Out of Commission

How to Limit Commission Theft

  1. Find a trusted network and merchants. Ask other affiliates about their experiences with network partners, and if you are not being protected, take your business elsewhere. Likewise, if a merchant partner advertises via adware that is known to facilitate commission theft, you may be better off without them.
  2. Study your reports yourself for anomalies such as drops in conversion rates. Look at your server logs as well as network analytics to identify inconsistencies between the ratio of customers who appear to purchase and your commissions. If you are driving traffic but people suddenly aren’t buying, it may be a problem of theft.
  3. Test the software yourself. Even though isolating a computer and infecting it with suspicious software is a hassle, what you learn will be invaluable. Watching the activity when visitors come to you or your merchants’ websites will enable you to understand the scope of the problem.
  4. Educate yourself through affiliate marketing forums and the legal landscape. Affiliates and software experts are the best source of information available. While there is some misinformation, being well-versed in the issues is your best defense. Several court cases are pending that could decide the legality of overwriting commissions.
  5. Tell customers not to download software that you suspect is assisting commission theft. If the evidence convinces you that some free applications are harming your business, advise your current and potential customers not to use it.

We all operate to a great degree on trust. Whether you are an affiliate, advertiser, network or merchant, being able to succeed in business largely relies on others adhering to their written or implied agreements. We assume that most people will be honest and not interfere with our transactions.

“The overwhelming issue [in affiliate relationships] is about trust,” says Joseph Matheny, chief technical officer of advertising network AdValiant. But unfortunately that trust continues to be violated by some who capture commissions rightly due to others or take credit from a merchant that is not earned.

“There are those who haven’t bought into the rules of affiliate marketing,” Larry Adams, product manager for Performics, says. Subversive software, the anonymity of hiding behind affiliate IDs and sneaky scripting on websites make it easy to steal commissions and avoid detection. The potential to redirect commissions without fear of prosecution “provides a strong financial incentive not to follow the rules,” according to Adams, who says, “this is not a problem that is ever going to go away because there is economic opportunity.”

While there are reporting and auditing tools that can flag some of the most blatant attempts at padding commissions, dishonest affiliates can marginally enhance their earnings from their partners with little fear of detection or repercussions. Scott Jangro, president of marketing services company MechMedia, estimates that loss of commissions due to theft is “in the single digits” and “part of doing business that you should expect.”

Not-So-Grand Larceny

Commission theft generally falls into two categories: when tracking mechanisms meant to follow visitors from an affiliate or advertiser to a merchant are ignored or overwritten, or when someone claims a commission from a merchant for a transaction that they did not initiate. Unethical affiliates can stealthily overwrite competitors’ cookies during visits to their sites, or they can “advertise” with companies that disrupt the buying process by launching pop-up windows that falsely create commissions by erasing the true referring ID.

Like its brother nemesis click fraud, commission stealing has existed since before the Web was dynamic and will likely always plague online marketing. In 2002, networks Commission Junction, Be Free (which was subsequently acquired by CJ) and Performics agreed to address the problem by creating a code of conduct for affiliates to follow. LinkShare developed it’s own formal code of conduct.

CJ and Performics agreed that affiliates should insert a text identifier known as “afsrc=1” in their query strings to identify themselves to merchants and publishers. Affiliates and software developers should look for that string and back off from attempts to claim their own fees.

Performics’ Adams says employing afsrc=1 “will protect against software used by a lot of marketers who play by the rules,” and distribute applications that respond accordingly when they detect the code. The affiliate code of conduct has been revised twice since its inception, and Adams still advises new affiliates to implement the afsrc=1 code.

Implementing the afsrc=1 code “protects from a narrow class of programs” such as consumer rebate software like Upromise or eBates that follow the rules, according to attorney and adware/spyware expert Ben Edelman. But many adware companies do not conduct themselves along these guidelines, according to Edelman. Affiliates rely on the networks and each other for policing with “some affiliates paying bounties to those who turn in others,” he says.

The afsrc=1 parameter and affiliate code of conduct is not enforced consistently and “gave too much wiggle room to the networks,” according to Kellie Stevens, president of Affiliate Fair Play. Stevens, whose company provides affiliate consulting services, says “afsrc=1 is now a moot point,” because it is not uniformly implemented and is ignored by adware applications. “Many affiliates have no idea [about afsrc=1] and don’t know they are supposed to be using it,” according to Stevens.

