The Truth Behind Cookies, Pixels, and Privacy Policies

The Truth Behind Cookies, Pixels, and Privacy Policies

Cookies are the most common browser feature, yet most users don’t even know what they are. When was the last time you've read a cookie policy?

Cookies are issued by websites you visit so that they can recognize you when you return. The majority of cookies are completely harmless and websites are using them to improve their functionality. However, there are some things that you need to know about them.

We recently made a big decision at WebLime. To understand the magnitude of a decision like this, I’ll first have to break down some of the marketing capabilities that exist today.

In today's world of marketing, the digital profile is gold.

Anything related to a prospect's traits or actions holds. You see, if we, as marketers, can understand that you've been browsing around for shoes, we can then show you relevant ads.

Overall, this sounds pretty good, right? Sure. The problem surfaces when you think about how exactly we know that you've been browsing for shoes.

That's exactly what I plan to talk about in this article.

An HTTP cookie (also known as a web cookie or cookie) is a small piece of data stored on the user's computer by the web browser.

In their origin, cookies are a reliable tool for websites to remember information.

Simply put, the idea of a cookie allows developers to not have to ask you for a password while browsing a website. Or even better, to allow you to build a virtual shopping cart.

What is a pixel?

A pixel is almost like a cookie, but a bit different at its core.

Unlike the cookie that's a part of your browser's features, the pixel is foreign.

Essentially, a pixel is a snippet of code provided by a 3rd party that you need to install manually on a website.

In laymen's terms, a pixel is a piece of code that runs in the background. It launches every time the website loads and follows along as you browse more internal pages on a given domain.

With the pixel's origin being foreign, this raises a lot of issues. For example, when you browse Nike for shoes, Facebook or Google receives that data.

The fact that data can be captured and stored elsewhere is dangerous, unlike the cookie which stores it in our browser. There are no rules or regulations as to what to do with this data. The code fires and the data is collected and shipped to the 3rd party in charge. (i.e Facebook)

You're probably wondering to what extent can the data be excavated? Well, the answer isn't so simple. It all depends on what the website or app displays and what triggers the pixel to run.

As a website creator, the opportunities that a pixel opens up are endless.

And as you can imagine, the pixel has allowed for immense data exploitation. What was once a marketer's dream, has become our very own privacy nightmare. Data is pulled together, correlated, and orchestrated at a frightening speed.

This space is not a popular one.

I believe this to be due to greed. As with all things, money is the root of evil. And to me, that seems to be the case here as well. What may have started as a good technological advancement has become a digital disaster.

According to w3Techs, more than 10% of all websites use the Facebook Pixel. That doesn't include mobile apps and their vulnerabilities.

After Obama's presidential race, we got the first glimpse of the strength and vulnerabilities the Facebook and Google pixel can have. By 2016, we were served an unprecedented data breach on a silver platter: Facebook–Cambridge Analytica scandal. Whether you believe the facts presented in this case or not, the outcome calls for a bold conviction.

In July 2019, Facebook was to be fined $5 billion by the Federal Trade Commission due to its privacy violations. In October 2019, Facebook agreed to pay a £500,000 fine to the UK Information Commissioner's Office for exposing the data of its users to a "serious risk of harm". And all of that wasn't enough, by May 2018, Cambridge Analytica filed for Chapter 7 bankruptcy.

The vulnerability of our data has presented a new political landscape.

If the previous flags weren't enough, the 2020 presidential race raised a few more. Between Biden and Trump's administrations, over a whopping $150 million was spent amongst Facebook and Twitter's ad systems.

What was once a marketer's dream has become every politician's fantasy.

Data Exploitation

The vulnerability of our data presents a pressing issue.

The most alarming component to this is tangibility. Unlike physical war or a pandemic, data exploitation doesn't present us with anything physical. At least not in its initial form.

The twisted part about all of this is that it happens right in front of our eyes. In most cases, we give the green light for the data collection and exploitation to begin.

It's hard to find a website nowadays that doesn't present a privacy notice of some sort; those delicate notifications that allow us to agree to the exploitation of our data ever so quickly.

To understand the complexity of this issue, here is a list of well-known services which practice the Pixel's clever approach or have created their pixel-like mechanisms to garner data.

