September 10th 2009 | Andrew Edwards

Cookies are a foundational part of accurate web analytics. They let us marketers recognize returning visitors and allow us to perform some very useful tasks, such like as user segmentation and path analysis, without which we'd have to consider ourselves rather primitive digital marketers indeed.

Take away cookies on your computer, and suddenly every user is a stranger—a first time visitor with no history. Without cookies, a web analytics measurement product would be less a power tool and more an invalid — unable to recognize patterns, or even familiar faces. It might not be too bold to say that without cookies, web analytics, and web marketing in general, would be dealt a blow serious enough to cripple it for a long, long time — or at least until someone came up with a cookie-substitute (and that is not on the horizon).

Cookies are also foundational to the user experience. We all want to read our favorite on-line newspaper in the morning. But we don't want to have to log in each time (and probably we would not). Anyone who doesn't have to log in every time they go to the sites they've registered at needs to say thanks to those crumbly, round morsels called cookies.

Of course cookies are really not made of oatmeal and sugar. They are small lines of developer code and when you go to certain sites, they are 'given' to you by the site's server. They remain on your computer in a special place reserved for them until you delete them. When you go back to that site, the site's server searches that special 'cookie jar' where all of your cookies are kept, and notices the one they gave you, and — suddenly you are recognized.

Most users take little note of the role cookies play. Nor of the role web analytics plays in optimizing sites. But some people do. And some of these people — I will call them Privacy Zealots — don't like cookies (or web analytics) at all. They think cookies and the marketing efforts associated with them as little short of evil invasions of personal space — less like optimization tools than wasps crawling into the cracks of your house. I have heard them called the equivalent of Wal-Mart putting a billboard in your yard after you went there and bought some cheap shampoo. I believe these types of claims to be blinkered, unrealistic and mostly paranoid.

That said, there has also been a continuing policy debate about privacy, web analytics and cookies, and often enough these items are considered by Ccongress for some type of action. This summer, privacy groups such as Center for Digital Democracy, Electronic Frontier Foundation and others have been lobbying These days it takes the form of legislation designed to either restrict or abolish the use of cookies at federal web sites. If successful, this could have dangerous ripple effects and be used as a wedge to , or attempts to regulate their use altogetherp — and as the thin forefront of the wedge, to potentially drive a stake through the heart of on-line marketing intelligence.

I should make careful note here that I am not against vigilant privacy protection, especially when it comes to sites where one has registered (and provided personal information), and more especially to the government's collection of personal data. I believe in robust privacy protocols that restrict unwarranted sharing and use of personal information. and that there are bad actors out there that may need to be reigned in. Personally I believe the sharing of personal information by credit-score companies as it relates to web analytics is both complex, under-investigated and in most ways deleterious to the end-user. I believe there are many gray areas where companies share data through ad-serving companies that, if the end-user knew all, would make their hair turn — well, gray.

But we need to be careful not to kill the wasp with a predator drone and wipe out the entire house in the effort. Those who argue for a ban on cookies and severe restrictions on analytics in general are arguing for user rights not recognized in the physical real world.

For example: If the Privacy Zealot had his/her way, there would be no tracking of any user usage; no cookies; no visibility into audience behavior via web analytics (I am presuming for the moment they would have no trouble with focus groups, but that is a different story). To claim this is the desirable standard is tantamount to claiming that a shopkeeper has no right to see who is entering the store, nor to take note that they have been there before, nor to notice whether they are buying face cream with diapers on a regular basis, nor whether they just come in, try on all the lipstick, and then leave without making a purchase. To claim this level of privacy is to go beyond privacy. It is to claim the right to invisibility. Invisibility is not a right commonly expected during real-world interactions. It should not be held up as a model for on-line interactions.

Certainly there are some risks to personal information when improperly protected. I have not engaged in a scientific study of this, but I am willing to bet that Fidelity Investments is not trafficking in my personal information in a way that might harm me. The risk to them of doing so is rather large. Most companies put considerable effort (as they should) to make sure their users' privacy is adequately protected.

But the web analytics world should not take for granted its right to place cookies and track usage — for while I believe it has this right, improper attention paid to real concerns can backfire. Inattention to the way on-line relationships are described and managed can give Privacy Zealots plenty of fuel for their fires.

We don't want to burn our tray of cookies. Properly baked into the on-line marketing mix, they have proven awfully helpful to both marketers and end-users (who benefit not just from not having to log-in, but from better designed, more useful sites). In my opinion, cookies need to be part of every on-line measurement experience.

Let's not let anyone pretend cookies are monsters — while acknowledging that there are cases where the protection of personally identifiable information — PII — needs to be more vigilant.

Even in an environment where cookies have significant detractors it is not impossible, I believe, to have our cookies and eat them too.