Adware from companies such as Zango (formerly known as 180solutions) and DirectRevenue enable their advertisers, who are affiliates or merchants, to insert pop-up windows that can interrupt the buying process and cancel commissions from other affiliates and/or create commissions for themselves. These applications, which consumers download in order to receive free software, music or videos, have led to several lawsuits (some of which were dismissed) claiming unfair business practices. Zango recently settled a case with the FTC over charges of deceptive practices with consumers and paid a $3 million fine, but did not admit guilt.

Dave Methvin, software expert and chief technology officer of PCPitstop.com, began studying how Zango’s software works because customers who had their PCs scanned at his website were emailing him about problems browsing the Web. “It became a crusade because so many of our users had infected computers,” he says.

Methvin installed the Zango software and watched as his visit to a Verizon website was interrupted by a pop-up window that created a commission for an affiliate whose site he had never visited. “When I started the transaction, Verizon wouldn’t have owed anyone a commission,” he says.

“Clearly there are unfair things going on,” says Methvin, who likened Zango’s enabling of partners to interfere with affiliate relationships to someone who provides a criminal with a gun and bullets but doesn’t want to be held accountable when it is used in a crime.

Zango’s software looks for keywords contained on a website or for specific URLs, and when found, launches a Web page or pages from affiliate websites in pop-up windows that have been observed to generate as well as overwrite commissions.

Zango director of public relations Steve Stratz says his company’s software does not itself overwrite cookies or otherwise subvert affiliate commissions. However, Stratz confirmed that Zango’s terms and conditions with its advertisers does not prevent them from altering cookies or creating pop-up windows that interfere with transactions, and he has no intention of asking them not to. Stratz says Zango sells to its advertisers all of the URLs and keywords that are used by its clients to open up pop-ups, including pages that open up only when someone visits a merchant’s shopping cart. Zango’s software will load pop-ups when a trademarked product names appears on a page.

“For us to regulate the world of cookies and the various and sundry ways that they are used goes beyond the scope of our mission as a company,” says Stratz. He says if companies want to protect their home pages or trademarks from pop-ups, they can always outbid their competitors. “We don’t apologize for the aggressive nature of our ad network,” Stratz says, adding that 200,000 people willingly download Zango software each day.

(For more on Zango, see the Affiliate’s Corner column on page 94.)

Network Protection

Technology does not exist that can prevent cookies or affiliate links from being ignored or to proactively defend against commission theft, according to attorney Edelman. It is impossible to prevent cookies from being overwritten, although consumers can protect their computers by installing applications that detect adware or spyware.

Since there is no panacea for protecting commissions, affiliates should employ the strategies for limiting loss, which foremost requires carefully selecting and working with your network partner.

The primary responsibility for monitoring commission theft lays with the networks, according to Steve Sauve, chief technical officer of network MaxBounty. “The merchant is paying a network for a service, and it is our responsibility to do quality control,” he says.

Sauve says that on average his company terminates two to three affiliates per month for commission stealing. In his experience defrauding merchants is a bigger problem than affiliates stealing from one another. “You need to actively monitor the network and watch to see where the traffic comes from,” he says. If an affiliate’s commission is out of alignment with the historical conversion rates, Sauve says the network should investigate.

Performics’ Adams says networks need to be proactive to make certain that affiliates aren’t participating with adware software vendors. “One of the most transparent things is anomalous performance. If they’ve been in a network for a while without showing results, then jump up to the top 20,” then something is likely amiss, he says. Performics tracks daily and trailing averages, and has a network performance group to monitor how affiliates drive traffic. “Looking at geography [of the initiating IP address] is also a good clue [for identifying bogus commissions], as illicit activity is often offshore,” according to Adams.

If affiliate reports show an unwarranted boost in performance, or if another affiliate has suspicions, Performics undertakes a remediation process to determine if the affiliate should be bounced from the network.

Affiliate Fair Play’s Stevens says if an affiliate isn’t getting enough support from the network in battling lost commissions, then it is time to shop around. However, larger affiliates “have to participate with the big networks because they need big brands to draw the traffic.” She says that networks need to be more candid in instructing new affiliates about the occurrence of commission theft and more closely monitor the commission-reporting process.

Merchants should aid affiliates by terminating relationships with those who are known to steal commissions, according to Stevens, but they are constrained by a lack of information. She says that if a dishonest affiliate is part of a large network, it may be hard to identify that specific affiliate, and so the merchant would be forced to terminate the entire network; a difficult decision if the network overall is performing well. Merchants sometimes make side deals with known cheats because of the revenue they generate, Stevens says.

