Anti-Spyware Companies Promote Cookie Deletion

Search for terms like “Coremetrics,” “WebSideStory,” “DoubleClick,” “ValueClick” or “Atlas DMT” on Google, and some of the most prominent paid results seem to cast aspersions on these well-known interactive marketing brand names.

You’ll see ad text like “Coremetrics Removal Tool,” “Kill Now” and “Websidestory Removal.” These ads — promoting anti-spyware tools like NoAdware, XoftSpy, and PC Orion — urge users to buy and download software that remove these companies’ cookies from their computers.

Such campaigns — many of them run by the anti-spyware companies’ affiliates — may provide some explanation for the findings of a recent JupiterResearch study, which reported that 40 percent of online consumers delete cookies from their primary computers as often as once a month.

“Anti-spyware companies are unfairly preying on analyzing vendors,” said Eric Peterson, the lead analyst of the JupiterResearch report. “To target companies like Coremetrics or WebSideStory in that way, I think is unfair targeting. It implies it is spyware, which it is not.”

The blurring of the lines between cookies and spyware by such anti-spyware marketing campaigns also poses serious problems for ad measurability, said Dave Morgan, chief executive of behavioral marketing technology firm Tacoda Systems.

“Measurability is one of the things that makes the Internet special,” Morgan said. “This paranoia-driven cookie deletion is threatening the measurability of advertising that is paying the bills for most of the content on the Internet.”

Part of the problem, Morgan said, is that the online advertising industry has done a poor job of communicating the value of cookies to the general public. “Most of what people know about [cookies] comes from these anti-adware companies,” he said. “Shame on us.”

Marketing technology firms targeted by these ad campaigns feel there’s little they can do about the problem. Simply contacting some of the lower tier anti-spyware companies is a challenge. Few post telephone numbers on their sites; most refuse phone interviews solicited over email; and they respond infrequently, if at all, when companies like Coremetrics attempt to contact them.

“There hasn’t been any way to contact them to take us off their lists,” confirmed John Squire, VP of product management at Coremetrics.

While Coremetrics acknowledges the problem cookie deletion poses, specifically for Web analytics companies reliant on third-party cookies, its measurements for the scale of the phenomena are much lower than those cited in the JupiterResearch report. According to Coremetrics’ internal data, approximately 15 percent of users remove third-party cookies from their computers. Less than one percent remove first-party cookies, Squire said.

Whatever the actual figure, companies actively advertising cookie-removal as an essential anti-spyware solution need to own up to their role in creating public confusion, Peterson said.

“Anti-spyware companies need to reassess their approach to cookies,” Peterson said. “Cookies in almost all instances are not a privacy threat. They merely allow marketers to be better marketers.”

Michael, a spokesperson for NoAdware who did not disclose his last name, declined to be interviewed over the phone for this article, but submitted the following statement in response to questions submitted over email: “We certainly do not believe we are contributing to any confusion in the industry about the difference between adware/spyware and cookies. While most adware and spyware removers on the Internet label cookies as ‘dangerous’ items, we clearly label all cookies as ‘non-critical’ when identified by our software. Furthermore, we use a general description to describe all cookies that our software detects, and in no way represent these cookies to pose a ‘serious’ threat to the user. An analysis of our software will clearly show all of the above to be correct.”

Yet, an analysis of NoAdware’s free trial software found that all tracking cookies detected by the program — including ones from PointRoll, BlueStreak, and DoubleClick — are identified as “infected files” by a prompt that invites users to “clean” them from their systems by purchasing the company’s product.

Related reading