]

LSO's replacing cookies

Of course, a nice article like this is designed for warm and fuzzy feelings ("I delete my cookies so I must be OK...").
It doesn't tell you the truth: that cookies are being replaced by LSOs (Locally Shared Objects), which are objects created by Flash-type programs placed on your computer when you visit web sites, and behave like cookies. But how do you remove LSOs?
I know how to remove them in Firefox (get the plugin to do that).
Dont know if it can be done in IE.

[joespr]

LSO's replacing cookies

Of course, a nice article like this is designed for warm and fuzzy feelings ("I delete my cookies so I must be OK...").
It doesn't tell you the truth: that cookies are being replaced by LSOs (Locally Shared Objects), which are objects created by Flash-type programs placed on your computer when you visit web sites, and behave like cookies. But how do you remove LSOs?
I know how to remove them in Firefox (get the plugin to do that).
Dont know if it can be done in IE.

[Mendz]

Cookies are NOT for targeted content/ads!

Cookies are useful for sites with no membership especially those which support user-preference settings without necessarily having the user in a database. Cookies then allow the site to get some information about the user assuming the user uses the same computer to visit the site.

So to avoid cookies and support user-preference settings, you'll need a database of users and a web server that supports session data caching. This of course works for sites with membership. And obviously more secured in many ways.

Targeted content/advertising works if you can secure the identity of the user. Otherwise, it's pure guesswork because you can never tell how many's sharing the computer account. So I don't think you can rely on cookies for targeted ads and content delivery.

[Mendz]

Think about TV, radio and other mediums...

I think it is possible to gather statistics without cookies. TV or radio ratings are achieved without having to put any chips and software to the TV set to check and report who's watching or listening. Newspapers and magazines are successful without anything special in the paper to track who's buying or reading them. There must be other safe ways to gather stats over the Internet. Maybe you can use (I am guessing) IP address distribution sampling and area triangulation techniques; pure click and hit based statistics; online surveys or live interactive promos like "Send an SMS text message if you are reading this and get a chance to win a brand new car! Simply text 'AHA Name;Address;Birthday;Gender;FavoriteReporter;FavoriteEditor;FavoriteTalkbacker' to #### now! Promo ends tomorrow 5 minutes after lunch."; etc.

[Mendz]

Cookies are NOT for targeted content/ads!

Cookies are useful for sites with no membership especially those which support user-preference settings without necessarily having the user in a database. Cookies then allow the site to get some information about the user assuming the user uses the same computer to visit the site.

So to avoid cookies and support user-preference settings, you'll need a database of users and a web server that supports session data caching. This of course works for sites with membership. And obviously more secured in many ways.

Targeted content/advertising works if you can secure the identity of the user. Otherwise, it's pure guesswork because you can never tell how many's sharing the computer account. So I don't think you can rely on cookies for targeted ads and content delivery.

[Mendz]

Think about TV, radio and other mediums...

I think it is possible to gather statistics without cookies. TV or radio ratings are achieved without having to put any chips and software to the TV set to check and report who's watching or listening. Newspapers and magazines are successful without anything special in the paper to track who's buying or reading them. There must be other safe ways to gather stats over the Internet. Maybe you can use (I am guessing) IP address distribution sampling and area triangulation techniques; pure click and hit based statistics; online surveys or live interactive promos like "Send an SMS text message if you are reading this and get a chance to win a brand new car! Simply text 'AHA Name;Address;Birthday;Gender;FavoriteReporter;FavoriteEditor;FavoriteTalkbacker' to #### now! Promo ends tomorrow 5 minutes after lunch."; etc.

[My-Self]

Allow a single short cookie per domain ...

placing such a restriction on cookies (one per domain, from the originating website only, less than 5 characters) would allow the persistent customization users want without allowing GUIDs and tracking.

[My-Self]

Allow a single short cookie per domain ...

placing such a restriction on cookies (one per domain, from the originating website only, less than 5 characters) would allow the persistent customization users want without allowing GUIDs and tracking.