August 23, 2024
Human Friend Digital Podcast
Protecting Privacy and Keeping Analytics
Breaking Free of the Cookie Empire
In this episode of the Human Friend Digital Podcast, Jacob and Jeffrey dive into the challenges and opportunities of moving toward a cookie-less world in online advertising. Building on last week’s conversation, they explore how cookies have evolved from simple trackers to invasive tools that gather extensive user data, raising serious privacy concerns.
Jacob reintroduces Plausible Analytics, a privacy-friendly alternative to Google Analytics that avoids cookies by using temporary user IDs based on device and behavior data. The discussion also covers the use of UTM tracking, an old-school method that allows advertisers to measure campaign effectiveness without relying on cookies.
The episode emphasizes the importance of businesses taking steps to protect user privacy now, even before regulations catch up. It’s a practical guide for those looking to stay ethical while still gaining valuable insights in digital marketing.
In this episode of the Human Friend Digital Podcast, Jacob and Jeffrey dive into the challenges and opportunities of moving toward a cookie-less world in online advertising. Building on last week’s conversation, they explore how cookies have evolved from simple trackers to invasive tools that gather extensive user data, raising serious privacy concerns.
Jacob reintroduces Plausible Analytics, a privacy-friendly alternative to Google Analytics that avoids cookies by using temporary user IDs based on device and behavior data. The discussion also covers the use of UTM tracking, an old-school method that allows advertisers to measure campaign effectiveness without relying on cookies.
The episode emphasizes the importance of businesses taking steps to protect user privacy now, even before regulations catch up. It’s a practical guide for those looking to stay ethical while still gaining valuable insights in digital marketing.
UTM Builder: https://utmbuilder.net
Plausible Analytics: https://plausible.io
The Wired article that Started our Conversation: https://www.wired.com/story/webxray-online-privacy-violations
Link to Last Week’s Episode: https://humanfriend.digital/webxray-and-the-fight-for-digital-privacy/
View Full Transcript
Jeffrey:
Hey Jacob, welcome to another episode of the Human Friend Digital Podcast.
Jacob:
Hey, Jeff. Thanks for having me on, you’re a great host!
Jeffrey:
So, we are gonna segue from what we talked about last week, vis-a-vis privacy: and we talked in our previous episode about how we, and other companies, could create a cookie-less advertising world. And so, I wanted to dive deeper into that, since regulations from the U.S. government are not likely forthcoming. And we talked on the previous episode about how it’s up to us to create a privacy atmosphere that we feel protects both our clients, and our clients’ users, and all of us in the digital space.
So could you break down the elements of online advertising, and how cookies have been essential to it so far?
Jacob:
Yeah, so a lot of the fixes that I’m going to recommend are for people that are a little bit smaller in size. So, many of the recommendations that I would make really will only make sense for people that are in the small- to medium-sized land. People that are having hundreds of thousands of visitors on their site, they’re going to need a much more robust approach to getting rid of cookies, because the cookies are used in a lot of places in a lot of ways.
So, cookie-less… So what a cookie does, and we’ve talked about this in the previous episode and I’ll just go over it again, is it’s a little tracking thing that they tag to you, in your browser, and it follows you around. So, a lot of websites, when you go to a website and you get there and you get a Google Analytics cookie on there, and you consent to cookies, you get something on your site. Most of that stuff is specifically about your experience on that website.
However, there’s not a whole lot of regulations about how that needs to be controlled or maintained. And so maybe that doesn’t just stay on your website for some of the trackers: some of them are explicit that they don’t, like Facebook Meta Pixel. Or, when you start getting into Google Tag Manager advertising and you’re getting all these other services involved. So what a cookie does is it lets someone get tracked from website to website.
To go cookie-less means that you’re breaking chains of data, which can be a little difficult for people. So if you’re spending thousands and thousands and thousands of dollars on ads, what that ad’s effectiveness is can be a little bit dictated by once they get to the site, can the cookie keep going, making sure they reach a goal?
Jeffrey:
Okay, can you… what is the goal? What would the goal be? What are examples of goals?
Jacob:
A lot of times, like for B2B, a goal would be someone fills out a form on your website, so you can attribute that the person came from that campaign, and that campaign can learn from that conversion that happens, in like Google Analytics from like Google Ads, and then it will then optimize that campaign around that individual and other information that that cookie has maybe picked up about that individual, you might not have access to that.