MailChimp Marketing Tool

Here's a snapshot of MailChimp bragging about their system's best features. With just a few clicks, you find out your audience's every move when it comes to their behavior towards email.

David Heinemeier Hansson, the founder of Ruby on Rails and Basecamp, talks about this topic a lot. He even went as far as co-founding another service - HEY - solely to provide an alternative to Gmail's dominance. A haven for emails, where no one tracks you or beholds your information loosely.

It's important to note that data exploitation isn't anything new.

For years on out, companies like American Express, Visa, and many banks around the world, have adopted this behavior. The only difference is that it now happens digitally - like never before. And as always, the digital platforms allow for unparalleled scale.

It's hard to fathom the magnitude of the issue at hand. It's no surprise that Google has remained tight-lipped when it comes to metrics of their services.

BuiltWith estimates that 69.5 percent of Quantcast’s Top 10,000 sites (based on traffic) are using Google Analytics and 54.6 percent of the top million websites that it tracks.

According to W3Techs, Google Analytics is being used by 52.9 percent of all websites on the internet.

For the novices, Google Analytics and Facebook's Pixel work hand in hand. We live in an age where the more pixels and analytical tools that can be injected into a site, app, or email the better.

It's the wild wild west and all of our data is up for the taken.

To be clear, systems getting hacked is not what worries me. For the most part, I do believe that this data is nurtured for sales purposes. It's the bad intent that's inevitably embedded in data exploitation that does worry me.

This is all done so that a company like Facebook can present us with the perfect sneakers when we're in the mood for new kicks.

Bill Gates said it well on Kara Swisher's Sway podcast. For context, his remarks were on Trump's administration and their actions around the pandemic.

Gates goes on to say:

"Well, because the U.S. government did a very bad job. And things that are exponential phenomena, just a little bit of incompetence at the beginning drives numbers that make Australia and other countries that did it right, like South Korea — it’s utterly a different situation in the United States."

If we can disregard political opinion, the thought process before the criticism is what struck me. Incompetence behind exponential phenomena is detrimental on a massive scale. And here we are, witnessing America missing the mark.

Unfortunately, as with similar global issues, we the citizens are at the center of the problem. Our data is tossed around from server to server and nobody does anything about it.

Meanwhile, European countries and specifically the European Union, have acknowledged the problem and are working to make the wrong right.

Something smells different

As a single agency, we understand that we're a speck in the universe and don't kid ourselves.

Neglecting any particular tool or service won't amount to much. It'll likely just shift the practice from one direction to another. It happened decades ago with pen and paper at the big banks and it's happening now in a digital form on a global scale.

The biggest issue to all of this is money.

Some of these tools became a standard in the industry. Because they work well - almost like magic. And with that magic comes a heavy-weight price tag, from either direction you measure it.

In America, no policy close to Europe's GDPR survived the political battleground. The closest we've gotten is interrogating our top CEOs publicly on the big screens. And that's not a knock at it at all.

I believe we've managed to shift the public's perspective on this burning matter. Companies and their CEOs are constantly being questioned and tasked to make the wrong right.

The problem is the money is too good when you adopt these tactics. They won't put down this heroin alone unless we force them to.

Apple’s iOS14

In a recent controversial move, Apple has finally decided to put an end to the life of the Pixel. With the release of iOS14 and macOS Big Sur, Apple has not only forbidden the Pixel and other trackers from profiling and misusing our data, it now provides a tool that allows you to view what's happening under the hood. This is done for both websites via Safari and mobile apps via the App store.

Unfortunately, the public is currently reliant on private organizations for data protection. Apple is essentially giving us insight and real examples of why we can't allow for this to hold steady. We can't expect companies to choose between shareholder value and the right decisions. The money will rule them all.

As a digital agency, we face two decisions.

  1. The first option is to continue like nothing is wrong. Apple does not own the web, and if anything, their move is unilateral and can only limit specific browsers and phones. For the time being, agencies can choose to carry on as if nothing is wrong.
  2. The second option is to come forth and accept.

We need to find alternative tools like HEY, DuckDuckGo, or Plausible.

Maybe even consider utilizing marketing systems but not to their fullest potential - because we know some features shouldn't be allowed.

And lastly, give our problem a name so that we can refer to it when history rewinds: Data Exploitation and The Digital Age.