We are going to dive into COOKIES and no, not the chocolate chip kind! We are talking about internet or web cookies. We know you’re wondering- what are all these cookie consent pop-up boxes for and why have they been under such scrutiny? We’re answering all the cookie cutter questions and more!

Hosted By
Monica Maye Pitts
Monica Maye Pitts Chief Creative Officer

We are going to dive into COOKIES and no, not the chocolate chip kind! We are talking about internet or web cookies. We know you're wondering- what are all these cookie consent pop-up boxes for and why have they been under such scrutiny? We're answering all the cookie cutter questions and more!

Transcription 

Hello, this is Monica Pitts and welcome to Marketing with Purpose. I'm all by myself today. I don't have any of my friends. But I am talking about a really fun and very relevant topic. And that's cookies. And no, I'm not talking about those lovely baked sugary nuggets of goodness, I'm talking about internet or web cookies. You may have noticed a new addition to some of your favorite sites. The little box at the bottom that states, "this site uses cookies," prompting you to accept or decline. And if you don't know about cookies, the box can feel a little scary. You might feel like accepting cookies puts you at risk. Here's the deal. Most modern websites use cookies. They're just not telling you. If a site uses cookies, they are visible through your browser at any time. So they're not really a secret. They're just not obvious to you.

So let's start at the beginning. Like what is a cookie? And no, like I said, we're not talking about baked goods here. We're talking about internet or web cookies. This is the type of message that's given from a web browser to a web server. And it allows websites to store information on your machine. They were actually developed in 1994. Yes, like back in the dark ages, by Netscape to make shopping carts for e-commerce possible.

If you had a bottomless basket of cookies, for example, these will be persistent cookies. And those types stay valid until they reach an expiration date, like asking a site to remember your login information. But there's also session cookies. Now, these go away at the end of the session or visit on a website.

So why do they even exist? I mean, there's three big reasons for cookies. The first one as we started discussing already is creating a more convenient user experience because some cookies bring joy and

this way, they're a lot like their baked namesakes. They make websites better for users. They customize a web page to your preferences, they can adjust the layout or the regional information. They can enable e-commerce and allow you to keep items in your shopping cart even when you leave a site. Using cookies, you can save your login information on a specific computer so you don't have to re-enter it every single time that you visit.

Tracking user behavior using systems like Google Analytics allows the website owner to better understand how people use their website. And using this information they can learn how to improve the website for users to engage the success of their marketing endeavors.

Usually, these are all session cookies so they're not 

 going on forever. They're only active while you're on the site.

Those third party cookies that are generally also persistent, they stick around for a while, and they allow marketers to serve ads on other websites based on your interests. So for example, you could show an ad to people on Facebook because they visited your website. This style of targeting is different based on the ad platform. It's usually called remarketing or retargeting. And it can be a pretty effective way to drive traffic back to your site because you're talking to people who already found you on their own. I mean, it can be annoying, because advertisers can set it up to be extremely persistent and even a little aggressive feeling, but they can also back off and just show it every so often to people as well.

just a little bit.

Now, one thing I have people keep asking me is our cookies safe? And yes, I mean, cookies are pretty safe. They don't run code, they don't deliver viruses. The nature of a cookie isn't to access your personal information. They're limited to one website and one machine. So they're not available for consumption by others. For example, if you add things to your shopping cart on Old Navy, they don't just show up in your Amazon cart because they're separate. And if you log in to Facebook, on your laptop, you're not automatically logged in on your computer at work, right? Or on your mobile device. Again, like just to reiterate, cookies, don't share your personal information with the website. You make that decision. So Facebook knows who you are because you told it when you signed up. And the same goes for like Amazon and the other sites that you use all the time. That information is not stored in a cookie. It's stored in a database attached to the website.

Your login information may be stored in a cookie. But all the other stuff is not, that's in a database. So if they're so safe then like, what's the big deal already? Right? I mean this. So what's funny is this is not the first time cookies have been under scrutiny. And not by just dieticians, when they first came about, like all the browsers use cookies, but they didn't give people the opportunity to disable them. So a debate sprung up in 1996 that resulted in the Internet Engineering Task Force creating requirements for users to opt in to cookies. Now, unfortunately, not everyone followed those specifications, which is exactly why they are still being debated today.

European Union has the General Data Protection Regulation GDPR and E privacy regulation. And then California has their California Consumer Privacy Act, so which is ccpa. And all three of those classify web cookies as unique identifiers considered to be personal information. So while a cookie does not share your actual personal information doesn't share your name doesn't share your address. It does track how you use a website. And that helps marketers and business owners place users and groups and identify common behavior patterns.

