On The Trail

So we’ve established that cookies are important and many people delete them. What should an online marketer do about it? Well, first lets talk a little about kinds of cookies. I’ll try to be non-technical here:

1. First Party Cookies. Cookies can only be “seen” by the site that sets them. First party cookies are set by the site that you see in the address bar of your browser.
2. Third Party Cookies. Often when you visit a site the page will display images that are hosted by a different (aka third party) site. These images can set cookies just like a regular web page and they are known as “Third Party Cookies”. This is the type of cookies set by many ASP style web analytics solutions and banner and affiliate networks. These services are quickly switching to first party cookies, but many still use third party cookies.
3. Persistent and Session Cookies. Persist ant cookies are saved on a client’s machine until the expiration date specified by the site that set the cookie this can be years or decades in the future. Session cookies are erased when you close your browser. First and Third party cookies can be either persist ant or session cookies.

Modern browsers (such as Internet Explorer 6 and Firefox) have settings that can discriminate against various kinds of cookies. Many websites will not work correctly without some sort of cookies enabled, so all but the most paranoid people will accept first party session cookies. First party persist ant cookies can be “demoted” to session cookies by the browser, although the perceived value of having a site remember you when you return may keep most people from doing this. Third party cookies are in the worst shape since the user sees no value in them worth the perceived privacy cost.

So, what to do:

1.
Use a login to identify users if at all possible. Logins have the advantage of identifying a person instead of a computer. So someone who visits your site from home and work will be accurately counted. Unfortunately, logins are not possible for most sites.
2.
Use first party cookies. A higher proportion of people will accept these and they are much less likely to be deleted by spyware or adware programs.
3.
Make your site offer rewards for allowing a cookie. An excellent example of this is Amazon.com. For many people (including me) Amazon’s personalization is an excellent motivation to keep their cookie around. Of course, even though personalization usually gives the visitor a better experience the downside is that it can get expensive.
4.
Nothing. Web Analytics does not produce totally accurate numbers anyway. Trends in these numbers are the really useful and important information. As long as the proportion of users who delete cookies stays relatively constant the trends will probably mirror reality. (Best line at a vendor seminar: A Web Trends Representative after telling us that log file analysis tools like Web Trends are commonly off by 30%: “That’s why we call it Web Trends”)

Some people have proposed using other visitor identification methods like storing information using the Flash plugin or going back to a IP address user agent combination. In my opinion, the former is underhanded and borderline un-ethical, while the latter is much less accurate than using cookies (see the RedEye report). Realistically, a combination of #2 and #4 will be the prescription for most sites. Being aware of the problem, particularly when interpreting deferred conversions and lifetime value numbers is the first step.