It doesn't speak well that the first item of their FAQ is patently false.
> Q. What is Mozilla doing that is causing concern?
> A. On February 25, 2013, Mozilla announced intentions to block all third-party cookies by default in upcoming releases of its Firefox browser. Only first-party cookies would be allowed.
No, they are not blocking all third-party cookies by default. They are blocking all third-party cookies from non-visited sites. google.com can track, doubleclick.net likely can't.
There is an interesting discussion to be had about tracking, cookie policy, defaults, etc., but making false representations about what is actually being proposed is not a good way to have that discussion.
That FAQ is full of misinformation and poor writing. The second point ("What is a cookie?") includes:
"To personalize your web browsing experience and to make the Internet work operationally,"
Make it work 'operationally' as opposed to ...? Anyway, as we all know, cookies aren't a requirement for the Web to work, let alone the Internet.
"websites you visit"
Correction: some websites ...
"place (or allow their approved partners to place)"
No mention that 'approved partner' is utterly meaningless
"a small harmless file, called a "cookie", in your browser."
Congratulations - apart from the slightly strange use of the word 'in', this is correct
"Cookies contain numbers and letters that identify your web browser, but not you personally."
Just utterly wrong
It does not contain your name, address phone, email or other information that can personally identify you."
Well, 'it' could, of course, so another meaningless statement
"Companies use cookies to learn more about user interests through users’ web browsing activities and to remember the preferences you set on their sites, such as the language you like to read, the last items you purchased, and the resolution at which you likes (sic) to watch videos."
"you likes" - seriously? Is this organisation just a kid in his bedroom?
"For example, a cookie can tell a website that you’re a repeat visitor, and then can let the site fill in your username for you."
As, of course, can your browser.
The fact that these people obviously have very little understanding of the issues they're talking about just convinces me we need responsible organisations like Mozilla to help prevent them from exposing us to privacy and security risks.
An interesting side effect of this third-party cookie policy is that the online advertising industry will probably consolidate to the big name players like Google, Facebook, and Yahoo that have popular destination websites. So more personal information will be held in fewer hands. I hope it is easier for regulators to watch a few big players. Also, the big players (excluding Facebook?) are probably more well-behaved than the shady small-time ad networks.
It seems to me that this letter seems to care about everyone ("ad-supported small businesses", "advertisers", "website owners", "Ad networks", "small publishers") except for the one who matters the most: The User.
I'm not going to say what Mozilla should or shouldn't do in this case. They know better, and more importantly, they are free to do what they want. I just want to point out to IAB, whoever they are, that if they want to make an appealing argument, maybe put the user forward?
I would permit some advertising, if 1) It didn't "move around" and try to distract me; 2) It wasn't a potential vector for malicious technical endeavors (meaning, as opposed to advertisements for crap/exploitative products).
Every time I read about another ad network vector for malicious behavior, my current position is reinforced. I feel some guilt about this, with respect to sites I like, but it doesn't override my need for "safe computing".
So... if you want your advertising to get onto my system, improve your fucking product!
Back when "the Web was young", I permitted advertising, and I actually encountered a number of interesting and useful products via it. That was also a time when the "Web" community was a lot smaller, and particularly technology-oriented advertising has a significantly higher chance of being on-target with respect at least to me as audience.
Then ads starting moving, shouting, and playing bad sets. And then came the malware. That was it, for me.
Clean up your act, and I might let you back.
Sooner or later, someone is going to figure this out.
Agreed. While the trend away from 3rd party cookies is at present and will probably continue to be a thorn in my side in the coming years as a coder, I think that most internet users will be happier in a world where they are mostly not supported. If you just read through the list of companies that signed (lots of media this and that), I think most normal folks would hardly be sorry not to be able to be "tracked" (whatever that turns out to mean in practice) by them.
In general reminds me of the movie business that gouges customers on ticket prices and concessions, then complains when the customers start watching movies elsewhere.
Many times the user is interested in what "ad-supported small businesses" and "small publishers" (or even ad-supported big business and publishers) have to offer, so if those can't keep themselves running, there's a chance that the user will not be happy.
Besides disabling cookies doesn't mean blocking ads, so if the lack of tracking makes ads less attractive, other (possibly more intrusive) techniques must be used. I, for one, surely wouldn't want that.
That said, I think IAB has a very reasonable point there.
Even a 1% success rate is considered phenomenal in the advertising world, and as annoying as the ads became, it is true that tracking and targeting increased the value of ad impressions significantly when they were first introduced. The same is true of annoyances: popups, audio, and such: they simply worked.