While most cookies are only site specific, major ad platforms like double click, Google Search Network, and Facebook audience network have cookies on lots of websites. And because those websites are served, all of their ads are served all over the web on those websites. They can track user behaviors across lots of

sites. And as they combine those user patterns, they can develop very user rich profiles about visitors. So they're getting further and further away from this group of people act like this. And closer and closer to Monica Pitts acts like this. I mean, think about it. I told Facebook, my name, and Facebook then can place ads on other places. And then when I see those ads, Facebook could know that that's me. I don't know if they can, but they could. Right. So people are pretty creeped out about this. And, I mean, it feels kind of creepy to me, and I do it. So I believe this could be like the push like the big thing that is like pulling on these privacy initiatives.

marketers have been doing this forever, right? in one form or another. When you place an ad in a magazine or a newspaper, they're giving you access to their users. They are like selling you their user base, just like these ad platforms are doing to people. And when you buy a mailing list or an email list, I mean, like, where do you think they get that, right?

Now, oh my gosh, if you donate to a nonprofit that uses a call center, like good luck getting off that list, I donated $20 over a year ago and they call me like four times a day now. Like, what? I need to know like, is this a scam? Because if it is, I really need someone to tell me how to make it stop because I've just taken to never answering phone calls that I don't know the numbers for because they are always nonprofit telemarketers asking me for donations. It is wearing me out.

9:59  

So some of these traditional 

10:00  

examples they feel okay. Right? I mean, like placing that ad in that magazine or that newspaper that feels okay. Just like some cookies feel okay. And then others feel disruptive and downright stalkerish. And that's the gray area that we're working in here. Like, do we know the terms of service for all the directory websites that our businesses are listed in? Do we even know what directory websites our businesses are listed in? I mean, there is a lot of them out there. And do we understand what those terms of service really say? Like down in the fine print of what they can do with our information just because they found it and listed it on their websites? We don't. I mean, at least I don't. And I managed hundreds of websites. So I could only imagine, like, how, like scary that could feel to somebody who just manages one website, like how do they expect people to know how will they be holding people accountable for this? Google did

Just recently say that they are going to start, like requiring websites to label use of third-party cookies, those ones that can be used on other sites, on websites, how they're going to hold us accountable how they're going to implement that. I don't I really don't know. I'm interested. I'm interested to know right now. So as a user, like, how do you manage your cookies? Huh, so some websites allow you to choose to opt-out of cookies, right? That's one obvious way to manage it. But it really doesn't solve the whole problem, because not everyone has adopted that type of technology on their sites. I mean, and to be clear, many people are just telling you, this site uses cookies. They're not actually giving you an option to opt-out. It's like it's a mandate. It's not a choice. They're saying we use it not. Is it okay, right? And the only choice you really have in that instance is to just leave the site if you don't want them to use cookies the way that they're using them. So then you have a second option though, you can choose your browser. Now a cookie is a conversation between your browser and a server right? Now you don't have control about where the websites are hosted. So you can't do that. But you can choose your own browser. Now whichever browser you choose, you need to make sure it's up to date because remember those older versions they don't offer the same level of cookie control. Apple, Safari, Mozilla Firefox and Microsoft Edge Yes, Microsoft edge, gag me with the spoon because I am like so scarred from developing websites for the 90s for Internet Explorer, may it rest in peace, that the very idea of using a Microsoft browser just makes me want to crawl underneath my desk and like wither away. Okay, but here's the deal. Apple Safari, Mozilla Firefox, Microsoft Edge all have third party cookie like disabled, right out of the box, right? So if you update to the latest versions of those, they are going to block third party cookies. And Mozilla Firefox says it even blocks Facebook trackers, and it'll let you save like your passwords and its special like service. So you wouldn't have to use cookies to remember passwords. Now. I love Chrome like I'm a chrome worshiper, I'm a Google worshiper. And so this whole thing with Google not being very progressive with privacy makes me very sad. I feel like I'm kind of on the rocks with my relationship, but I'm still going to continue loving them because they're amazing. And so to my eternal dismay, but not really surprised. Chrome is actually the least progressive browser. Now, I would like to preface that or I can't preface it, but I can say now that it does allow you to clear your cookies and not affect single domain cookies. So it'll preserve things like your loggings and your settings, you can choose how often it clears them. And you can also check a box to block third party cookies. It just doesn't happen by default. And as of right now, they announced that they're waiting on other major advertisers in the industry to come to an agreement on how things should change before they make any major changes. So you're either going to have to go in and manually change your browser settings, or you just have to make peace with the spammy ads if you're going to keep worshipping chrome like me. So if you decide to block cookies, right there's some things are going to happen. You're going to lose some of that goodness, the personalization, and convenience that we talked about earlier and on top of that, like some of the stuff on the websites are just not going to work. It just won't work right. It's not going to work the way you think it should. You would, however, stop some of this me feeling ads, which is awesome.