Networks such as ShareASale are drawing affiliates by being selective about the companies that they choose to do business with and promoting their “clean” affiliate relationships, according to Stevens.

Selectivity

According to AdValiant’s Matheny, networks could eliminate 50 percent of the lost commissions by caring for their affiliates properly. His company is developing MediaTrust, a custom link-generation technology that would make it more difficult for software to circumvent the referral process.

Matheny, who has a background in Internet security, says that the system is similar to a public and private key system used in encryption software where each side (in this case the affiliate and the network) holds part of the information necessary to complete a transaction. The software, which is due in the first quarter of 2007, would make it more difficult for an application to fake a referral transaction.

The best method for understanding if, or how, commissions are being stolen is for an affiliate to set up a test computer and install any suspicious software, according to Performics’ Adams. He recommends you visit your site and your merchants’ sites with the “infected” computer and watch for deceptive behaviors.

Since the networks have offered little details about commission theft, affiliates should search forums and message boards for links to investigations of adware by software experts. “There is not a lot of centralized factual information,” advises Edelman, who says affiliate forums are the best places to start.

Affiliate Fair Play’s Stevens says that lack of a concerted voice among those in the industry is hindering the fight against commission stealing. More sharing of information between networks would deter affiliates from bad behaviors because they wouldn’t find it so easy to hop from partner to partner, she says.

AdValiant’s Matheny says he recently spoke with a competitor about starting a consortium for sharing information and establishing industry standards. Presenting a unified front amongst competitors would have a psychological effect, according to Matheny, if commission thieves believe that “we won’t let you get away with it.”

Affiliates who take undeserved commissions “should be flagged,” by those in the industry, Matheny says. MaxBounty’s Sauve says his company would volunteer data about affiliates to a group effort, “but there would be a danger of false positives.”

Sharing too much information would reveal how commission thieves are tracked and bad affiliates could use the knowledge to avoid detection, according to Performics’ Adams. His company prefers handling issues with clients privately to establishing a blacklist of affiliates who have cheated. “We wouldn’t want to throw them under the bus.”

JOHN GARTNER is a Portland, OR-based freelance writer who contributes to Wired News, Inc., MarketingShift, and is the Editor of Matter-mag.com.

Clean Sweep

You’re thinking of working with a merchant, but you don’t want to be involved in any program that includes affiliates using questionable, if not illegal, practices. But how can you know for sure whose program is squeaky clean and whose is not?

It’s not easy to tell which merchants have clean programs. Maybe that’s because it’s not easy to pin down exactly what “clean” means.

“That’s the $64,000 question,” says Kellie Stevens, president of AffiliateFairPlay.com. “The answer varies. Clean means different things to different groups. The definition varies even among affiliates.”

The general consensus at the most basic level is that a clean program will not allow parasites of any kind to sign up and will remove offenders if they are discovered. This means that affiliates with downloadable applications that are installed without the knowledge of the consumer or that redirect affiliate links or overwrite affiliate cookies are out.

But there are those even stricter in their definition.

“For some, even if a user can opt out of the download, they consider that parasite-ware,” Stevens says. “So if a merchant partners with that affiliate, they are considered to be supporting the parasite financially and they risk being labeled as unclean.”

“As far as some affiliates think, there is no clean program,” says Shawn Collins, a consultant. “They have a very black-and-white view of anyone who uses adware. They think there are no possible [good] intentions from anyone who uses adware.”

Collins calls that “a simplistic and lazy viewpoint.” “Maybe they don’t understand the issues completely or they are taking this stand from a selfish or competitive viewpoint,” he says.

Under that stringent definition of clean, Collins says any affiliate manager that partners with any loyalty, reward or incentive program would be considered dirty. He disagrees.

“If an affiliate is using the adware for something like shopping and the application is very compliant in allowing users to uninstall the program, I think that’s okay,” Collins says. “Not all adware should be grouped together. It’s not like they are all drive-by downloads or installed or bundled without users’ consent.”

He notes that many in the online marketing community do not consider RemindU from UPromise a parasite, but notes that it uses the same technology as eBates, which is often targeted as being a parasite by affiliates.

Affiliate managers themselves seem a little more lax about what constitutes a rogue affiliate. According to a poll on AffiliateManger.net, a community message board and forum, 54 percent of affiliate managers stated that some adware affiliates are dirty and some are clean. Talk about straddling the middle ground.

But affiliates don’t always see eye to eye with program managers. Most affiliates agree that parasites typically prey on merchants that are ignorant about such nefarious practices or affiliate managers that turn a blind eye to these activities because their program is making a lot of money from rogue affiliates.