That might be their age, their demographics, their devices, their country, all this information that a cookie can learn about a person and determine through AI. So what we’re abdicate, abdicate, abdicating… sorry, what a strange word: I almost said abdicating and I’m like, “I’m not abdicating the throne”… I’m advocating…
Jeffrey:
What we’re advocating…
Jacob:
…Is what a cookie-less future would be. So, how do we get away from that system is very complicated, at first, but really we’re kind of going to go a little old school.
I mean, most tracking setups in the early days of the internet, 10 years ago, 12 years ago, 15 years ago, they didn’t really have a lot of this connection to connection to connection thing. So people had to make some pretty interesting things.
Jeffrey:
So what you’re saying, real quick, what you’re saying is that back, you know, 10 years ago, 12 years ago, whatever, these cookies didn’t stick to you, they didn’t follow you around, is what you’re saying?
Jacob:
Yeah. They weren’t as… they weren’t as sophisticated about that stickiness. They’ve always stuck to you a little bit: they’re sticking a little more persistently across things and they’re learning more about what you’re doing. And then they’re using machine learning tools now to make really sophisticated assumptions about you, what your purchase habits are, what you’re most interested in, what your… maybe your age, all these things.
They’re going to make so many assumptions about you based on this data, and they have so much data they’ve collected over time that the cookie was a little less sticky back then, but the information that they’re getting from it now is far more uncomfortable feeling. And that’s where this webXray is coming out, trying to get on this, because now it’s different. Before it was like, “hey, we’re going to put a cookie here, we’re going to know what you clicked on on our website, and when you leave, bye! We’re not going to really care.”
But now it’s like, governments, entities are going to get more and more sophisticated. And should our government change its stance on certain things, well that could get pretty creepy pretty quick. Because now it’s not just you found out I clicked… I really like these shoes, you’re going to get a whole profile about me as an individual.
Jeffrey:
So like, advertising in the digital space relies on cookies, historically, or up until this point. So can you break down how we can be a cookie-less advertising space, or how someone could advertise without having tracking cookies follow someone from site to site to site to site?
Jacob:
Yeah, and until recently, I didn’t even think there was an answer. About a year, two years ago, I came across a service called Plausible Analytics because I was dealing with a client and they wanted to make sure that they had…
Well, two things were going on: Google was updating the way they tracked, and they were going from Universal Analytics, UA, to Google Analytics 4, and they were going to trash your old data. So I had clients that were going to lose data from that historical time, and the way that tracking was changed was being changed, and GA4 is specifically meant to be more compliant with GDPR, right?
Jacob and Jeffrey:
[Us being silly and looking up something we should have had in our notes]
Jeffrey:
All right, General Data Protection Regulation, GDPR, the standard of the European Union. Okay. So what were you saying about that?
Jacob:
So when that happened, I was like, “Crap, I got to find something that’s going to a store that, if possible…”
Jeffrey:
Your old client’s data.
Jacob:
Yeah. Store the old clients data, and maybe find something that is totally GDPR compliant.
At the time there was something, which was called Plausible Analytics, and it’s getting more and more popular. What it does is it uses something called salt, and the way they do it is a little bit above my head, so I’m not going to try to correctly describe it, but I guess the takeaway is that it uses a combination of your device, your IP address, and your behavior on the website, and it creates a unique temporary ID to follow you around on the website: no cookies necessary. It’s kind of like where a cookie would be like putting into your browser and looking at what’s going on your side of the looking glass, so to speak, this one is only looking through our side of the looking glass.
Jeffrey:
Right. So, it’s only seeing what you do on a specific website and then that’s it: It leaves you alone after that.
Jacob:
It goes. And so, one of the major concerns with using that is that return users, if something should change, like you moved from a library to your home, it’s not going to get that.
Jeffrey:
It won’t pick up that element of the user data, but it still tracks everything that you’re doing on the site. So you get all of that information, even if you don’t know, per se, where they did it from, or what device they used, et cetera.
Jacob:
No no no no no, it will actually tell you all of those things as well, but the way that it uses that information to create a unique ID…
Jeffrey:
Oh, so if you came back, it wouldn’t know that you were that same person.
