What the hell are cookies?

You click a headline and much to your annoyance a pop-up unfurls covering and hiding the contents saying – ‘This website uses cookies.’

Yes, we’ve all experienced it. You’re browsing the internet. You see an eye-catching headline. Your appetite is suitably whetted, and you can’t wait to tuck into the meat of the story.

You click on the headline and much to your annoyance a banner unfurls covering and hiding the contents of the story. The banner message reads: “This website uses cookies.”

These days, before you can proceed to access the full story a great many websites require you to accept their non-negotiable “cookies policy” as is. You either click on “I Agree” or get your news elsewhere.

However, most websites give you the option to “choose your own options” to go with the mandatory ones, those cookies which can’t be switched off because they are crucial to the performance of the website. Others give you the option to “Accept All” or “Reject All”.

Why must website cookie policies, akin to immigration officers at a border post poring over travel documents before stamping visitors’ passports, delay or even block a user’s access?

It’s a real test of one’s patience and many find the inconvenience quite annoying they turn around and stomp off in a huff to the next website.

In May 25, 2018 Publishers and Marketers were scrambling around to implement a new update to the 1995 EU Data Protection Directive and applies to all EU member states called GDPR.

So what is GDPR? The General Data Protection Regulation (GDPR) is a privacy regulation in the European Union (EU) that governs how personal data is collected, processed, and stored. It applies to all entities operating within the EU and handling the personal data of EU citizens.

The connection between GDPR and cookies stems from the fact that cookies can collect personal data, such as a user’s IP address, location, and browsing history. As such, GDPR requires that entities obtain informed consent from users before storing cookies on their devices.

In order to comply with GDPR, websites typically display a pop-up or banner that informs users about the use of cookies and seeks their consent. This helps ensure that users are aware of the personal data that is being collected and have the option to control how their data is used.

By linking GDPR and cookies, the regulation aims to give EU citizens more control over their personal data and help protect their privacy online.

What are website cookies?

The only cookies most lay folk care about are those in jars on their kitchen tables! So, what the hell are website cookies?

Cookies are pieces of code embedded in users’ browsers to access personal information about their online interactions. It’s like low-key espionage, if you like. The information accessed via these “planted bugs” is quite wide-ranging, from pages visited, devices used, e-commerce activities (items in your online shopping cart) and by extension the online payment histories, IP addresses, usernames and passwords.

The personal information can also be biographical; name, date of birth, gender, marital status, identity number, etc.

After collection this data is stored and analysed with a view to improving user experience. Armed with insights gleaned from this information, websites and digital marketers use this knowledge to provide personalised or tailored content to targeted audiences.

Why the reluctance to “Agree”?

The reluctance to ‘Agree’ to cookies policies, although some of it is based on an inadequate understanding of what cookies are and what they do is also understandable.

A policy speaking about collecting and storing consumers’ “personal information” invites legitimate questions about the purpose of such an exercise.

The very idea that one’s online interactions can be tracked and the findings stored somewhere can be quite unsettling. Yet that is exactly what cookies do. They are trackers of internet users’ activities and gatherers of personal information for storage somewhere.

The risk that this information may fall into the wrong hands, compromising privacy and security of individuals is therefore real.

One can’t be too vigilant these days, what with all the sophisticated cyber crimes, identity theft and unscrupulous data mining. So, it’s not surprising that many maintain healthy skepticism about what the personal information being accessed will be used for and harbour doubts about whether the data will be used strictly for the stated purpose.

The realisation that website operators may share this personal information with third parties, the so-called ‘partners’, feeds the hesitancy even further.

The declaration by some websites that “we’ll not share your personal information without your consent” does little to allay fears that these are just empty words.

Next thing one is fielding calls from telemarketers and other dodgy callers selling all manner of products.

Yet these website ‘check-in’ formalities – cookie policies – have become very important in the digital publishing and marketing industry. In fact, cookies and ad tags are the lifeblood of the industry.

More accurately, ad revenues sustain online publishing businesses and cookies are a critical component of that ecosystem. They are a vital cog in the strategy to provide clients with digital advertising solutions. Without cookies, well, the cookie crumbles.

As a colleague in the industry said the other day, “Imagine a world without cookies.” It’s a prospect too ghastly to contemplate. It would signal the death of what is already an embattled industry hanging on precariously for dear life. And I say this without any hint of exaggeration.

This is why digital marketing strategists will find moves to discontinue third-party cookies disconcerting. It’s certainly not good news for behavioural advertising and ad retargeting.

Without third-party cookies advertisers can’t track users’ activities or their devices across the many different websites, ergo they can’t deliver targeted content to niche audiences.

Eliminating Cookies

It’s possible that web browsers may eventually stop using cookies, as privacy concerns continue to grow and new technologies emerge to replace them.

In recent years, there has been a growing push to limit the use of cookies and enhance user privacy on the web.

Some browsers, such as Apple’s Safari and Mozilla’s Firefox, have already implemented measures to block or limit the use of third-party cookies by default. Meanwhile, Google has announced plans to phase out support for third-party cookies in its Chrome browser within the next few years which has Publishers and Marketers worried.

The elimination of cookies would have significant implications for the advertising industry, which has relied on cookies for targeted advertising and to track user behaviour for many years.

Advertisers and publishers would need to find alternative ways to deliver relevant advertisements and track user behaviour, such as through the use of browser fingerprints, device fingerprints, or other unique identifiers.

It’s still too early to say exactly how the advertising industry will be impacted by the elimination of cookies, but it’s likely that it will require significant changes to the way that advertisements are delivered and tracked on the web.

Alternative ways to deliver relevant advertisements

There are several alternative methods to tracking users without using cookies, including:

IP Tracking: This involves using the user’s IP address to track their location and device information.
Browser Fingerprinting: This is a method of tracking users by collecting information about the user’s browser, such as the type and version, installed plugins, screen resolution, and fonts.
Local Storage: This involves storing data locally on the user’s device using HTML5 local storage or similar technologies.
URL Parameters: This involves passing information through the URL, such as a unique identifier or tracking code.
Device Fingerprinting: This is a method of tracking users by collecting information about the user’s device, such as the operating system, device model, and hardware specifications.
Registration: A lot of Publishers these days are looking for value added services to hopefully encourage users to part with their valuable information and email address which can be used as an ID.

It’s important to note that while these methods can be used to track users without cookies, they can also raise privacy concerns and be used for malicious purposes. It’s important to use these methods responsibly and to be transparent about how user data is collected and used.

At the end of the day it’s really about risks and rewards. Once they get over fears/paranoia about their personal information being harvested and stored in data silos somewhere, those who opt to tick their preferred cookie options and then click on the ‘Agree’ button may go on to enjoy the benefits of their decision.

Cookies allow data harvesters to build consumer profiles and to gain insight into users’ consumption habits. On the back of this ‘intelligence’ service providers deliver a personalised user experience, be it “just for you” content or featured adverts.

One of my favourite rite websites, Pinterest, does this very well. I constantly get messages with “suggestions based on your boards” just in case I might find them interesting. These suggestions are based on my browsing history and the content I regularly look for on the website. Indeed, I have found these suggestions to be very useful.

If we want the full user experience, then you we will have to give cookies a chance, the inherent risks notwithstanding.