It’s a Matter of Trust

That’s why developing trust between affiliates and those managing programs is a crucial component of doing business. Both parties must feel that they’ve entered into a partnership. When you do business with partners there is an implied level of trust that the relationship needs to work for both parties.

“The trust sustained between a network and affiliate is paramount,” says Bret Grow, vice president of LinkMo Advertising Network. “Our affiliate trusts that we keep our links alive, pay a competitive price for their sales/traffic and report it honestly. Networks trust affiliates to provide credible data and lawful traffic no matter the level of volume.”

Andy Newlin, affiliate marketing supervisor for SierraTradingPost.com, knows about trust. He’s earned it. Two years ago, his program was widely criticized by very vocal affiliates. But Newlin listened to those critical affiliates and worked hard to weed out the bad affiliates. His continued clean up efforts and willingness to listen earned him a certain level of trust and respect with the online marketing community. Now if a bad apple slips in, affiliates alert Newlin and he takes care of it immediately. In other words, affiliates are now willing to cut Newlin a little slack.

“Back then I didn’t know about running a clean program and relied on affiliates to educate me,” Newlin says. “And once I had a good idea what a bad affiliate was, I took on every affiliate account and tested it myself and then made a decision on whether or not they were clean and could stay in the program. Every now and then an affiliate will alert me that a spyware or parasite-ware affiliate has snuck in. I’ll thank the affiliate for letting me know and then take the appropriate actions right away.”

Newlin says that if you take the advice of good affiliates and ask for their help, they get over the hard feelings.

Some affiliate managers are revered by the affiliate community as managers who run clean programs. Chris Sanderson of AMWSO, an affiliate marketing firm based in Bangkok, Thailand, and Andy Rodriguez of Andy Rodriguez Consulting are the most notable and mentioned the most often.

“Eighty percent of the [ABestWeb] board hates LinkShare,” says Haiko de Poel Jr., president of ABestWeb.com. “But they love Chris Sanderson. And if he says a program is clean, then come hell or high water, affiliates believe him. By definition, a trusted program is a Chris Sanderson program or an Andy Rodriguez program. There is a huge trust factor with those guys and affiliates.”

This summer Rodriguez held the first Affiliate Program Manager Certification seminar in Florida. The response was so overwhelming that Rodriguez has a second one planned for October.

“Andy is probably the most trusted affiliate manager out there, and it comes as no surprise that he’s the first to offer such a seminar,” says Greg Rice, an outsourced affiliate program manager with Commerce Management Consulting in Medina, Ohio. “As a veteran affiliate, I’m very interested in this topic.” Rice worked as an affiliate several years ago when Rodriguez managed the affiliate program for Tiger Direct.

“That’s where I got firsthand knowledge of how he inspires trust in people. If he says he’ll do something, he does it. He quickly resolves issues and he did a lot of cleaning up of that program to get the parasites out,” Rice says.

Rodriguez says it’s all about building relationships with people.

“If you respect people and are honest with them, they respond to that,” he says. “In my opinion that is what affiliate marketing is about – people and treating them with the same respect you expect to be treated [with].”

But people change jobs, so don’t confuse the merchant with the affiliate manager of that program, advises de Poel. “I know of a couple of programs that were well-managed and clean, but once the affiliate manager left, the programs went to trash. Things like that happen every day.”

Investigate, Sherlock

To get more information on a merchant, you can also talk to affiliates already in the program.

“The quickest way to find out about an affiliate program is to check in with existing affiliates,” Newlin says. “The affiliates will definitely know if the program is clean. With most other sources – such as lists on websites – you run the risk that they may not be up to date or they could be run by a competitor.”

Also check the online affiliate forums or message boards. Many have lists that are frequently, but not constantly, updated. And with thousands of active affiliates, you can always pose questions on the boards about a specific program and see what kind of response you get.

“Trust the forums. If a program is not clean, the posters on these boards won’t hesitate to chime in and tell you immediately,” Newlin says.

Rice agrees: “There’s a good chance that if someone is up to something, then someone on the boards have caught wind of it.”

And in some cases, companies that are known for using adware or parasite-ware will post a list of their partners right on their website. “Once you see who is on that list, we can avoid doing business with them,” Rice adds.

Protect Thyself

Making sure someone is running a clean program is hard work, but for most online marketers it’s something that they need to do for themselves.