Jacob:
No. So they tend to have less returning visitors, but their unique visitors, like the unique people that visit the site, that data set, seems to be dead on. I mean, it is really accurate.
Jeffrey:
And we’ve actually analyzed that data between GA4 and Plausible Analytics, and Plausible’s way more accurate in terms of individual users on the site versus GA4 uses a lot of like estimations what people are actually doing on the site.
Jacob:
So, the way Google puts it and the way that they approach it is, since they know they’re going to get less visitors using cookies, GA4 adopts a mix of cookies and data sampling. So let’s say–I think they even use this analogy on their website, which is–let’s say you have a thousand acres of a forest, and you need to figure out how many trees are in that forest: Rather than counting every single individual tree in the forest, they will take a 10 acre section and then count those trees, and then do data sampling to estimate. So, they do have an option in Google Analytics to be more one-to-one, but as you get bigger and bigger, you need to rely on that data sampling because, again, more people are opting out of the cookies.
So, Plausible though, they’re counting every single tree that comes in the forest, and that is more traditional how Universal Analytics worked. It can track pretty much everything that 90 percent of Google Analytics users need. So I was just…
Jeffrey:
But it’s just not going to keep those trackers on that person, is the distinction.
Jacob:
Right. It’s not participating in that world. It’s making a stance totally against that world. It’s not doing it…
Jeffrey:
Well it has to, because it’s from, like we talked about in the previous episode, it’s Estonian and it has to be GDPR compliant and Google does not have to be compliant, at least not in the United States. So there’s different strategies that they employ.
Jacob:
Exactly. So step one, that I discovered through that process was if I’m going to be cookie-less, I’m going to use Plausible: it answers everything that I needed. Because I can track conversions, I can set up custom tracking for clicks and elements on the site… most of the day to day stuff that a person needs, like how many people came, what regions of the world did they come from, what devices do they have…
Jeffrey:
And then what did they do on your site, which is ultimately… your end goal is, when they came to my site what did they actually end up doing? Did they buy something? Do they fill out a form? Whatever. That’s what you care about the most over anything else.
Jacob:
Right. And that is where Plausible kicks butt. Now, the problem is, let’s say you want to advertise. Let’s say you want to put marketing dollars out in the world and come back to your site, and you want to know if it’s working.
Jeffrey:
Okay. So give us an example: let’s say you advertise on Instagram, walk us through what that would be in a cookie-less space.
Jacob:
So an Instagram, or Facebook product–Meta, as they’re called–they’re going to want you to put in the Meta Pixel now. And the Meta Pixel is a little script that will go on your site that means that cookies that are picked up on the Instagram page, or the Facebook page, or various other things that have the Meta Pixel involved, will follow you around, follow that user around as they go through your site, so Instagram, Facebook can continue understanding the success of that ad and see if it works.
So what a cookie-less world would do is let’s say once they leave Instagram, it would break… the experience then breaks. If the Facebook Meta Pixel was not on the site to continue that syncing up of the cookie, and watching them through the site, you’re going to break that chain of events, which I think is what people would prefer.
Jeffrey:
Okay. Let me, let me break this down. Let me make sure I understand what you’re saying: So you click on an ad on Instagram, ordinarily clicking on that ad would put a cookie into your browser, even though you’re leaving Instagram, and it will follow you on whatever site you clicked on and tell that site owner whatever it is you’re doing on their site. And what you’re saying is you click on the ad on Instagram, it tells you that they clicked on it, but then it doesn’t track them further. And so you have to use something like Plausible Analytics to figure out what they did on the website on your site.
Jacob:
So this is going back, back in the day, you’re going to have to use tracking URLs.
Jeffrey:
Yeah, so let’s talk about that: We mentioned that on the previous podcast, UTMs and apparently they stand for Urchin Tracking Module.
Jacob:
And guess who bought Urchin? Urchin was a company. Urchin was a software corporation, and the company developed this tracking URL system and Google purchased them, acquired them in, looking at my notes, 2005. So again, this is what I mean. This is like going old school on how you need to track things in the world.
So a UTM has a bunch of parameters. It’ll be like the normal site URL, and it’ll be a question mark, which is called a query, and so anything after a question mark is called a query string. And then you can load that up if you format it right with all sorts of interesting bits of information.
