Don't Be Afraid Of The Cookie Monster

There's an early episode of "Law & Order: SVU" (this one) in which detective Stabler is explaining to his teenage daughter why he put a parental control package on her computer and read her emails.  It's because, he says pointing to the screen, all those creeps he has to protect her (and society) against, are "coming through there now."

Demonization of the Internet is a popular cultural motif. And I understand why the Web is so scary for so many; it is, as the late senator Ted Stevens famously noted, a "series of tubes."

The Wall Street Journal has recently triggered a lot of hubbub and industry debate about digital privacy with its rather sensationalized, "they're-coming-through-there-now" series, "What They Know."

Randall Rothenberg, president/CEO of the Interactive Advertising Bureau, offered the industry perspective on digital privacy here

The debate, of course, is about cookies and cookie targeting.  And if it's about cookies, then it's an online metrics issue. 

We all know that a good part of the digital advertising spend has shifted in the direction of targeting "audience segments" instead of media vehicle audiences.  In audience targeting, publishers and their agents (and competitors) encode targeting attributes into cookies, then use those attributes to determine the best ad to serve when that cookie is observed (and decoded) on a computer requesting a piece of ad-supported Web content. This determination, and subsequent ad serving, typically occurs in real time (that is, the determination of what ad to serve is made between the user content request and the delivery of that content -- a fraction of a second.)

Personally I have reservations about the efficacy of this as a publisher business model. I understand the need to monetize perishable unsold inventory, but I think such cookie-targeting "real-time buying" tends to commoditize publishers, while at the same time shifting emphasis away from the creative and messaging strategy (which matters way more than the scientists building optimization models realize), and toward simply getting impressions to cookies as efficiently as possible.  I went on about this at some length at OMMA Metrics in San Francisco, which you can see here if so inclined.

But I digress.

Basically, the two sides of the privacy argument go like this.  On the one hand, as you'll glean from the Wall Street Journal's coverage, there is some concern about some unseen and nefarious "Big Brother" corporate entity spying on consumers, learning our secrets, using them against us. (Never mind that no one bats an eyelash about, or ponders the science behind, how all those precision-targeted catalogs and credit card offerings show up in our actual physical mail boxes.)  The other side, as Randy nicely lays out, is that the technologies for sharing information online are in fact the collective engine that drives the Internet, enabling services for millions of consumers, stimulating the economy, creating jobs, and keeping us competitive globally.

Anyway, all this fuss got me curious.  What exactly do "they" know about me? 

Most of the major cookie-targeting players provide links where you can review the attributes they associate with your cookie; you can edit these attributes and, if you like, opt out entirely.  So I decided to visit the preference management pages for some of the major cookie targeters and take a look. 

First I did this from my work computer.

Google tells me they have no interest categories associated with my ad profile so far. (I found myself a little disappointed.)  I told them I was interested in "jazz & blues" and in "rock music," so I'd get some targeted ads about music products and services (which, by the way, I'd like.)

Yahoo tells me my browser doesn't currently qualify for interest-based ads.  They don't know my age or gender, but they know some of my activities.  They have me down as a searcher in the travel vertical, as well as in three travel sub-categories: "Air & Charter," "Europe_Last Minute," and "Vacations."  Indeed I book all my business travel from this computer. They also have me down as visiting pages associated with "Finance" (which is probably what I think of as business, and which I occasionally read about in Yahoo! Finance); and "flickr" (what can I say?  I've got a cute kid.)

Blue Kai has used my IP to locate me in New York state (correct), Northern New Jersey/Long Island (occasionally correct), California (nope), and specifically the San Jose/Sunnyvale/Santa Clara area (Silicon Valley; I must have used the Internet on a business trip.) They tell me I am in "A/B test group 12" and my language is Spanish (not at all, but I do occasionally visit Spanish language sites as part of my job.

Exelate also doesn't know my age or gender. They show over 150 possible targeting characteristics, and I'm checked off for precisely one: "Hispanic." Dios mio!  I corrected that (I am not Hispanic), and added "shopping - Music"; I also checked off "Urban Lifestyle" because I do in fact live in an urban area (Manhattan) and besides, I want to keep it real, yo.

Lotame doesn't know my age or gender either, and has no interests for me.

Now to be fair, one thing you see here is that (special note to my employer) I'm not spending a lot of time surfing or shopping from my work computer, although I am reading business articles and booking travel. This got me to wondering how much detail there would be on my home machine, from which I probably exhibit a broader array of targetable behaviors. So I dashed home at lunchtime to check.

Google had no interests for me on my home machine.

Yahoo had me interested in "miscellaneous news"; 'basketball"; and "football"; and this hierarchal entry: "Technology > Consumer Electronics > Audio > MP3." And under pages and topics I visit, they show "movies." 

You get me, Yahoo!  You really get me.

At Blue Kai, I found that I'd opted out of tracking.  I dutifully opted back in.

Exelate again didn't have my age and gender, but they did have these targeting characteristics ticked off for me: "online music streaming"; "entertainment"; "shopping"; and, the shopping sub-categories "flowers/gifts" and "music."

I inadvertently forgot to check Lotame from my home machine.  Sorry; user error.

I'm not overly zealous about cookie deletion.  At home I delete my cookies once a week; specifically, I delete them Friday afternoon at 5 p,m. (or rather, Trend Micro does.)  At work, I don't think I have any systematic cookie deletion set up.