Newlin says that both for affiliate managers and affiliates the only real way to be sure about anything is to do your own testing. While it takes some level of expertise to perform the testing and you have to know what to look for (such as testing applications to see if they override the affiliate tracking or the affiliate cookie), it’s worth the effort, he says.

“Before you put the links on your page, actually cut and paste the links into the browser to make a test purchase to see if it tracks,” AffiliateFairPlay.com’s Stevens suggests.

For affiliates, de Poel says there are key things to look for and specific questions to ask affiliate managers. Look for programs that offer a fair commission rate in the industry. Find out if the affiliate manager has more than one point of contact. Can you reach them by phone, email, instant messenger? Make sure the program has the tools and resources to help the affiliate (data feeds, product showcases, frequently updated creative). Is the affiliate manager active in the industry? Do they post on message boards? Are they visible at industry events? Does the affiliate manager quickly address concerns?

While Stevens is sympathetic to affiliates’ concerns, she wants to see them take more action.

“We need to put more focus on holding the affiliates’ feet to the fire,” she says. “They are right that they are losing justly earned revenue, and they are entitled to that. But they need to take a stance and do less complaining. It’s always ‘Microsoft should be detecting problems. Google should be doing this or that.’ They want everybody else to take on the issue. They need to say ‘What can I do for myself to fix these problems?’ “

Especially since affiliates are unlikely to get support from consumers on this issue.

“The average consumer has no idea what link hijacking is and that cookies are being overwritten,” Rodriquez says. “They don’t have a clue and they don’t care. The pressure has to come from the merchants and OPMs that are managing programs. This is crap and it’s hurting the industry.”

Certification or Regulation?

LinkMo’s Grow says that one of the biggest problems his company faces is a lack of affiliate identity verification. His company is inundated daily with fraudulent affiliate sign-ups. “Manually sifting through all of them to find those who are legitimate is time-consuming,” he says. “But no matter how much work it is, it’s critical to weed out crooks that would send bad data and spam across the network.”

Instead of guessing who is doing what, Grow says a possible solution to the problem is an industry-wide, third-party, affiliate verification service. LinkMo is developing a new service called Certified Affiliates to determine which affiliates are legitimate and which are fraudulent before they gain access to any network. LinkMo plans to reward affiliates who get certified through CertifiedAffiliates for the time and expense the service saves LinkMo.

Certification is not a new idea. de Poel says he tried it a few years ago. He started ATrustedMerchant.com, a program that gave out certification logos to merchants that met the predefined criteria for running a clean program.

But several companies that failed to receive certification due to the inclusion of parasitic affiliates raised a stink about their competitors being certified. Calls from the legal department at one of the companies followed, and the whole situation raised issues about the legality of compliance.

“It really become a pushing point for me,” de Poel says. “Everyone keeps on wanting me to make a list of clean merchants, but it got to a point where the list was not valid and there was inaccurate information on the site. It’s just too dangerous to certify merchants as being clean or trusted. Things change too fast to make sure that once a merchant got the certification they stayed clean.”

de Poel was also surprised at the lack of volunteers to help in his efforts, given the volume of messages on his forum devoted to voicing complaints about dirty programs.

“The community is coming out and saying they all want clean programs. Managers want this and affiliates want this, but no one is willing to do the damn work to make it happen. They all want to pass it off to someone else to do the work,” de Poel says. “I asked for help with ATrustedMerchant.com and only five people offered to pitch in. That’s not right.”

Stevens agrees there are many obstacles to certification. “It’s a huge technical challenge, and whoever undertakes such an effort is going to need a large pool of resources in terms of the time it takes, people and money,” she says. “I just don’t know if certification of affiliates is a viable financial business model.”

Consent is a huge issue in the certification process. Clean merchants will readily agree to a voluntary accreditation process, but anyone using questionable practices is not likely to submit to the necessary scrutiny, according to Stevens.

“It’s a sticky wicket,” she says. “People that want to conduct tests regardless of having the consent of the merchant or affiliate may face a lawsuit if they don’t pass.”

Instead Stevens would like to see some test-purchase protocols that could be used by affiliates.

The Networks’ Role

Some claim that the solution might not rest with affiliates, but rather with pressuring the networks to kick affiliates with parasite-ware out of their networks.

“A certification process is no good if networks continue to allow dirty affiliates in. At that point it doesn’t matter if I’m certified as clean,” Rice says. ShareASale.com is the largest network that has rigorous policies regarding adware, spyware and parasite-ware. To ensure no offenders enter its program, ShareASale does not allow any downloadable applications. Period.