But the people are speaking out. They don't want to be tracked by marketers, and they have been putting considerable effort into blocking the tracking efforts. Some estimates claim that as many as half the browsers on the Web now have some form of ad-blocking installed, and while the actual numbers probably aren't THAT high, it's not unreasonable to think that maybe one-quarter, or even one-third, of people may be blocking ads because of the annoying and tracking behaviors that advertisers have come to rely on.
When one takes this into consideration, surely it must be the case that annoying and tracking are now hurting advertising revenue far more than they help. It is, perhaps, time for advertisers to buck that trend: a return to the mass-marketing model that built media empires as recently as fifteen years ago. Or perhaps it is time to turn to a new kind of targeting: rather than going after individual users, target the sites themselves, directing advertisements to users based on the common interests that drive them to the places they go.
Imagine an advertiser that used such a model or something like it, and in return, pledged not to track or annoy the people who see its ads: a sort of "DuckDuckGo of advertising." Would you whitelist that advertiser in your ad-blocker? I would, and I doubt that I'm alone. I don't block ads just to stick it to the advertising agencies; I block them to make the Web usable and safe. Many people do. I wonder if a business model could be built on those people. Maybe even one that, on account of its wider viewer base, could eclipse the current tracking/annoyance models.
The unfortunate truth is that tracking and individual targeting improves CTR. Advertisers pay for clicks. Until someone comes up with a more profitable metric, they're not going to stop tracking.
If your business model is built on a widely disliked revenue stream (read: online ads), perhaps it would be wiser to revisit your business model than to write open letters asking the disliked behavior to be continued.
Out of curiosity, the company that I work for uses a cookie inside an iframe as part of an embedded version of our web application that users can drop into their website. Our Safari users is less than half of one percent and we had not received any feedback about this until just recently.
In our searching we came across this change to third party cookies from Mozilla. We have a much higher 15% of our user base that uses Mozilla and this is now a bit of a concern.
We use php for our backend code and need to come up with an alternate solution to this since blocking the cookie effectively breaks our user seasons.
Would anyone have any suggestions as to what our best course of action would be to mitigate this problem prior to Mozilla pushing this change live?
"Mozilla, if you act on your plan to block third-party cookies in your Firefox browser, thousands of ad-supported small businesses like us may be forced to close."
Yes, small businesses. Like the ones the people on your board of directors work for: https://www.iab.net/about_the_iab/iab_board
like IDG, NBC Universal, Ziff Davis, Microsoft, New York Times, Weather Channel, Facebook, Forbes, Conde Nast, AOL, and pretty much all the most popular sites in the english-speaking part of the internet...
I browsed for years before ads were practical, and most of my traffic today goes to Wikipedia, HN, or Netflix. When did we take it as a given that NOTHING GOOD happens online without advertising?
Sure, people want to build a business using advertising, I don't want to stop them. But packets are fickle. Some people will ignore, block, or just never get your ad. You have to accept that as a cost of your model, not a flaw in the network. We shouldn't drop everything to support your model, because some of us are actually using this network for other things.
There's another assumption at play, that advertising networks simply can't operate without third party cookies (from previously unvisited domains). I'm sure we'll find, rather than simply leaving all those dollars and eyeballs on the table, someone will come up with something.
Forward your thanks to the intrusive ad networks, spammers and other cretin who've been treating users badly for the last few decades, attracting hostile attention to the advertising practices.
People woke up to the fact that they are in control of the content coming through their wires thanks to the versatility of the contemporary computers. There is no return.
You should embrace current realities of the market you so love to invoke for every other subject and start innovating and distrupting. Failing that, stick with the proven ad channels such as iDevices, other locked down devices, social stalking services, local tv and radio channels and papers.
I fail to understand how blocking cookies on websites you have never visited before is harmful to "innovation", "education", "entertainment", "entrepreneurship", and "millions of consumers". Cookies exist as a mechanism for websites to store data. They're used to keep you logged into your Facebook, Google, Twitter accounts. They've have gotten bad reputation over the years due to the ability for arbitrary websites to set them as tracking information. Mozilla's decision here helps retain the original purpose of cookies. Sites you have never visited before have no business leaving session data on your computer. It is just illogical.