You would also not allow website owners to track your browsing data on their sites and that links breaks my heart because dang it do I love browsing data I mean, to make a pitch for allowing people to do this, it makes such a big difference to be able to understand how people use a website so that you can make good decisions about your marketing. These businesses are investing money and things that they don't even know if they're working or not, because it's really difficult to track and now you tie it to a website and it makes it so much easier. But if I have a website that doesn't have very much traffic, then I mean, that pretty much like wipes out my browsing data, if a third of the people don't actually allow me to track it or maybe half or three quarters. So it kind of hurts my heart a little bit. Things are changing, right. You also, I mean, I have to put this out there when you block cookies, you're limiting the ad revenue that some of these websites do depend on to run their businesses because they get paid with when you click on those ads on their website, and they get paid sometimes just by showing the ads on their websites, but if they don't have the cookies, and they won't be able to do it nearly as efficiently as they do now, and you also close the door for businesses to be able to advertise to you through third-party cookies, like if you wanted to reach out to your customers again, then you would not be able to do that they somebody disabled their third party cookies. 

Alright, so if you have a website, do you need a cookie notification on your site? First off, you're going to need to figure out if your website uses cookies and there are definitely some telltale signs of if your site uses cookies. For example, if you have a WordPress site, which is like 35% of the web, or if your website was like professionally built in the last 10 years is probably on WordPress. And if you're not sure then go out to https://builtwith.com and it will tell you. It'll also tell you if your site uses Google Analytics to track visitor behavior. Those use cookies. If you do remarketing and have Google ads or Facebook tracking pixels installed, or display ads from other, like ad networks on your website, like if you serve ads if you allow people to save their login information, or if you have a shopping cart, or if you allow people to adjust the layout of your pages, like if you allow them to flip from a grid style layout to this style, layout, all of those things require cookies. That means you're probably using them, Huh. If you're still not sure if your site uses cookies, you can run a test. There are online tests. One that I found for free is cookie metrics that I ran my website through and it gives you a report that's pretty easy to follow. If you don't want to run a report, you can actually just go into your browser you open up an incognito window. You turn on developer tools. I had instructions for this in the show notes. So that way you can like follow along. And I also made a video about it so that way you don't have to just like be taking notes right now, you open up developer tools. And basically it tells you what cookies are on your site. It is on your website, it's showing up right there. It's not like I mean, anybody can find it, anybody can see it, you can look at it for any website that's out there. It is public information. If you go to developer tools and look at it. When you're reviewing this information in the domain column, if it's listed as your domain, that's a first-party cookie, if it's not your domain, that's a third-party cookie. And in the expires column that would let you know how long those cookies are in effect before they expire. So, yeah, your website probably uses cookies, right? All right. So now what do you do? Do you need to comply? I mean, if you're receiving traffic from Europe or California, you're supposed to be following their rules. It's not like if you're located there, it's like if you have traffic from there, and believe it or not, I mean, like I'm nestled in the Midwest, in USA, right? I'm in Missouri. And every single website I monitor has traffic from those locations. I don't think I have a single one that doesn't. So don't kid yourself by thinking that because you're located in like Iowa, you're all good,

right? The World Wide Web really is worldwide and people from all over find websites for like the darndest reasons. So pretty much everybody is supposed to be following the rules. Sorry. I mean, you do still have options. You could do nothing, I guess. Not really sure how long that will fly. But for right now, you could do nothing like you know, table it, pick it back up later. You wouldn't comply with anything, but maybe you don't care. And I mean, really, let's be honest with ourselves. We don't really know how long It's going to be before anybody starts penalizing people for not complying. I mean, heck, they could be doing it right now. And we just don't know about it. Or it could be years. I mean, they did start talking about this in 1996. Right. You could disregard all the cookie notifications and just block traffic from Europe and California because maybe you don't care about those folks. Anyway. I mean, like, I care about the Californians, but maybe you don't. Okay, or just an idea. I have to throw this one out there. What if you just actually tell people, but if you just do it, and you explain that you're using cookies in a way that anybody can understand and you're not using technobabble because that's really scary. And you just you know, to people, and you could mean you could post your privacy policy, which you're really supposed to have anyway. And well, it feels like this would cover all your bases, right? Because that's what a lot of people are doing. They're saying, here it is, we're doing this, you would think that would make you compliant but in actuality, it really doesn't. Because the key is that people get to choose if you track their information. So just telling people, hey, we're tracking you if you're on our site, and you agree to let us do it. That doesn't that's not choosing. That's not like you're saying, eat your veggies and you'll get ice cream, use the cookies and you'll get all this great stuff. No, no, you're saying like, eat your veggies or don't eat. And I'm not saying that I don't say that to my children. It's just that like to truly comply with these initiatives, you have to give people a choice. And that's why it's described as opt-in because people have an option, right? So you need to notify visitors of cookie usage, and then post your privacy policy and you want to delay cookie implementation until the visitors opt-in. I'm going to say it again, delay cookie implementation until after visitors opt-in you can't just fire the Cookies, and then be like, Oh, I mean, I guess you can stop them. That I mean, you're not really compliant, are you? That's like this is the true meaning as I have interpreted it. Okay, so then if they choose to use your site after opting out, then they are going to have it like, without cookies flaws, and all right. I feel like one of the things that I keep struggling with right now is like, I know that we should be telling people, but what is the exact right way to do it? And did you get them to let us still track their visitor data? Like, third party? Yep. Okay, I get it. But that first-party stuff is just so important to making marketing decisions that I really want to do it in a way that people will still let me track visitor behavior. So, I mean, there's a lot of ways that you can do it one way is like make sure that on your website, there is a way to opt-out. You might just not let them opt-out in your pop up. But that I don't think that's really compliant, do you? I mean, you're not your cookies are there, right? Until they opt-in. I know, but there No, the cookies are there already, they didn't opt-in. So I just don't see how that can be compliant. But that's what a lot of people are doing. I think that's a gray area like I said, you know, here's how we use cookies, learn more or opt-out by clicking here, you're making them take another step to opt-out. Which, you know, if you make them take another step, they're probably not going to do it.