Jeffrey:
So I’m looking at the parameters right now for UTM: there’s source, medium, campaign, term, and content. So these are all the different parameters that a UTM’s query string could establish?
Jacob:
Yeah. So instead of letting Facebook establish all this stuff for their report, you’re taking it on yourself to design this report for you. And you can do this for Google ads, you can do this for anything, really. Anytime there’s a link out there in the world, and it’s coming back to your site, you don’t have to give it the URL of the page: you can give it a tracking URL. Now tracking URLs do not change any visual element on the page whatsoever.
Jeffrey:
Okay, so like earlier today, we were discussing things on our blog, and I had just copied all of these URLs, just like, carte blanche, and then you were like, “Oh no, we can get rid of all of this stuff after the question mark, because all of that’s tracking and then everything before that would still send us to the same page,” and it was like a much neater, cuter, little link than what I had, which was like four lines long and it had all of this tracking information, which I guess was the UTM.
Jacob:
Yeah. They had a mix of UTM and custom tracking. It was for Wired, and if you actually look at that, it’ll tell you everything that you were doing. Let me just be creepy right now, and let me pull up what that link was: Okay so, it’s telling me that your client service that you came through was Wired; the supported service name, it says Instagram publishing, so it must’ve been like through Instagram; the medium was social, so that’s the medium that you came from; the social type, which is a custom one that they probably have set up, is owned, so that means you probably own a subscription to it; and then the brand is Wired; UTM source, Instagram; UTM content, Instagram bio-link: you came through the bio-link of Instagram.
So I could read that right now and I know exactly what you did because of…
Jeffrey:
What I did, how I got to that page, and that’s what’s useful for them, using a UTM, is that they can tell how you access their website, is through all of these different steps: I saw their thing on Instagram, I clicked on it, I clicked on their bio, I clicked on the link-in-bio, and then etc, etc, etc.
Jacob:
Exactly. So how can you do that for yourself, right? So let’s go through…
Jeffrey:
Yes, bring it back.
Jacob:
So the best way to do it for yourself, what I encourage people to do is use a UTM builder, and there’s one that I use, and I have bookmarked and I’ll link to it, it’s called UTMbuilder.net: plain as simple as possible. You put in your primary URL and then you type in an answer for your source. So a source is where you’re going to be placing the ad: so, Google, Twitter, sorry X, Instagram…,
Jeffrey:
No one calls it X. X doesn’t exist, but yes, continue.
Jacob:
So anytime you’re putting out a link that’s not going to be on your website, you need to go here, generate a UTM and do that. So then you’ll need to do links manually, which can be very painful. The one thing that makes cookies so attractive is so much of it can be automated for the data that you get. So if you want to go cookie-less, you’re going to have to do a little extra work, but that does mean you’re going to get a little extra control as well.
So you’re going to set your source, right? Your medium… So let’s say you have a MailChimp as your source, you might say the medium is email. So medium can be email, social, cost-per-click, whatever you want. Campaign, this is more important: Let’s say you’re doing a campaign with an advertising partner and you want to track campaigns that come from a particular ad that you’re promoting online. Like, I’m doing a 20 percent off campaign, it’s going through the summer for three months: I want everything that’s tracked on this campaign, no matter which source or medium it comes from, the campaign can be called 20 percent off, and you can use that same campaign name across all your UTM links.
So, and then we have content: Content can just be another descriptor for you to help you understand where it was: Was it a type of call to action? Was it a headline? Was it a banner? Was it a graphic? Was it a button? So, the more variables you have in your types of campaigns that you’re rolling out, you can use content.
Term, UTM underscore term, is very helpful because let’s say you’re doing a keyword associated with this campaign on Google, and you are setting up individual keyword campaigns that are very tightly around a keyword space or a topic, and you can say all the links that come from this one, or this one campaign or around the word “brand-marketing,” and then you put the term in there, and then you know all the AdWords campaigns, all the brand marketing keyword focused broad match ones, came from this URL. So, that is what you are doing with a UTM. You are…
Jeffrey:
So you don’t have to do all of them–like source, medium, campaign, term, content–the more you use, the more granular your understanding is. But you could just use one, or two, or none. I mean, well…
Jacob:
You could, but to make them work effectively, you should at least use source, medium, campaign. UTM content and term are kind of extras.