Additionally, blocking arbitrary cookies doesn't hinder advertising at all. Nothing in iab's entire letter even made the slightest bit of sense. The entire thing is filled with awkward phrases and confusing reasons that don't tie together. It wouldn't be a stretch to say the entire thing is written to confuse the reader. I'm disappointing this is on the front page. :(
The most interesting part of this article is how entirely openly it's indicating that a default setting that can easily be changed in a web browser will be left by virtually all users permanently. Of course it's true, it's just so odd to see written down so explicitly. To an extent I kind of feel that if people seriously won't investigate the option themselves then upon their own head be it. But at the same time it ahouldn't be opt out, this kind of thing should never be opt out.
So advertisers get upset and want Mozilla to support user spying for better targeted ads?!
That doesn't sound cool, only advertisers are signing this.
Can't they have ads targeted by clientele of the site? No need to track people for that.
some of the faqs are ridiculous; apparently blocking some 3rd party cookies by default goes against users freedom of choice yet enabling them by default is great for user choice!
[+] [-] elehack|13 years ago|reply
> Q. What is Mozilla doing that is causing concern?
> A. On February 25, 2013, Mozilla announced intentions to block all third-party cookies by default in upcoming releases of its Firefox browser. Only first-party cookies would be allowed.
No, they are not blocking all third-party cookies by default. They are blocking all third-party cookies from non-visited sites. google.com can track, doubleclick.net likely can't.
There is an interesting discussion to be had about tracking, cookie policy, defaults, etc., but making false representations about what is actually being proposed is not a good way to have that discussion.
[+] [-] oneeyedpigeon|13 years ago|reply
"To personalize your web browsing experience and to make the Internet work operationally,"
Make it work 'operationally' as opposed to ...? Anyway, as we all know, cookies aren't a requirement for the Web to work, let alone the Internet.
"websites you visit"
Correction: some websites ...
"place (or allow their approved partners to place)"
No mention that 'approved partner' is utterly meaningless
"a small harmless file, called a "cookie", in your browser."
Congratulations - apart from the slightly strange use of the word 'in', this is correct
"Cookies contain numbers and letters that identify your web browser, but not you personally."
Just utterly wrong
It does not contain your name, address phone, email or other information that can personally identify you."
Well, 'it' could, of course, so another meaningless statement
"Companies use cookies to learn more about user interests through users’ web browsing activities and to remember the preferences you set on their sites, such as the language you like to read, the last items you purchased, and the resolution at which you likes (sic) to watch videos."
"you likes" - seriously? Is this organisation just a kid in his bedroom?
"For example, a cookie can tell a website that you’re a repeat visitor, and then can let the site fill in your username for you."
As, of course, can your browser.
The fact that these people obviously have very little understanding of the issues they're talking about just convinces me we need responsible organisations like Mozilla to help prevent them from exposing us to privacy and security risks.
[+] [-] cpeterso|13 years ago|reply
[+] [-] babarock|13 years ago|reply
I'm not going to say what Mozilla should or shouldn't do in this case. They know better, and more importantly, they are free to do what they want. I just want to point out to IAB, whoever they are, that if they want to make an appealing argument, maybe put the user forward?
[+] [-] pasbesoin|13 years ago|reply
Every time I read about another ad network vector for malicious behavior, my current position is reinforced. I feel some guilt about this, with respect to sites I like, but it doesn't override my need for "safe computing".
So... if you want your advertising to get onto my system, improve your fucking product!
Back when "the Web was young", I permitted advertising, and I actually encountered a number of interesting and useful products via it. That was also a time when the "Web" community was a lot smaller, and particularly technology-oriented advertising has a significantly higher chance of being on-target with respect at least to me as audience.
Then ads starting moving, shouting, and playing bad sets. And then came the malware. That was it, for me.
Clean up your act, and I might let you back.
Sooner or later, someone is going to figure this out.
[+] [-] nateweiss|13 years ago|reply
In general reminds me of the movie business that gouges customers on ticket prices and concessions, then complains when the customers start watching movies elsewhere.
[+] [-] thirdstation|13 years ago|reply
> and the millions of consumers who enjoy the diversity of content and services the internet provides
(Ignore the small-i internet typo).
Do they mean to suggest that millions of consumers enjoy advertising? Thank you for thinking of me IAB!
[+] [-] mmv|13 years ago|reply
Besides disabling cookies doesn't mean blocking ads, so if the lack of tracking makes ads less attractive, other (possibly more intrusive) techniques must be used. I, for one, surely wouldn't want that.
That said, I think IAB has a very reasonable point there.
[+] [-] Millennium|13 years ago|reply
But the people are speaking out. They don't want to be tracked by marketers, and they have been putting considerable effort into blocking the tracking efforts. Some estimates claim that as many as half the browsers on the Web now have some form of ad-blocking installed, and while the actual numbers probably aren't THAT high, it's not unreasonable to think that maybe one-quarter, or even one-third, of people may be blocking ads because of the annoying and tracking behaviors that advertisers have come to rely on.