 And then there's other robust options that I've seen that are pretty amazing that I'm like, wow, this is a great, really robust, like user interface where, you know, the pop up comes up or the notification comes up and it's like, hey, necessary cookies. You could have preferences cookies, statistics cookies and marketing cookies, which one do you want to use and, and letting people check those boxes. And then, you know, clicking allow. I mean, the implementation is up to you, you can tell that I'm torn about how ethical it is, as far as how these notifications should be formatted. But I knew unfortunately, this decision isn't up to me, it's up to you. So I'm just here to give you ideas with which you can, you know, make an educated decision about what's right for you.

So, there are definitely services that you can pay to do some of this stuff for you. Now, if you choose an all in one solution, like a service, right, you'll still need to implement it. You can't just sign up and have it magically appear on your website because your site and that service have to talk to one another and someone has to make that happen. Those services are all things that you are to pay for they're billed monthly or annually and if you just have one site they're actually pretty affordable. If you have like hundreds of websites that don't seem so affordable anymore. That's kind of where I'm at. So I haven't used any of them. There are a couple that I found cookie bot cookie matrix and I Belinda, that seem they showed up over and over again. But I'm a DIY lady, right, unless I can't find another way. And so I also want to talk about the fact that you can do it yourself. WordPress has a number of plugins that you can use to serve these notices and also want cookies and keep till people opt-in. Like I said, there's all kinds of different ways that you can format the opt-in, you can do it when people scroll to a certain spot or when they go to more than one page or if they click accept or you know, and like and I do think that you need to think through these on your own and think, you know, does this actually,  is this giving people a choice, because that's what you're trying to do. The one that we use is cookie notice for GDPR and CCPA by dfactory. I mean it has over a million installs and a five-star rating from over 2000 reviews. And it's a pretty robust plugin. There's others also that you can use and I'll link to those in the show notes. Now if you do a DIY method, do know that I mean you're going to have to be diligent and testing it because you can't just install it and then expect that it's working and that you're somewhat compliant right? You actually have to do it. So there you cookie metrics. Obviously, we talked about that one earlier, they'll run a report for you. And easy I GDPR is another one that I ran a report on that was pretty cool. So and those are free reports. They're free scans. That doesn't necessarily make them the end all be all like if you are in Europe, and you will really do have to comply, you know, this is or you know, maybe you just feel like ethically like pulled to do this thing. So people can have a choice, then you will need to make sure that you are compliant. And that may mean paying for a scan or for someone to, you know, give you the bill of approval. 

All right. Yes. So that is it. That is like all I have about cookies, you got it. So, just to recap, cookies are secure ways for browsers and servers to talk back and forth. They're used to adjust your user experience, track user behaviors and target ads. And like any other baked treat a little bit of cookies super tasty, but too many cookies can make your tummy really hurt. But you don't have to be scared of the cookie notices anymore. I mean, the choices really in your hand quite literally with the click of a mouse you can choose to accept cookies, and go about your business as you always had. Or you can choose to decline them. You can change your browser settings and as a business, you can add the cookie notification and a number of different ways or you can just, you know, choose to go on and wait until somebody tells you Yeah, absolutely, have to do it. Alright, so that's all I have for you today. Thank you so much for your time. I know it's very valuable. So get back to all the things you have to do and grab a plate of chocolate chippers to celebrate.

EPISODE GOODIE BAG

Links Mentioned

© MayeCreate Design 2020 | 573-447-1836 | [email protected] | 700 Cherry St. Suite C, Columbia, MO 65201