Fred Wilson has clearly spent some time thinking about cookies, and consistently comes down in the cookies’ usefulness to users outweighs their drawbacks camp. I don’t disagree, exactly, but nor can I say that I wholeheartedly agree. Couple of things:
1. Browser cookies are the best commonly available approach to handling certain issues of persistent identity on the web, but that doesn’t mean they’re a great approach. Everybody (including Fred, if I’m reading correctly) acknowledges that cookies aren’t an answer by themselves: just to pick the easy example, cookies can be considered broken when your model includes either multiple individuals using a single computer/browser or a single individual using multiple computer/browsers. That doesn’t make cookies bad or useless, but just illustrates that there are limitations on the technology that you must remember if you’re thinking about building out on top of it.
2. Too many of the people trying to rehabilitate cookies’ reputation are idiots. Take, for example, a snip from this NY Times article:
It isn’t necessarily just corporate America that is threatened by the anticookie fervor, Ms. Ross said – the deleters stand to suffer, too. For example, cookies help a computer limit how many times a user sees annoying ads like a floating, animated message. Such “frequency caps,” to use industry parlance, are common among publishers. “So cookies are a really good thing for managing the user’s experience,” she said.
Huh? I, the user, am supposed to feel warm and fuzzy about that? Got some bad news for Ms. Ross…if your ads irritate me you don’t get the opportunity to “manage my experience” by playing with display frequency — Firefox, Adblock, and Flashblock allow me to set my own personal frequency cap to zero, but thanks so much for your concern. As Fred points out, cookies can and do provide some real benefits to users, but “cookies allow ad servers to annoy you just a little less” doesn’t make that list.
3. The really important one: what’s in it for me, damn it? The weakness that I see in Fred’s line of thought — as it applies to the existing implementation of cookies, at least — is that in all but the most specific cases we’re talking about largely hypothetical benefits to the user, when the (real and imagined) drawbacks are already burned into the public mind. If we’re going to get past cookiephobia, we need to see some tangible benefits coming from keeping cookies: the mantra of “stuff will be more personalized” just won’t cut it.
Cookies mean that I don’t have to manually log in every time I post something to del.icio.us? Clear, immediate benefit for me. Good del.icio.us — have a cookie. Fifteen separate advertising.com cookies get me…ummm…what, again? My own intermittent and unscientific testing has proven to my satisfaction that deleting ad network cookies doesn’t have even the slightest negative impact on my Web browsing experience, nor keeping those cookies any positive effect…so why should I allow these cookies in the first place? Those cookies are another example of me giving data to a service, and if I’m going to give someone that data I’d damn well better get something in return.