When one takes this into consideration, surely it must be the case that annoying and tracking are now hurting advertising revenue far more than they help. It is, perhaps, time for advertisers to buck that trend: a return to the mass-marketing model that built media empires as recently as fifteen years ago. Or perhaps it is time to turn to a new kind of targeting: rather than going after individual users, target the sites themselves, directing advertisements to users based on the common interests that drive them to the places they go.
Imagine an advertiser that used such a model or something like it, and in return, pledged not to track or annoy the people who see its ads: a sort of "DuckDuckGo of advertising." Would you whitelist that advertiser in your ad-blocker? I would, and I doubt that I'm alone. I don't block ads just to stick it to the advertising agencies; I block them to make the Web usable and safe. Many people do. I wonder if a business model could be built on those people. Maybe even one that, on account of its wider viewer base, could eclipse the current tracking/annoyance models.
[+] [-] rgbrgb|13 years ago|reply
[+] [-] throwaway1460|13 years ago|reply
[+] [-] jeena|13 years ago|reply
[+] [-] jf|13 years ago|reply
[+] [-] eykanal|13 years ago|reply
[+] [-] orillian|13 years ago|reply
In our searching we came across this change to third party cookies from Mozilla. We have a much higher 15% of our user base that uses Mozilla and this is now a bit of a concern.
We use php for our backend code and need to come up with an alternate solution to this since blocking the cookie effectively breaks our user seasons.
Would anyone have any suggestions as to what our best course of action would be to mitigate this problem prior to Mozilla pushing this change live?
[+] [-] cpeterso|13 years ago|reply
[+] [-] jccalhoun|13 years ago|reply
Yes, small businesses. Like the ones the people on your board of directors work for: https://www.iab.net/about_the_iab/iab_board like IDG, NBC Universal, Ziff Davis, Microsoft, New York Times, Weather Channel, Facebook, Forbes, Conde Nast, AOL, and pretty much all the most popular sites in the english-speaking part of the internet...
[+] [-] richardwhiuk|13 years ago|reply
[+] [-] khuey|13 years ago|reply
[+] [-] tomjen3|13 years ago|reply
[+] [-] brownbat|13 years ago|reply
Sure, people want to build a business using advertising, I don't want to stop them. But packets are fickle. Some people will ignore, block, or just never get your ad. You have to accept that as a cost of your model, not a flaw in the network. We shouldn't drop everything to support your model, because some of us are actually using this network for other things.
There's another assumption at play, that advertising networks simply can't operate without third party cookies (from previously unvisited domains). I'm sure we'll find, rather than simply leaving all those dollars and eyeballs on the table, someone will come up with something.
[+] [-] laurencerowe|13 years ago|reply
[+] [-] lukifer|13 years ago|reply
(I'm still surprised that those don't show up often in the wild as it is...)
[+] [-] cpeterso|13 years ago|reply
[+] [-] tptacek|13 years ago|reply
http://www.iab.net/about_the_iab/iab_board
[+] [-] artificialidiot|13 years ago|reply
Forward your thanks to the intrusive ad networks, spammers and other cretin who've been treating users badly for the last few decades, attracting hostile attention to the advertising practices.
People woke up to the fact that they are in control of the content coming through their wires thanks to the versatility of the contemporary computers. There is no return.
You should embrace current realities of the market you so love to invoke for every other subject and start innovating and distrupting. Failing that, stick with the proven ad channels such as iDevices, other locked down devices, social stalking services, local tv and radio channels and papers.
You won't be missed.
Sincerely, Internet users
[+] [-] gluxon|13 years ago|reply
Additionally, blocking arbitrary cookies doesn't hinder advertising at all. Nothing in iab's entire letter even made the slightest bit of sense. The entire thing is filled with awkward phrases and confusing reasons that don't tie together. It wouldn't be a stretch to say the entire thing is written to confuse the reader. I'm disappointing this is on the front page. :(
[+] [-] hackernewbie|13 years ago|reply
[+] [-] RRRA|13 years ago|reply
[+] [-] alistair77|13 years ago|reply
[+] [-] l0c0b0x|13 years ago|reply
Hmm... building the internet not particularly thinking about the ads on a website sounds good to me.
[+] [-] webwanderings|13 years ago|reply
[+] [-] Shamharoth|13 years ago|reply
[+] [-] laurentoget|13 years ago|reply