While I work in the digital space, I'm also a consumer, and I have no trouble separating the two.  As a consumer, I found myself, if anything, a little underwhelmed at the extent of the data "they" had on me; certainly, the truth of the targeting data about me fell far short of what my expectations might have been from reading the articles in the consumer and business press.  I found nothing there remotely troubling, threatening, frightening or intrusive.  In fact, I was motivated to correct errors when I saw them, and to add some targeting categories, because let's face it, if I'm going to see ads, why not exert some control so I see ads for things that might interest me?

I would urge anyone who is interested in online privacy, or in digital tracking, to visit these links for themselves and see exactly what it is we're all talking about.  For me it was quite a reality check. Obviously it is in my professional interest for the Internet advertising marketplace to be robust, and I concede that this may color my perspective.  But as a consumer I cannot avoid the conclusion that this whole privacy fuss is much ado about practically nothing.  I appreciate the diligence and vigilance of the privacy watchdogs. But Randy Rothenberg has it exactly right.  Online tracking is, like most database marketing, a benign force that helps enhance the lives of consumers and facilitates commerce, which we capitalists tend to believe is a good thing.

I can't help thinking that there is an inherent fear and paranoia about the Internet that is out of alignment with reality.  Offline direct marketing makes greater use of person-level or household-level data than online marketing does, but consumers don't seem to notice, mind, or care.  Hopefully, as generations of consumers come of age having "grown up digital," we can look at issues like online privacy through an informed, tech-savvy, 21st century lens.

Recommend (121) Print RSS
5 comments about "Don't Be Afraid Of The Cookie Monster ".
  1. James Sandoval from Invizua , August 31, 2010 at 10:39 a.m.

    Right on Josh.

    Sadly, in my humble view, it should be businesses, advertisers and their agencies clamouring for a better way to measure via cookie technology; but they don't know where to start.

    Instead, they pile on one hack after the other. Instead of looking at the foundational construct and role(s) of cookie technology, they choose to create more of the same e.g. container tags stuffed with more tags that distribute more [browser-based] data i.e. cookies, cookie IDs, cookie-based audience segmentations, all of which are locked to domains that are completely disconnected from the enterprises they're designed to serve. Locked. Disconnected. Forever.

    And where is this taking us? Deeper into a privacy-centric quagmire.

    Instead, advertisers, their agencies and publishers, too, should look more closely at, and create new solutions that address, data ownsership, control and security.

    It's only when marketers (who claim to value their customer relationships), marketing services orgs (who claim to value their client relationships and their businesses) and publishers (who claim to value their audiences), start doing something about the data they create (mostly by-products of rented technologies, but of potentially enormous value) that the incursions into privacy-sensitive areas of consumers' and lawmakers' lives, which the industry has blindly and arrogantly pushed itself into, I believe, begins to self-correct.

    Oh, and maybe, just maybe, data suppliers and similar, like those listed above, will actually be a little more accurate as well.

    One more comments:

    Re: this statment: "Offline direct marketing makes greater use of person-level or household-level data than online marketing does, but consumers don't seem to notice, mind, or care".

    The difference with digital marketing? The uses of data, personal or otherwise, for offline direct marketing is pretty much invisible. On the flip side, it doesn't take much for [some] consumers, the vocal ones, to see how digital marketing/media [cookie] data is at play while they visit their favourite video, news or horoscope web sites.

    The savage reality regarding privacy in the online world is that, increasingly, there isn’t any. All we can hope for is less or more accurate information about ourselves, our behaviours, our consumer-to-business and other relationships depending on which side of the fence you sit. Yesterday’s Wall Street Journal piece, “Ten Fallacies About Web Privacy” offers up some healthy, relevant portions of food for thought.

  2. Paula Lynn from Who Else Unlimited , August 31, 2010 at 10:40 a.m.

    Give it another 10 years.

  3. Mike John-baptiste from Peerset , September 1, 2010 at 1:31 a.m.

    Josh,
    Your experience is similar to mine when I have checked out preference managers from these services.

    For me the bigger reveal or perhaps the wonder is where is the targeting really happening. There is already a multi-billion industry that Yahoo claims to have a big piece of (BT) and yet they don't know much about you or me or if they do they can't properly say it is so.

    The other reveal is that even if they(publisher sites, data services) know a few things about your behavior, what poor assumptions are making based on what they think they know and what do they target us with the rest of the time.

    A lot left to be desired.

  4. Nikolai Rochnik from Rocket Fuel Inc (USA) , September 2, 2010 at 12:24 p.m.

    Commenting on the side point you made - "shifting emphasis away from the creative and messaging strategy (which matters way more than the scientists building optimization models realize)". Those scientists are well aware of how impactful creative is on performance. We joke that if were allowed to add an image of a cute cat or a dog to any creative, we could increase CTR 3x. But creatives development and campaign optimization are done by different parties (the former by agencies, the latter by ad networks, publishers, DSPs, etc), at very different times, we see no competition for emphasis there.

  5. Joshua Chasin from comScore , September 7, 2010 at 11:18 a.m.

    This column actually hit while i was on vacation...

    James: thanks for the comments. Good points.

    I tend to think "privacy" is a false, or at least temporal, construct tied to the industrial age. Harnkening back to Alvin Toffler (Future Shock author) and his book Third Wave, Toffler argued that civilized man has had three general ages-- agrarian, industrial, and information. In the information age we revert back to many constructs of the agrarian age. In a tribe of village, there is no such thing as privacy. Everyone knows everything about everyone else. We now live in a global village, and we probably need to get used to a digital but more tribal construct of privacy. Or else, live off the grid.