Home Services Contact Info

Can Third Party Cookies Kill Your Sales?

Posted in: Conversion Optimisation by Richard Hearne on August 17, 2009
Internet Marketing Ireland

Here’s a classic case of cookie sniffing gone really terribly wrong. I allow 1st party cookies in Chrome, and the only restrictions I’ve made are to on 3rd party cookies. Here’s what I get when I go to www.virgin-atlantic.com:

Virgin Atlantic Cookies Warning
Virgin Atlantic No Cookies Warning

Online Privacy Is A Growing Concern

There’s no doubting that people have become far more conscious of their privacy online. It seems not a day goes by without some news story about how technology often infringes on privacy, and most people take more action these days to protect themselves.

I’ve changed my cookie settings in Google Chrome. I explicitly restrict how third part cookies can be used. I did so after reading Google’s own guidelines on how to opt out of Doubleclick’s tracking cookie:

Third Party Cookie Options In Google Chrome
Third Party Cookie Options In Google Chrome

Virgin Atlantic Sniffing The Wrong Cookie

I assume Virgin Atlantic are sniffing out the Doubleclick Cookie, and because I’ve restricted 3rd party cookies, they seem to think I cant use their website. Of course this would be a reasonable response if I didn’t accept any cookies, but my browser should have no problems using their site to purchase my flight (I doubt the DoubleClick cookie is a show-stopper).

If virgin-atlantic.com checked their own cookies they’d see them alive and well, but right now they’re potential turning customers away, and I imagine losing valuable sales, all because of Doubleclick.

For reference here’s what I get in FF (where Doubleclick still follows me around):

Virgin Atlantic homepage with 3rd party cookies
Virgin Atlantic homepage with 3rd party cookies

No better way to kill sales and conversions than by blocking users from accessing your site. Hopefully Virgin-Atlantic.com will fix this ASAP.

You should subscribe to the RSS Feed here for updates.
Or subscribe to Email Updates now:


  1. Thanks for your feedback we’ll investigate this right away

    Comment by Allison Wightman — August 17, 2009 @ 12:02 pm

  2. Hi Allison

    Thanks for dropping by, and I hope you don’t have too much hassle fixing this.


    Comment by Richard Hearne — August 17, 2009 @ 6:24 pm

  3. I think you had cookies disabled in Chrome.i really couldn’t reproduce this.

    Comment by rika — August 18, 2009 @ 1:47 pm

  4. Hi rika

    Seems either my problem was a fluke, or this has since been resolved. I’m quite sure my cookies were active when this happened, but I’m also unable to replicate now.

    Thanks for dropping by and commenting

    Comment by Richard Hearne — August 18, 2009 @ 2:29 pm

  5. I’d say that a user not having cookies allowed isn’t a good enough reason to put a huge barrier in front of them.

    Like you say, more and more people are disabling cookies so web developers need to be able to cater for them – not just put a huge sign up saying you can’t get past until you change something.

    Comment by Gregor — August 19, 2009 @ 2:17 pm

  6. Hi Gregor,
    well i think that barier it’s a good thing for a website. try accesing some important sale website without cookies enabled.see what u get back.

    Richard, still tried to reproduce that. Couldn’t yet.
    Cheers mates

    Comment by rika — August 25, 2009 @ 3:56 pm

  7. Hi Richard – the comment is a bit late in coming – I hope you don’t mind.

    I actually have a question as to the blocking of third party cookies and Google analytics.

    Are analytics cookies “third-party” cookies (I think so)? If so, what would you recommend as an option to block one’s own traffic to one’s own site (I currently use a filter with a cookie).

    Would it be enough to:
    1. create the filter
    2. visit your site with all cookies allowed
    3. and then have third party cookies blocked at which point all existing will be kept?

    Also, would this result in people being logged as “unique visitors” each time they visit if 3rd Party cookies are being blocked by them?

    And, lastly (shew!), what if a piece of javascript opens an iframe in a page (white-hat) and cookies get stored by a third-party – I guess these wouldn’t be blocked as “third-party” cookies, would they?

    OK, a real mouthful – hope you don’t mind! :-)


    Comment by Ricardo — August 26, 2009 @ 10:06 am

  8. Hi Ricardo

    Most analytics providers, including Google Analytics, use first-party cookies. The GA cookie belongs to your domain, so it’s first-party.

    I’m not 100% sure what it is you’re asking, but if I’m right then I think the way to remove your own traffic from GA is to use a filter.

    Blocking 3rd party cookies actually happens in the browser – you cant do anything as a site-owner/webmaster.

    The iframe idea wont associate the cookie with the site in the main frame, so I’m not sure if I’m following this last bit TBH?


    Comment by Richard Hearne — August 26, 2009 @ 8:27 pm

  9. Hi Richard, I realise my question was a bit vague (perhaps because I was confused a bit myself :-) )

    As to the analytics – makes sense. Thanks.

    On the iframe, if a piece of javascript opens up an iframe on your page (e.g. – the tweetmeme javascript code). Does that mean that the tweetmeme cookie (if there is one) would not be treated as a third party cookie when someone browses onto a site containing it?

    Essentially, an iframe is simply another window, isn’t it – as if it were a page on its own?


    Comment by RIcardo — August 26, 2009 @ 8:44 pm

  10. Yep – AFAIK the iframe will be considered a separate window and domain, but I’m not familiar with tweetmeme, so that cookie may actually be first party. Would take some digging to find out TBH. I’d say that there are some security issues that preclude data being passed between the parent and iframe.


    Comment by Richard Hearne — August 26, 2009 @ 8:57 pm

  11. Thanks Richard – you’re a star – much clearer to me now.

    I appreciate your time in answering these questions.

    All the best,

    Comment by Ricardo — August 27, 2009 @ 11:43 am

  12. PS – used tweetmem simply as an example. Don’t even know if they store a cookie or not – just know that the javascript code you get opens up an iframe to their site on your.


    Comment by Ricardo — August 27, 2009 @ 11:45 am

Comments Feed TrackBack

Leave a comment