Sears Site Upgrade Inadvertently Bans All Who Don’t Accept Cookies
Written by Evan SchumanWhen Sears upgraded its E-Commerce site’s infrastructure in late August, it inadvertently blocked all visitors who don’t accept cookies, a move that the $44 billion chain is now attempting to fix.
Although both industry and Sears sources estimate that only 1.2 to 3 percent of U.S. shoppers block cookies these days, it could still prevent almost 5 million U.S. shoppers from giving any of their e-dollars to Sears. And it’s another reminder of the unintended consequences of Web and mobile site infrastructure changes.
“This seems to be a recurring problem with any major site changes. You just never know the consequences until you roll it out and hold your breath to see what happens.” said Forrester Research E-Commerce Analyst Sucharita Mulpuru.
That’s a lesson Sears already learned (or should have learned) last August, when a deal with offsite cache vendor Akamai inadvertently allowed some devious site visitors to change the Web pages for other visitors. Those changes made Sears’ pages to appear to be selling baby-cooking devices.
The latest problem apparently kicked in on August 19, when Sears changed its Web pages to allow for more customization, according to Web traffic tracking firm Pingdom. Only after launch was it discovered that the changes actually blocked customers whose browsers happen to block cookies.
Cookie-blocking has steadily dropped in popularity in recent years, making this less of an issue. But many consumers are not even aware of what their settings are, either accepting the default software settings or letting it stay where it was set when installed (perhaps by someone else).
How many consumers will likely be impacted? Forrester Researcher projects that about 160 million Americans will shop online this year. Given the range of 1.2 to 3 percent, that adds up to between 1.9 million and 4.8 million U.S. shoppers who will have a new Sears tagline: “Sears, Where America Shops, Except The 4.8 Million Of You That Block Cookies.”
Forrester Research VP/Principal Analyst Sucharita Mulpuru, who specializes in E-Commerce, said what caught her off-guard was how one of the nation’s oldest and largest retail chains learned of the situation.
-Marc
September 12th, 2010 at 10:15 pm
It would have never crossed my mind either. Not until people started complaining I guess. People still block cookies?
K Bishop
September 14th, 2010 at 5:08 pm
Blocking cookies is very rare among non-techies. And any techie who does block them deals with warnings like these all the time from various sites, so they’re hardly disenfranchised. They’re barely inconvenienced.
This “news” is pretty much a non-event, except to show that system readiness testing has to encompass a much broader range of scenarios than most web admins wants to imagine.
September 14th, 2010 at 6:15 pm
It depends on what you define as rare, with figures ranging from 1.2 percent to as much as 3 percent, in the U.S. So, yes, from a statistical perspective, 97 percent to almost 99 percent will not be impacted, as the story clearly said. But 1.2 percent to 3 percent of all U.S.l shoppers is still a heck of a lot of people. Privacy concerns are pushing a lot more consumers to boost the privacy restrictions on their browsers and firewalls, without necessarily understanding the implications. Don’t be so certain that it’s as rare as you think.
September 24th, 2010 at 3:24 pm
I block most cookies and use the pop-up feature to indicate when a site tries to send me a cookie. I will normally accept 2 cookies from a site. (I wish there was a setting for this) but when I go to a site that tries to put 72 cookies on my site, it gets totally blocked. Same with a site that tries to install 10 cookies when the page opens.
My kids get taught about cookies and tracking. My wife gets upset with the information that some sites try to gather.
Don’t forget flash cookies and the latest, the evercookie.
http://samy.pl/evercookie/
November 22nd, 2010 at 3:24 pm
using firefox I have Noscript, PRequestPolicy, AdBlocker, BetterPrivacy plugins which aid in telling me several things:
A) Where a site attempts to gather ad data from
B) what other sites are being pointed to within a page
C) Allows me to stop all downloading and contacting of those sites unless explicitly temporarily enabling them to contact me.
When I land on a site with more than 10 Advertizing domains in its frontpage I tend to not stay there very long.
When a site has only itself as a domain and useful information then I do tend to stay to find out what the site has to say since it is not making money by my being there.
Websites you need to get with the grips that Cookies are a security risk.
Cookies have been dangerous since 1995 and beyond and we all know why we clear our cookies and clean up that 20gb of “stored” data from surfing the web on our computers.
Those who are smart do the best they can to prevent themselves being targets of dangerous, malicious, or unscrupulous privacy invasions.
However we cant train everyone to be security conscious and we cant have everyone always being Ultra-paranoid secure. If we did then whats the point of having the internet because the only security from the internet is to be disconnected from it.