“Affiliates could pressure the networks by refusing to do business with them,” Rice says. “The whole issue is driven by money, and right now the networks think that allowing parasites means more money for them. Affiliates need to show them it’s short-sighted and untrue.”

Many vocal affiliates are always informing the networks about nefarious activities. But these whistle-blowing affiliates often don’t feel that appropriate measures are taken against the offenders.

“The networks need to take action on the information from affiliates about bad practices,” Newlin says.

Collins says it’s going to be hard to satisfy all parties. “There’s just no way to placate people. If affiliates are required to provide more information about themselves to get into programs, then they consider that an invasion of privacy, but on the other hand the same affiliates are hollering that programs often let anybody in, including rogue affiliates. They want things to change but they don’t want it to impact them,” he says.

He cites LinkShare’s implementation of more restrictions with its Athena program, an enhanced affiliate registration and management system that allows merchants to verify affiliate contact information when an affiliate first registers in the network and when the affiliate changes any element of their contact information.

“People were screaming from the rooftops that this was an invasion of privacy,” Collins says.

“Project Athena is a great idea that was needed and I give kudos and credit to Steve (Messer, Linkshare CEO), but the execution of the project was chaotic and a disaster,” Rodriquez says. “When launching something of that level, you need to test in beta and retest in beta and test again and then bring it out. They had the launch before it was ready, but it was good for the industry.”

Many affiliates remain distrustful of the networks and say that despite publicly paying lip service to the issue of parasites, most networks are not doing enough and will get their comeuppance.

Rice says he believes “a day will come when this activity is illegal and affiliates will remember who did business with parasites and they will get what they deserve.”

Some encourage affiliates to vote with their wallets.

“Return on investment is key for the networks,” Rodriquez says. “And the networks don’t own affiliates, so affiliates should go where they can get the best return on their money.”

If the networks aren’t doing enough, then some would welcome government intervention.

SierraTradingPost.com’s Newlin would like to see the government step in and take over the regulation of affiliates. “I see parasites stealing hundreds of thousands of dollars, and they should be sued for it. The government should help,” he says. “I envision it like the CAN-SPAM regulation.”

But Newlin concedes that the government lacks the manpower to truly crack down on cyber-crimes. “They are probably not hitting 90 percent of the spammers,” he says.

Some affiliates say New York Attorney General Eliot Spitzer may be the one to finally exterminate parasites.

Spitzer, a candidate for governor of New York in 2006 is best known for his high-profile crusades against conflicts of interest in business. Now he’s focused on cyberspace. In April, he filed a civil lawsuit against Intermix Media of Los Angeles accusing the company of secretly installing software that delivers nuisance pop-up advertisements. He says such programs are fraudulent and threaten to discourage e-commerce.

Spitzer has publicly stated that he looks forward to a time when technology will provide a comprehensive solution to stop spammers, parasites and spyware, but until that time there needs to be a cop in cyberspace who will stop the most egregious abuses.

But any mention of the government getting involved raises heated debate. Rodriquez is opposed to the government getting involved. “The last thing we need is for the government to say this is under their control. That is the very last thing we need. Still, he admits that the industry has evolved and there are tools and companies that are taking advantage of the system.

“If some of the activities in the online world were happening in the regular brick-and-mortar space, some of these people would be in jail,” Rodriquez says.

The Clean Advantage

But just because a program is clean doesn’t mean it is well-managed, according to Newlin.

It’s a lot of work to run a clean program, but there are rewards.

“If you are clean, then legitimate affiliates will promote you harder,” Newlin says. “A lot of super-affiliates will not even touch merchants that have parasites. If the affiliate manager is not selfish in driving their own channel within their company, they will make sure the affiliate program isn’t going through the roof. It’s in their best interest to see if the parasite applications are stealing affiliate commissions in their own channel.”

AffiliateFairPlay’s Stevens expects things to change as the industry evolves and affiliate managers become more savvy about the online market, “but it’s not going to happen overnight.”

Rodriquez says that, in the end, in order for the online marketing space to grow and succeed, everybody has to win. “To become successful you need to help others be successful.”

The Cookie Conundrum

Cookies will drive you nuts. As you know, cookies – or very small files that recognize you as uniquely you to particular websites – are kind of the backbone of affiliate marketing. If the cookie didn’t exist, there would be no way for you to claim the sale or track your core customers. This would effectively kill affiliate sites in their tracks.