But this is the problem with going with cookie-less, and this is why I think really big companies are going to have a kind of a hard time with it, because they’re going to be spending a lot of money and it’s a really big switch.
A lot of people that are small need really linear needs: like, you click my ad on Facebook, you came to my site, you bought my garage door, right? They’re not complicated. Let’s bump up to something like tourism, really big people getting 500,000, 1 million, 1.2 million people to their site in a peak season, like July, right? Well, optimizing your ads, you’re going to want those ads to run really efficiently, you’re going to want them to be sophisticated and learn as they go, right? And you’re going to want them to be able to kind of like run themselves a little bit in certain aspects.
Jeffrey:
Do you think that it’s possible for people to be cookie-less? I mean, outside of the sort of small scale people like us–we’re a small company, blah, blah, blah. But, big companies, do you actually think that it’s realistic to be cookie-less? If the government doesn’t say, “Hey, you can’t have tracking cookies track people from site to site to site.”
Jacob:
Yeah, I don’t know. I mean, I would say that it is possible, but it would be like winding back the clock. It’d be like I’m deciding to go… oh, remember…
Jeffrey:
Going analog instead of digital so to speak.
Jacob:
It’s like, remember the Razor? The Razor was really cool, right?
Jeffrey:
They did a Razor a couple years ago.
Jacob:
I know, I know, but that was like… that’s one of those revived ones that’s like… because everyone thought it was cool a long time ago. This is like going back and doing a Razor-style of analytics
However, it does let you just be out of that nasty mix of that marketing world, and you are really in control of what happens to your advertising experience, but also you’re going to be really like controlling your user experience too.
Jeffrey:
So, I just want to ask how, if you can sum up everything, how you would synthesize, you know, tracking URLs, analytics… how could an advertiser be getting the same data that they want without using tracking cookies? If you can just like, wrap it up in a nice little bow.
Jacob:
Yeah. If I could do that, that would be a miracle. So I can, I can… I’ll get close.
Jeffrey:
Well just like sum up, sum up what we’ve talked about.
Jacob:
First thing you do is you need to go list out everything that you’re tracking right now: like, what’s the important elements that you are tracking.
So you’ve got your website, right? That’s easy. You can go on there and rip Google Analytics out and put Plausible Analytics in. Then everything else after that, you need to be made a list: Do you have a MailChimp? Do you have a Brevo? Do you have an Instagram account, do you have a Facebook account? Do you have all your social media? Do you have a referral link listed on other companies’ websites? Do you have a Clutch profile? Make a list of everything okay? And then you need to go to each one of those platforms, and every link that you have listed on that platform, you should go to UTMbuilder.net and make a UTM URL for each one of those things. Swap them out.
‘Cause if you don’t do that, let’s say you have a listing on Clutch, or your listing on Instagram, you won’t know which link they clicked. Like, in your UTM that I picked on, it says Instagram bio-link. If you didn’t tell it that, all you’re going to get in Plausible is it came from Instagram. And that’s true too with Google Analytics 4, I mean, it’s just going to say it came from Instagram, unless you do an UTM tracking.
Jeffrey:
Unless you are tracking it specifically with all the parameters we talked about earlier.
Jacob:
Yeah, exactly. And then you go basically line by line, you optimize each one for the UTM URL so you get more data and all that stuff, and then Plausible is really up to you of how much you want to use it: Do you want to configure all the custom goals with like forms? Do you want to configure the custom goals with download links and all that stuff? It’s all possible with Plausible. You just need to get it set back up.
Jeffrey:
“It’s all possible with Plausible.” That’s funny.
Jacob:
It is. It’s one of the, you know… and I don’t have… we don’t have an affiliate link. We’re not sponsored by that.
Jeffrey:
We just love it.
Jacob:
It’s just the answer that we have right now. And I should say it isn’t free. So Google analytics is free. Of course it’s free because it makes their advertising platforms better, right? Plausible is $9 a month. So, you know…
Jeffrey:
That’s what you’re giving up. You’re giving up free analytics stuff for something that actually can protect your clients’, or your users’ privacy better than Google.
Jacob:
So, here’s another thing I’d like you to interject somewhere in the pod, is that if you go completely cookie-less, you are going to be completely California Privacy Protection Act compliant and GDPR compliant.
