Privacy vs. Policy: What Does the End of the Cookie Mean?

    by Dorian Benkoil
    February 2, 2015
    A number of panelists at the Industry Preview conference run by AdExchanger touched on the need for protecting consumer privacy.

    The decline of the cookie as the chief method of measuring digital media consumption could have big implications for privacy and tracking.

    As consumers get more of their media from phones and tablets, you’re seeing tech executives, publishers and advertisers creating a “universal unique identifier” that would track people as they move across screens.

    "The industry has a tremendous opportunity to simultaneously lock in principles that protect consumers’ privacy while giving them the ease of use they want from their devices."

    That means the industry has a tremendous opportunity to simultaneously lock in principles that protect consumers’ privacy while giving them the ease of use they want from their devices.


    “The industry is going to have to be very mindful, very considerate, deliberate of what it decides to create” in cross device tracking techniques, eMarketer’s Lauren T. Fisher said in a recent webinar.

    Marketers, especially, are eager for new methods of creating in-depth profiles that include location, usage patterns, preferences, gender and other demographic details to send finely honed ads and offers to any screen.

    Jessica L. Rich, FTC

    FTC Bureau of Consumer Affairs Director Jessica L. Rich


    “Advertisers are looking to connect with the right consumers at the right time, and just in the right context,” Jessica L. Rich, director of the Federal Trade Commission’s Bureau of Consumer Protection, said at the recent Industry Preview conference held by AdExchanger in New York.

    “The FTC recognizes targeted advertising benefits consumers,” Rich said. “But targeted advertising also raises privacy concerns.”

    No Cookie, No Standard

    That tension — between helping commerce while also protecting personal information — is at the crux of the quest to replace the cookie.

    Despite problems and years of complaints, cookies have been the currency for measuring traffic, advertising and other actions across the Web for two decades.

    Privacy proposals and policies have developed along with their use. Bills have been drafted in Congress to limit how cookies collect information.

    Industry organizations like the IAB, Network Advertising Initiative and the Digital Advertising Alliance have drafted best practices, some of which require cookies in order to work.

    A few newer versions of Web browsers have cookie tracking turned off, by default, requiring users to change their settings in order to freely use some websites, see advertisements, store login information, and have their activities tracked — responsibly or not.

    And even when they’re managed correctly, cookies can be blocked, become corrupted, track behavior inaccurately and have other problems.

    Still, they remain the main form of measurement for digital media and commerce, used by 74 percent of media and marketing professionals surveyed by eMarketer last June — more than any other data collection tactic.

    “Even today, the cookie remains the dominant tactic for retaining relevant user information,” Fisher noted in the webinar.

    Though their downfall has been bandied about for years, the chief reason cookies are finally declining in importance is consumers’ habits of reading, watching, listening and interacting across many screens.

    While cookies are generally handled easily via a computer’s browser, many smartphones and tablets don’t allow the snippets of text-based code to be received or held in the same persistent way across sessions.

    Plus, cookies are often irrelevant for apps, which account for 89 percent of smartphone use, according to Nielsen.

    Post Cookie, No Standard Exists

    Without the cookie, there is no agreed standard to measure and track media consumption and device use.

    For the moment, behemoths like Facebook and Google that use logins are offering themselves as the solution.

    When a user logs on to Facebook, for example, she has the same username on any phone, tablet, laptop, TV, game system or whatever, and so is recognized as the same individual whatever screen she’s on.

    Her activity can then be tracked seamlessly and attributed to her. That in turn means she can be sent the right ad at the right time according to what’s known about her and her preferences.

    But it also means she can be tracked in ways she may not like — if she were aware it was happening.

    “It’s far from clear that consumers even know they’re being tracked when they visit sites or use their mobile devices,” Rich said.

    The Hunt for New Rules

    Rich and others at a number of recent conferences have called on tech developers to come up with ways of protecting consumer privacy, and allowing for opt-outs across all platforms at once.

    Because the technology moves more quickly than regulators’ or  lawmakers’ ability to draft rules to match it, she called for “tech neutral” regulations that focus on higher principles, such as ones listed by the FTC, the Commerce Department and the White House.

    She called on the industry to regulate itself, saying the FTC believes in three core principles:

    1. Privacy by design. Build privacy in from the start, when formulating a business model. That, she said, is much less expensive than trying to play catch-up later when a there’s a complaint or data breach.
    2. Transparency for consumers in how data is collected and used, and how privacy policies are described, without “legalese” that can be “virtually incomprehensible.”
    3. Usable choice that’s easy for consumers to understand and exercise. Let consumers know, for example, if they sign up for a discount coupon how their personal information might later be used.

    Meanwhile, the race is on to come up with new forms of tracking.

    Companies are expanding their use of techniques such as device fingerprinting to uniquely identify a broad range of Internet-connected devices and build profiles on the people using them.

    Universal Identifier and Privacy

    In its webinar, eMarketer cited privacy concerns as an inhibitor to adoption of a universal identifier for consumers.

    Hook that information up with credit card data, bank records, frequent shopper cards and maybe even face-recognition cameras, and you build a scary-good profile of anyone who’s reasonably connected.

    With my marketing hat on, I see the promise. As a consumer and a dad, I see the threat. I’ve both enjoyed and been perturbed to see offers on a phone as I walk near a store. I’m not sure if I want my local drugstore to know when my fridge is running low on milk, let alone what medications I’m checking on the Internet.

    “Privacy as we knew it in the past is no longer feasible,” Harvard computer science professor Margo Seltzer was quoted as saying at the recent World Economic Forum in Davos, Switzerland. “How we conventionally think of privacy is dead.”

    Perhaps. But those of us who deal in ways of collecting information that may impinge on privacy need to be mindful, and at least try to respect the people whose lives we touch.

    We must strive to do better — even if we’ll never get it exactly right. As Rich told me at a happy hour after the conference: “The perfect is the enemy of the possible.”

    An award-winning journalist and MBA, Dorian Benkoil (@dbenk) is founder of The MediaThon, a hack-a-thon for media makers, and Teeming Media, a digital media strategy and research consultancy focused on publishers and media tech. He previously developed and executed sales and marketing strategies for PBS MediaShift.

    Tagged: ad tracking cookie blockers cookies privacy universal tracker

    One response to “Privacy vs. Policy: What Does the End of the Cookie Mean?”

    1. Kamil Mahmood says:

      Do you want to ensure your anonymity and privacy? If yes, then disable WebRTC from your Chrome and Firefox browsers.

      Checkout this link on why WebRTC is a problem and how to disable it: http://www.purevpn.com/blog/disable-webrtc-in-chrome-and-firefox-to-protect-anonymity/

  • Who We Are

    MediaShift is the premier destination for insight and analysis at the intersection of media and technology. The MediaShift network includes MediaShift, EducationShift, MetricShift and Idea Lab, as well as workshops and weekend hackathons, email newsletters, a weekly podcast and a series of DigitalEd online trainings.

    About MediaShift »
    Contact us »
    Sponsor MediaShift »
    MediaShift Newsletters »

    Follow us on Social Media