• by Tom Hespos , March 22, 2005

An axiom of online marketing goes something like this: "If you can't scientifically ascertain a measurement, at least provide ammunition supporting your best guess."

That's what we should be doing about the cookie-blocking and cookie-clearing problems.

It would take visibility into the security settings and application usage preferences of tens of thousands of average, everyday Web surfers to understand fully how cookie blocking and cookie clearing is affecting our measurements and metrics in this industry. This isn't something that can be accomplished easily within a short timeframe. But we don't need such a study to tell us that something is amiss.

We've come to understand that Windows computers generally need some sort of spyware protection in order to continue to operate effectively. Two very popular spyware removal and prevention tools, Ad-Aware and the personal edition of Spybot-Search and Destroy, have been downloaded nearly 170 million times from CNet's Download.com alone. These two popular packages mark ad server cookies as spyware by default and tend to sweep them away with the rest of the detritus found on consumer machines. By itself, this should be an indicator that cookie-clearing is a problem.

Add to that the popularity of software like Mozilla's Firefox, which contains a checkbox to disallow cookies from third-party providers, or e-mail clients like Microsoft Outlook that now block cookies to prevent spammers from receiving tracking pings to let them know a given e-mail was opened. Cookie blocking is all the rage. So how can the technology companies that service our industry continue to tell us with a straight face that cookie-blocking is practiced by so few people as to be negligible when assessing campaign measurements?

The downfall of the cookie isn't just affecting ad serving and tracking. It messes with audience research and Web applications too. How can we trust measures of unique users when many sites use cookies to understand how often people visit their sites? If I clear my cookies three times a month, I'll look like three different people to Web sites I visit during the course of that month.

Our response to cookie clearing should be an immediate, industry-wide acknowledgement of the problem instead of a hiding of one's head in the sand. Jim Meskauskas recently suggested an educational initiative headed up by the organizations of record for the online advertising industry. I think we need more than that.

In addition to negotiating with the providers of anti-spyware software to exclude ad server cookies from the default definitions of spyware, we need to host some healthy debate on the topic and acknowledge the problem industry-wide. I'd like to suggest that on a parallel track, we pursue the development of measurement technologies that are not cookie-dependent.

It is not without a degree of irony that many of these problems have been foisted upon legitimate Internet advertisers by spammers and spyware developers. Their own technologies are less dependent on cookies than ours are. A sneaky spyware app doesn't require cookies to understand how many people took action on an ad message, or how many people were reached by a given campaign. Spammers have other ways of determining whether or not a given e-mail address is valid.

Let's acknowledge the problem and get some action plans in place.