Or will it? Recent studies on cookies have only confused matters. Survey respondents have said they delete cookies off their hard drives as frequently as every week. JupiterResearch in April released its cookie study that said nearly 40 percent of those online trash cookies monthly. Burst Media weighed in with its findings, echoing Jupiter’s study: 38 percent of online consumers nix their cookies once per month. Nielsen NetRatings pushed up the panic by stating that 43.7 percent of its respondents said they dumped cookies monthly. An InsightExpress survey said 56 percent. But then it backpedaled, saying probably fewer than that number actually delete cookies, citing data that when study participants were asked to immediately trash their cookies, only 35 percent did it correctly.

Even more baffling to the average user are the different kinds of cookies that exist: first-party cookies; third-party cookies; tracking cookies; local shared objects. It boggles. Even Walter Mossberg, a well-respected tech columnist for The Wall Street Journal, came out strongly against tracking cookies and suggested they be classified as spyware. In the same breath he did admit that first-party cookies are what make the Web a fun, personalized experience.

Even so, the studies seem pretty grim. If the results are accurate, then nearly half your sales would be freebies – meaning that 50 percent of your commissions would also disappear.

But then in April, Atlas Institute released an analysis of some of those studies and concluded many simply weren’t true. Atlas found that 40 percent of those who said they deleted their cookies monthly didn’t do it when they said they did. Cookies were generally present twice as long as respondents stated on their surveys.

It wasn’t a conspiracy. In many cases, it was just bad recall. In some instances, respondents assumed cookies were being deleted by anti-spyware products installed on their computers. Some of the deletion numbers are so high because users think the software is doing it for them. In many cases it isn’t. This puts anti-spyware and anti-adware software makers in a strange position: is it their responsibility to help you manage your cookies, or is it just a whole lot of paranoia?

Of the most popular anti-spyware software, about 75 percent come with “cookie management” options. What that means varies from maker to maker. When most anti-spyware programs do their normal scans (daily, weekly, monthly or however the user sets it) they will catch cookies but rarely do anything about them. The default is to generally ignore them. If the program offers a check box to dump certain kinds of cookies on a regular schedule, it has to be turned on by the user. Most anti-spyware makers believe the majority of their users are going with default settings. In fact, some studies have said that the so-called “computer savvy” also keep cookies longer than they say and believe they are deleting them when they aren’t.

All this misperception, in many ways, boils down to a few basic facts that most anti-spyware software makers can agree on: taken on their own, most cookies are not harmful. Cookies carry no code and so they cannot carry viruses. While cookies may carry information on where users have gone on the Web, most of it is anonymously tracked – meaning such data doesn’t contain personal information. The Wall Street Journal’s Mossberg wrote it was akin to a company knowing what channels you watched on TV without telling you it was monitoring you. Generally it’s more like following a set of footprints in the sand to see where they go, but the tracker has no idea if the person making the prints is Jane Doe, Jane Doe’s mom or Santa Claus.

One of the persistent problems, says Phil Owens, product director of CounterSpy, a product of Sunbelt Software, is that “most average users perceive that the program is doing the [cookie] removing” for them. He adds that most anti-spyware software makers are in a bit of quandary about cookies. They are “gray,” Owens says, because they are not malicious. Therefore, you’d think it isn’t software makers’ responsibility to clean cookies. Owens says this is a tough call. “On the one hand, maybe we should play a role and tell people cookies are benign until proven wrong. We can help quell that concern. On the other hand, market pressure by consumers is great. They will say, ‘This software found this but you didn’t,’ even if it is not malevolent.”

“The general public doesn’t understand the value proposition of the cookie,” says Rick Carlson, president of Aluria Software, which makes Spyware Eliminator. That’s why version 4.0 – released in February – has a whole separate tab in its scan results that lists the newest cookies. “Previous versions never detected cookies,” Carlson says, “but we put it in because consumers wanted it. And they wanted to be able to detect and remove them.” He says that sometimes spyware can place a cookie and that there is an outside chance that spyware reads other peoples cookies. Consumers wanted insurance for those remote possibilities, he says.

One of the most high-profile of antivirus software from McAfee currently doesn’t do any cookie tracking or identification either in its McAfee AntiSpyware 1.1 or VirusScan 9.0. McAfee spokesman Hector Marinez says the programs do not delete cookies or recommend deletion of cookies. He adds that the upcoming McAfee AntiSpyware 2.0 will have a cookie tracking function where cookies are identified and the user can choose to delete them. VirusScan 10.0 will not have cookie tracking.

