Cardinal Path’s response to COVID-19 Cardinal Path is sharing all we know to help marketers during COVID-19.  Learn more.

An anti-paranoia rant from virtual human being #200000022a2ac4f6

In last week’s “As the cookie degrades … “ we explained how cookies work (aka Cookies Rules) and identified Good Cookies. Now for the bad cookies …

Bad Cookies

Banner ads on many sites are requested from domains other than the site you are visiting. E.g.: requests ads from, which appear just below the main page content, and from and are 3rd party domains relative to Their responses include requests of your browser to set cookies, called “3rd party cookies”.

Since a browser can only send cookies to the domain that requested they be set, cannot see cookies set by

But here’s the kicker:other sites have pages containing requests for ads from or So or will receive their own cookies that were set on pages from all sites that displayed any of their ads. This allows such ad-serving sites to track which sites a single, anonymous, visitor has visited. Fortunately, this is, of course, limited to its own clients’ sites.

People find it an invasion of privacy, even though it’s anonymous.

If the visitor signs up on one of these ad-serving sites, the data is only sent to the site owner and not to the advertiser. Whether or not the site owner shares its data with the advertiser is subject to the site owner’s privacy policy and integrity and unrelated to cookies or ads., now owned by Google, is one of the most omnipresent ad-serving companies. It’s likely that of all the sites you visit that serve up ads, most will have ads from Doubleclick.

The result is that they have a picture of a visitor’s broad interest spectrum.

Some say this is a good thing. “One of my relatives,” said s/he’d rather have relevant than random ads.

When I visited w3schools, Doubleclick assigned me id 200000022a2ac4f6.

Looking for another easy Doubleclick target, I found Doubleclick continued using my 200000022a2ac4f6 ID. Now Doubleclick knows that the same visitor visited both sites.

Clearly, Doubleclick will misdirect themselves trying to make sense of my surfing behavior. I’m no marketing data miner or predictive analyst, but such data seems useless at the individual level.

Some consider this to be a major invasion of privacy.

Now I’m finally ready to rant.

Bigger Battles

Do we have no bigger battles for our privacy to fight. Being a Web Analyst does not dissolve my respect for our privacy—including for my own. But let’s pick our battles—and this should not be one of them. If our banks, being desperate for cash, resort to Doubleclick ads on our personal banking pages, that’s what I would call a battle.

Like so many other groups, privacy activists are passionate and zealous but lose their credibility and focus when they catastrophize.

On the other side, the “cookie setters” set cookies for ridiculous lengths of time.—10 years!. Google have been known to set cookies expiring in 2038. Are they hoping you will copy your cookies over the next time you replace your computer! This does nothing more than fuel the public’s paranoia.

On the other hand, could that be a strategy to keep the privacy activists going madly off in all directions? Intentional or not, its working.

I expect its more likely to be symptomatic of another problem—marketers’ insatiable desire for data for more than they need. How many times have you been about to make a purchase or subscribe to a newsletter and abandoned the process when faced with a request for information not necessary for the transaction?

Facebook privacy violations—now were talking—but that is a subject all of its own.

Email Address Privacy

Privacy involving our e-mail addresses is something worth fighting about. Even if nobody knows who is, one of the real problems is that s/he can be communicated with and bombarded with emails for goodies from size enhancing replica Rolexes to college degrees. It’s not a problem because s/he may be enticed into buying a big, lousy watch but because one of society’s most important communication systems is being clogged and our time and resources is wasted in either preventing or cleaning up totally unnecessary garbage.

So set your browser to reject 3rd party cookies and move on.

Good Cookies, bad ingredients

There are some analytics tools that allow site owners to track specific, identifiable visitors

However, this is only possible if the visitor has identified him/her-self to the site.

As mentioned last week, Web Analysts do not have the time or the need to pour over mounds of such data.
If you are an individual who is so important to a particular site owner that they will go to the trouble of identifying and tracking you, then you may want to reconsider your surfing habits. Perhaps you will want to visit such sites even more often.

Easy, Worthwhile Action

Instead of worrying about cookies, learn how to use really throw away email addresses. (Doubleclick knows I, #200000022a2ac4f6, went to—now I’m toast!)

Have you considered that when you use contact list sites like Plaxo or “email a friend” links on site, their privacy policies likely don’t oblige them to respect your friends’ and contacts’ privacy. I’ve only skimmed over their lengthy documents to find gaping holes.

Instead of worrying about Doubleclick getting a skewed view of your surfing pattern and serving you relevant ads, use your browsers’ “Send link by email” function off the File menu and complain to your friends when you get an “email a friend” email.

So even more important than worrying about Bad Cookies, let’s keep things in perspective fight the bad cookies out there with focus and credibility.