There’s a new type of HTTP cookie that exploits an HTML5 hack. The long and short of it is that the cookie becomes immortal. The cookie is capable of leaping across browsers on your computer. It re-instates itself after a user has deleted it.

It’s not right. And analysts should reject it.

I’ve long been dissatisfied with the concept of ‘unique visitor’, by and large because it’s a highly unstable proxy measure for a person. People go into private browsing during key points in their day, anti-virus programs tend to root out these ‘tracking cookies’ as malware. and owing to an unfortunate three fiddy event in 2000 – people of a certain demography routinely clear their cookies. A commenter on Hacker News appeared to justify the use of these hacked cookies, arguing that you couldn’t assume that people really wanted to delete their cookies.

I disagree. Clearly, the cookie retention curve is decaying because more and more people want to delete them. They may not understand what the cookies actually are. But they still want to delete them – possibly because they don’t understand them.

Some SEO, SEM, and affiliate folks are very excited about these cookies. They are often compensated on 30 to 90 day cookies – where a person exposed to something they did actually buys something further down the line., A leftward shifting cookie retention curve damages their compensation model. They’re clearly incented to use these immortal cookies.

So are web analysts for that matter. The Unique Visitor metric, the closest proxy for the old-world media term ‘REACH’, has been difficult to work with. It’s instability is very difficult to explain, quickly, to an impatient audience. It’s non-additive. It’s very nature, and how it’s complicated by time scale, results in all sorts of additional error. Using immortal cookies would suddenly make the first problem disappear. It could make conversion rates, if they use unique visitors as the denominator, appear to go up.

The power to delete cookies must reside squarely in the hands of the individual. This isn’t only the right thing to do, it also keeps your practice out of the mud, and out of the court room.

Whereas it is my belief that society and individuals have disproportionately benefited from the invention and use of cookies, the right to delete them must reside in the hands of the user. Face it, it’s how you’d want to be treated.

2 thoughts on “The Immortal Cookie. Do Not Want.

  1. dave says:

    Isn’t an immortal cookie in violation of Canada’s privacy laws anyway?

  2. It’s a violation at least of the spirit of what the PCC has written in the past.

Comments are closed.