Netscape instituted cookies as a means to help websites gather user state information during a web visit. That's because a web server, unlike a business application such as a shopping cart, is not able to recollect who a visitor is or what transactions took place.
A server simply sends out web pages when requested but does not record any data on who requested the page, where it went or any associated user behavior. So cookies were created to save this information. Cookies are used to enhance the browser experience, improve usability for customer interactions, increase purchase behavior and improve commercial website performance.
Cookies are either 1st party or 3rd party, depending on the type of website that sets them. A 1st party cookie is set by the site that the user is visiting, e.g., a hypothetical website called MySite.com. A 3rd party cookie is set by a third party site providing a service to the main website, e.g., a web analytics vendor or an ad network.
A 1st party cookie can contain personal information such as user name and a login ID, thus the user is automatically recognized when s/he visits a site. If cookies did not store this data, websites would have to request it every time the user returns to the site.
Third-party cookies are less valuable to the user. A web analytics vendor cookie tracks a visitor's path through MySite.com so it can identify which pages work and which don't, optimizing for better site performance. The ad network cookies track user behavior across multiple sites, helping them classify user behavior. This facilitates the targeting of ads to user segments. For instance, frequent visitors of sports sites are served sports relevant ads. While anonymous, this multi-site aggregation of visitor information is what has caused a furor in the ongoing privacy controversy.
Deleting 3rd Party Cookies: Browsers give users various options for deleting cookies. This, and the proliferation of anti-spyware, has resulted in the increasing deletion of 3rd party cookies. Cookie rejection is also enabled by new software mechanisms that block cookies from ever being set on users' computers.
Jupiter Research estimates that 3rd party cookie deletion runs 39 percent per month. The cookie rejection rate rose to 12.4 percent in April 2005 from 2.84 percent in January 2004. Naturally, this can distort key metrics, artificially inflating unique visitor counts and undercounting repeat visitors. Mass cookie deletion and rejection can make it appear that a website's new visitors are increasing while returning visitors are decreasing, a change in visitor behavior that is factually unlikely.
Solutions for the Cookie Dilemma: To counteract the skew, client-side web analytics vendors have enabled their cookies to be set by their client's website, making them 1st party cookies, which are less frequently deleted. While not preventing all inaccuracies (users can still delete all cookies or use different computers), this seems to be stemming the tide.
An alternate solution suggested by Jupiter Research is to use Macromedia Flash Local Shared Objects (LSOs) as a cookie replacement or backup. Similar to a cookie, an LSO is a text file that can be read only by the website creating it. There's an extra benefit to using LSOs – browsers and anti-spyware programs can't delete them, and most users don't know how. While this works for now, it won't be long before privacy advocates educate users on how to eliminate these as well.
The solution to the cookie dilemma may be in changing the nomenclature to better describe cookies since some users see cookies as adding to the browser experience while others see them as an invasion of privacy. It's easy to get confused between 1st Party and 3rd Party cookies – like, which is helpful and which is of questionable value? In the end, every user has to decide for him/herself whether or not to delete cookies while weighing the pros and cons.