Jeffrey:
And what’s the benefit of that?
Jacob:
The benefit of that is you don’t have to ever worry about those data regulations. Coming after you, if they ever get tooth, teeth on their regulators, you don’t have to worry about that. If GDPR gets updated again, which it will, it’s going to be more complicated again, how this cooking consent needs to be laid out. And if you’re not participating in cookies, your consent panel never has to be crazy. You can tell people you don’t even use cookies, and your privacy policy page can go back to the way it was 10 years ago. And you just have a privacy policy in your footer that basically says, “Hey, if you fill out an email form on my website, you can always request to get it removed,” and that’s it. But like…
Jeffrey:
And you don’t have to be bothering your users with “Please consent to this, to this, to this, to this, all these different things in order for us to obey the law,” you can just be like, “Hey, you don’t have to consent to anything because we’re not doing anything to you.”
Jacob:
Yeah. I mean, the article that spawns… did this, right? WebXray…
Jeffrey:
Spawned, spawned our conversation. Yes.
Jacob:
Yeah. If you go to their website, you know what’s going to happen? There’s not a cookie pop up on their website. And you’re like, Hey, what’s up with that? And if you go read their privacy policy, it is short, and it is wonderful. It just reads like a short, sweet thing. And you can have a privacy policy like that. If you go this way, just take a look at webXray.
Jeffrey:
Jacob has a little crush.
Jacob:
Well, I think, I think, yeah, I do.
Jeffrey:
…on webXray…
Jacob:
I have a little crush. Them and Plausible: they’re my, they’re my analytic love affair right now.
So, all right. Do I think… Was it on point, Jeff?
Jeffrey:
Yeah, I think we’re, I think we’re good. All right. So let’s do a round out.
Jacob:
Okay. So rounding out this episode. You can do it if you want to. I feel like if you had a really big website, you’re going to have, you’re going to have some work to do, some real legitimate hard lift here to make this happen. But I do think it’s worth it.
Jeffrey:
But if you’re on a smaller scale, if you’re on the smaller scale, this is something that is very workable. Like you don’t have to be part of the cookie empire if you don’t want to be, unless you’re like a multimillion dollar company, and then it might be a little bit of work.
Jacob:
It’s going to be a lot of work.
Jeffrey:
It might be a lot of work.
Jacob:
This is what I would guess. If you came to me and you were a random person listening to this podcast and you’re like, “I have a website and I want to be cookie-less,” I’m going to guess three, four hours of work. Maybe, maybe more depending on how many external services you have. Let’s say four to eight. Four to eight hours of work and you can be totally cookie-less with working with a person like me. And you know, if you reach out to us we could do that… not to, I’m not selling us, I’m just saying this is what the time estimate would be for a small business to probably do that.
Now, if you’re a really big organization, like a tourism example, you might be in the 10 to 50 hours zone somewhere. I don’t know. And it’s going to depend on how many services that you need to configure, right? And then it’s also going to be about everyone in your organization getting UTM-link mindset in them, if they’re going out and doing advertising efforts with like, not in a central source.
Not a really easy round out, but that’s where we’re at.
Jeffrey:
It is possible. And you guys should listen to our episode last week where we talk about a lot of the ethics that you should be considering as a company, because in the United States, like we talked about, there is no one’s really in charge of any of this stuff, and it can get pretty messy pretty quickly. So just if you want to be on the right side of history with this stuff, you want to at least consider trying to be cookie-less.
Jacob:
Yeah. I think that’s a good way to sum it up, Jeff. All right.
Jeffrey:
All right. Well that wraps up this week. Stay tuned, hit us up next week, we’ll have something to talk about. We always do.
Jacob:
Somehow.
Jeffrey:
Somehow. We just have so much on our minds, Jacob. All right. Thank you guys for listening.
Jacob:
Thank you, buh-bye… Don’t put in “buh-bye,” cut out my “buh-bye.”
Jeffrey:
I’ll cut out your “buh-bye,” that’s fine.
Almost never miss an episode!
Well, we're only human.
Subscribe to receive emails in your inbox when every new episode drops ... or when we want to send you obnoxious emails to sell you stuff you don't really need.
Just kidding, we respect the privilege of being in your inbox.
Email Subscribe
"*" indicates required fields