A few days ago Mikkel deMib Svendsen from Denmark published a blog post — which has already gone “hot” on Sphinn — where talking about Samy Kamkar‘s EverCookie he expressed concern for the future well-being of affiliate marketing as a whole. Here’s an excerpt:
Normally if you set a “permanent” cookie it can relatively easy be deleted. …With EverCookie multiple cookies are set. Currently Sammy’s EveryCookie support 10 different types of cookies!
The real smart thing about EverCookie is not just that it sets 10 cookies. Theoretically you could go through each of them … and delete them. But that won’t work with the EverCookie because as long as just one cookie is left this is used to set the other 9 cookies again…
If you are working in the affiliate space you can probably see the problem with this type of cookie. Basically, if I, as an affiliate of your company, can set an EverCookie on users no other affiliate will ever be able to overwrite it. The EverCookie essentially override the standard that most merchants and affiliate networks use where the last affiliate partner prior to a sale gets the commission on that sale. …Of course this will really upset all your other affiliates…. It could potentially kill your entire affiliate program — or affiliate network. At least if you don’t deal with it — fast and efficiently! [full post here]
Sounds scary, doesn’t it?
Well, working in the affiliate space myself, I actually do not see any reason for concern. If the news of EverCookie came coupled with a news that a major affiliate network decided to switch to EverCookie(s), that would’ve been a totally different situation. However, the way things look right now, there really is nothing to “deal with”.
As someone has already pointed out in the comments to Mikkel’s above-quoted post, cookies set by affiliates through affiliate program links are third-party cookies (as opposed to first-party cookies that affiliates themselves may be able to set). So there is absolutely no way for “an affiliate of [a] company” to “set an EverCookie on users no other affiliate will ever be able to overwrite”.
In addition to this, a good observation was made by David Bullock, Vice President of Technology at OneCoach. There actually is a context within which EverCookie may become problematic, and here’s Dave’s description of it:
EverCookie is the program/code that sets the cookies, and recreates them if some are missing. It has to be run from a website.
In order for the cookie to be regenerated, the EverCookie script has to be run again, the same situation as if the visitor revisited the Affiliate A’s site after getting a new cookie at Affiliate B and overwrote it with a regular cookie.
The only way this would be an issue is if the Merchant (not a rogue affiliate) regenerated the dormant affiliate cookies and overwrote the last legitimate cookie with an old EverCookie record. That would be very easy to spot since the merchant would have to be running the EverCookie scripts on their site.
So, technically it is possible for a merchant to start using EverCookie to overwrite “the last legitimate cookie” of an affiliate, robbing the latter of the commission that is due. But then again… this by no means kills affiliate marketing, because as soon as an affiliate network (or an affiliate) spots such merchant behavior, it’ll be brought to light (with all natural consequences). And no serious merchant wants that.