Cookies - Past, Present, and Future
What after Cookies?
I’d give you a cookie but I ate it!
The quote above serves as an adage about the current predicament of Web 2.0 where intrusive cookies are consumed, shared, parsed, and distributed all in the name of better customer experience, and personalized content.
So certainly, we, as Web3 Product folks have a take to share.
How can a cookieless future evolve?
And how can Web3 contribute to this future?
oh, you hated blob of unnecessary bother!
First things first.
Let’s breakdown ‘the’ cookie!!
A cookie is a small text file that the web server (or websites you visit) can save on the user’s hard disk with a certain expiration period. It has information saved in name-value pairs and can be retrieved by the server that wrote it before expiry.
Contrary to some myths, this file is not executable, that is, it cannot do anything of its own, it is just a text file sitting on your hard disk.
What are cookies used for?
Put very bluntly, cookies are used for
personalizing your web experience and
improving website performance (e.g. loading speed).
Without cookies, your user experience of the web could be seriously degraded, or even fail entirely. A basic example is if you have a login with a username and password, without cookies, you would have to log in every time you visit the site. With cookies, the site can keep you logged in as it saves this information on your machine.
How do cookies work?
Let me take a quick detour here and take you through the engineering lane to understand how and when these cookies are set up.
The journey starts when your browser (say Chrome) calls a server (like medium.com) to load some content.
The browser sends a request, and when the server (medium.com) returns the response to this request, it can ask the browser to set or update data in the cookies (store a text file locally).
Now next time, when the server is opened up (medium.com), the browser can send this local data to the server. And this is how cookies can be created, updated, and utilized.
Okay, enough requests and responses now 😵💫, let’s move ahead.
First-Party Cookies vs Third-Party Cookies
Till now, everything seems okay or positive for us as users because we have covered majorly constitutes First Party Cookies, i.e. cookies setup by the website you visit. This is where our detour will help us, remember cookies can be set up by any server that our browser is calling to load content.
Now, if on a website, some content is served up by other sites like say ads, these websites can also set cookies. This is where Third Party Cookies are introduced, cookies written on your disk by sites other than the one you are visiting.
Third-party cookies are where things start getting fishy😶.
Imagine you go to 5 websites — all serving company Xs ads. Each website will call this company’s server to load ads- this is where X can write cookies to your disk about your interaction with all these 5 sites ( for e.g. you spent time looking at a bicycle )
Now when you open the 6th website which also uses Company X, it will retrieve the cookies it saved and curate personalized ad content accordingly (Cool bicycle ads at heavy discounts 🤑).
And voila, you have ads creepily following you around. This is called Cross Site Profiling and is the center of scrutiny cookies receive because this breaches your privacy.
Recent development around Third-Party Cookies
As awareness about third-party cookies increased, consumers started to be mindful of their privacy, and companies were forced to take steps. Most of the browsers introduced permissions to be taken before third-party cookies, while some completely banned their use.
In fact, Google recently announced its complete transition to the cookieless world by 2023-end. Apple made headlines with its latest App Tracking Transparency which will prompt users for permission before tracking.
Venturing into a Cookieless world
Android is expected to follow Apple’s lead and move towards the cookieless world. This will shut down most of the targeting methods which depend on cookies.
But as history goes, where there is a will there is a way, and companies always find new ways to go around and will keep serving personalization to the digital experience.
This cookieless world will probably lead to IP Fingerprinting — where users will be identified using a combination of different parameters like IP address, browser preferences like fonts, color mode, and a myriad of other parameters. Then there are solutions that are working towards server-side tracking for building a rich profile of the users. We will have to see how the world will adapt as cookies disappear slowly but one thing is sure, it is bound to change.
Decentralized Solution as Food for Thought
One such innovative solution stems from the much-talked-about Web3 infrastructure - based on trustless decentralized systems where the community holds the power. It is not tough to draw parallels between the definition and what we need in a cookieless world.
Imagine a system, that can track user activities to reward publishers for their advertisements while not revealing a single thing about the user. Where users will be rewarded for their attention, will be consented to before tracking them and all this time their data will never be shared.
Sounds too good to be true, but concepts like Cryptography and Zero-Knowledge proofs enable web3 to come up with exactly these kinds of solutions. And to top it all, there will be no organization defining what happens when and how - there will be decentralized servers running on pre-defined algorithms taking care of all this.
Cookieless tracking - On-Chain Analytics
The take that web3 brings to the foray is the idea of wallet analytics.
What do we mean by Wallet analytics?
Well, the idea is to create a profile or collate data from the activity of a wallet.
The data that is sourced from a wallet is public and non-intrusive.
In this context, all of the data that needs to be worked on does not require a cookie- since all the relevant data is available on a public trail for on-chain activities.
What does it entail?
That means No intrusion plus
Ability to analyze a Wallet and its interactions with projects, tokens, NFTs, POAPs
An overview of the net worth of the wallet along with the transactions, gas spent value
An ability to assess Social inclination and affinity towards Web3 verticals (using social protocols)
An option to craft Digital identities based on wallet analytics - which is much more precise than conventional lurk-based tracking in web2
Additionally, if you are not interacting with a smart contract, project, token, or protocol - there is no digital footprint you are leaving that can elicit some detail about your digital persona.
This Wallet Data is equally important for communities (led by marketers looking to grow) and Web3 founders (looking to expand their projects).
At Intract, we are working on something similar.
It’s still in the early phases but can potentially change the cookieless tracking for good. But how will such systems work, will they be accepted, and how will Web2 giants react to it, are people really concerned about privacy this much, there are a lot of questions around it, out there to be solved, to be thought upon by folks like you and me.
We hope we were able to settle some questions and curiosities while leaving you with some more to ponder upon. There are a lot of terms and concepts that we touched upon in this article, but delving deeper into them would be much beyond the scope of this blog.
And while blogs have a defined scope, conversations can meander around, and therefore, we’d love to connect and discuss the thoughts you have.
Hit us up, comment, or be a part of our community.
Subscribe to follow our progress, read case studies, and learn about our launches or read away on the bird app, @intractbuzz
Thanks for reading Web3 Growth by Intract! Subscribe for free to receive new posts and support my work.