Posts tagged ‘Privacy’

If You Give a Mouse a Cookie..

Does this sound like you? You have heard of cookies on computers. You may have heard something about deleting them and preventing websites from putting them on your computer, but when you did that, you found it very difficult, if not impossible, to effectively navigate the web. Then you resigned yourself to being cookied because you didn’t know what else to do. So what are cookies? And why do we have to have them? And how are they relevant for selling online?

What are cookies?

Cookies are simply small text files placed on your computer by a website that you are visiting (or may not be, as we will learn) that store information about you on your own computer so that it can be accessed later. This is how the computer “recognizes” you when you return (or when you visit other sites affiliated in some way with the website you visited). If you delete these cookies, then the website(s) will not know you when you visit again. Since nearly all ecommerce websites these days will place cookies on your computer, how your browser handles cookies will affect your use of these websites.

The Good, the Bad, and the Really Ugly

Cookies were “cooked up over a weekend [by Marc Adreessen and Vint Cerf] … because there was no way to do a shopping cart”.* They learned that if a website could put a small file on the customer’s computer with an ID that would help identify the customer for the entire visit to the site, then shopping would be easier. The cart would remember all the goods placed in it by that customer ID while the customer shopped. While this idea created convenience for customers and eliminated a huge barrier to selling online, it also created a doorway to potential privacy abuse that is still being debated today.

Cookies can be classified in several ways. One such way is to identify cookies as permanent or temporary (session) . Permanent cookies remain on your computer after you leave the website that you were visiting. Whether they remain there a week, a year, or forever, depends on whether or not the website puts an expiration date in the cookie. However, cookies are not required to have an expiration date. When you return to that website at a later date, the website will search for its cookie and learn information from your last visit, such as the date and time of your visit, your IP address, and various browser and computer information (such as the version of your browser, the resolution of the monitor you use, etc.). The cookie may also be used to store user ID and password information, as well as, surfing habits and interests. This information may be matched with the site’s own transaction log of information that it has for you on its server, such as your preferences, clickstreams, search terms, purchase history, etc. In this manner, the website develops a “user profile” for you. How the store uses this information is at the center of the privacy debate today.

Temporary, or session, cookies are deleted when you close your browser. These cookies may or may not require you to log in to a site, but they are necessary to help you navigate page to page. For example, you may desire to add goods to a cart and then continue shopping. Because of the session cookie, the site remembers items that you place in the cart. Or perhaps the site remembers you as you move through pages on forums and other social network sites.

Cookies are also classified as “first party” or “third party”. First party cookies are placed by the websites you visit and convey information only back to them. They cannot be read by other websites. One particularly nice pro is that you do not have to remember login information at many of these sites. For example, I don’t have to “log on” to the Wall Street Journal web site when I use my office computer to access it. It remembers who I am automatically. Cookies, themselves, are simply text files. As such, they cannot collect and relay private information from your computer back to the site. While this is convenient, cookies placed on my computer can store data that can be matched up with my e-mail address, phone number, and possibly my home address (if I enter personal information into a form on that site). As a note of reference, many websites will offer contests, giveaways, contact us pages, registration forms, etc., which allow them to connect your personal information with your online behavior. Then you can be targeted for email, telemarketing, and junk snail mail. While many consider that clever marketing, I would call it a hidden mouse trap. Please note that not all contact us forms and contests have this aggressive marketing intent in mind.

Third party cookies are placed on your computer by an outside website. These are common with advertising sites and affiliate programs. When you visit a site with advertising, the advertising company may also place a cookie on your computer. Then, when you visit another site that displays the advertising company’s ads, it will know more about your interests and display an ad targeted directly at you. E.g. if you visit a photography site one day and then later visit a furniture store, don’t be surprised if you see a banner advertising cameras. It’s not fate or coincidence. It’s marketing! Suppose you visit the website of your favorite movie and then click through an ad to buy the DVD which takes you to Amazon.com. This likely means the website was part of an affiliate program. The website will get a cut of your purchase, and Amazon has found a way to track your interests and purchases based on sites you visit other than its own. Because third party cookies provide the greatest potential to exploit your online behavior, they provide a greater risk to your online privacy and security.

While cookies themselves are harmless text files, it is the websites that read them that provide the problem. The debate centers around what websites do with your private information and how securely they keep it. Congress recently sent letters to 33 companies asking what they do with the information they collect from customers. Most will claim that the information is used to provide a better shopping, search and advertising experience. Yahoo sends the customer targeted ads based what on they believe are the customer’s interests as derived from their online behavior. You can actually “opt out” of receiving targeted ads from Yahoo through their privacy page. (Note it doesn’t mean that they aren’t still collecting information or that they won’t show ads – just that the ads won’t be something that you would more likely be interested in seeing.) Google replied that it prefers to place ads to the consumer based page context information. Thus, the Google ads that you see on this site “should” be based on the context of this article or previous articles. For example, Google believes that you are reading this because you have some interest in Internet privacy. If not, then the ads might have been about golf tours or Elvis Presley albums – which may show up because I mentioned them in this article. Microsoft already allows you to turn off targeted ads.

So what is the economic relevance of cookies? (These lists are not meant to be all inclusive.)

For the consumer, cookies:

-Allow consumers to personalize their online shopping experience by stating their preferences.
-Allow consumers to navigate through a website without multiple logins.
-Allow consumers to mainly see relevant advertising.
-Allow consumers to participate in Web 2.0 activities.

For the online seller, cookies:

-Allow the seller to get to know their consumers and therefore provide a more relevant shopping experience.
-Allow the seller to target consumers who are most likely to want to see their advertising.
-Allow sellers to see what pages of their sites are relevant to consumers and which ones they can eliminate.
-Allow the seller to know the locations of the consumers, the ratio of new and returning visitors, what technology the consumers use, etc. (E.g., I recently increased the width of a web site after learning that better than 80% of the viewers had browsers capable of handling it without a horizontal scroll bar.)
-Allow the seller to fully implement Web 2.0 strategies.

How will these relate to later topics we’ll discuss?

Cookies allow for clickstream tracking which identifies individual tastes, preferences, and online behavior. This allows for targeted margeting and “personalized” pricing – both of which are viewed favorably and unfavorably. Cookies also carry the potential for security and privacy abuse. Despite the potential for unfavorable results, from an economic standpoint cookies increase the efficiency of online sales, search, advertising, and communication whose previous inefficiencies had provided a tremendous barrier to online retail sales, or e-tailing.

*http://cnettv.cnet.com/9742-1_53-50002002.html, Marc Adreessen: Past and Present, Video interview of Marc Adreessen by John Battelle, May 2008

Bibliography and Other Reading:

Energy and Commerce Committee Questions Data Practices of Network Operators, August 1, 2008, http://energycommerce.house.gov/Press_110/110nr337.shtml

Google’s Response to the Energy and Commerce Committee, http://64.233.179.110/blog_resources/google_policy_davidson_letter.pdf

Spyware, adware, and internet cookies. What’s Good and What’s Bad. Privacy and Removal Tips and Help, http://cookiescache.tripod.com.

“Yahoo’s Response to Congress on Targeting May Not be Enough”, Heather Green, Business Week, August 8,2008, http://www.businessweek.com/the_thread/blogspotting/archives/2008/08/congress_turns.html