Currently, anti-virus and anti-spyware from Microsoft does not scan for cookies, in part because the remembered passwords and Web page settings in cookies help tailor the Internet experience for visitors of Microsoft properties such as MSN. To help boost commerce, it’s been reported that the beta version of Microsoft Windows AntiSpyware does not disable tracking cookies. However, GIANT Company Software, the company that developed the anti-spyware product and was acquired by Microsoft in December, disabled tracking cookies.

Owens adds that he can conceive of a function in future versions of CounterSpy where the software scan can tell you exactly what each cookie is for, such as whether it was for a retail purchase you made or whether it was placed there by potential spyware.

Spyware Eliminator has its tabs even though Aluria’s Carlson says he would probably have preferred to have Eliminator ignore cookies. “We are extremely sensitive to the affiliate community,” Carlson says. Within the software tab, it clearly states that cookies “pose little risk.”

While anti-spyware companies are trying to figure out if they will take a stand, marketers themselves have stepped up to the plate and started their own grassroots awareness groups. One of the most prominent is Safecount.org, started by Cory Treffiletti, managing director of Carat Interactive’s San Francisco office, and Nick Nyhan, president of Dynamic Logic in New York. Safecount wants to start a “good list” of sites with trusty reputations. So far, the “good list” campaign is in the very early stages, “to show who plays by the rules,” says Treffiletti. A good list can show “you remain marketer-friendly and consumer-friendly.”

Another body is the advocacy group Center for Democracy and Technology, which is trying to help the anti-spyware industry start at the very beginning and define what constitutes malicious data or vehicles for code versus harmless files. Eventually the center wants to write “dispute- resolution procedures” as well.

One company is even using a kind of backup program that automatically saves a copy of cookies before anti-spyware software can do the job. United Virtualities of New York uses something called persistent identification element, or PIE, exploiting attributes in Flash software. Some analysts, however, have labeled it “deceptive.”

Lawmakers are weighing in as well. So far lobbies have managed to get Congress to keep cookies out of anti-spyware legislation. But the most recent bill, the Internet Spyware Prevention Act of 2005, known as the I-Spy Act, is so broadly defined that cookies could very well be included in a legal interpretation. Marketing agencies are also trying very hard to keep cookies out of legislation.

Right now Safecount.org is a small, all-volunteer movement and may not reach enough momentum by the time some of the top anti-spyware software makers have implemented more hands-on cookie administration in their next versions. Alternatives for the affiliate marketer start with what you can do on your own site.

The first thing you could do is to include a brief introduction to cookies on your website. It doesn’t have to take up a lot of room and could even be on its own page with a link that says something like, “A word about cookies.” You can start by explaining cookie deletion versus cookie rejection. Deletion is when a visitor manually dumps a cookie or when anti-spyware software trashes it either through alerting the visitor or by an automatic setting. This is never consistent because every brand of anti-spyware software handles it a tiny bit differently. Tech-savvy visitors may have set their browsers to reject cookies. While Internet Explorer can be set to not accept any cookies and make users feel a lot safer, most online retail sites need cookies turned on to finish a purchase.

Web analytics company WebTrends recommends that businesses focus on serving only first-party cookies (sent from the website you are visiting) and not third-party cookies (sent from a vendor or advertiser on a Web page). WebTrends also advises only carrying the most necessary information in a cookie to avoid privacy worries. Think twice, company officials at WebTrends say, about employing “unproven and risky alternatives to cookie tracking” such as those in Flash or solutions that “trick” a browser into receiving a first-party cookie.

Also, affiliates could list the benefits of cookies – that a cookie helps remember user’s purchase history and passwords, and helps commissions go to the right people. Don’t be afraid to spell it out for your repeat customers: “Keeping your cookie keeps me in business.” Carlson says groups like the Anti-Spyware Coalition (www.antispywarecoalition.org) can only help so much and that standards just don’t start in a committee room but out in the world. “We are just a $20 million in revenue company,” he says, compared to the really huge anti-spyware makers. “We are the flea on the back of a dog.”

Other proactive measures for an affiliate include going to Internet security sites and staying abreast of the latest in hacks, scams, phishes and technological advances. You may think it is asking a lot to suddenly become an expert in deception, but it might be a comfort to remember that you are not alone. In terms of affiliates or retailers online, if there were a cookie problem that was reflected in the bottom line, there would be an uproar. The retailers themselves would step up if their highest earners were fading. If money is being lost, ears prick up.

As affiliates take a bigger role in what companies sell, you can bet their voices will be heard. As with the grassroots bodies and coalitions, pulling together can make a big difference. Advertising companies on the Web rely heavily on the cookie, and they are already drawing up standards. Affiliates should consider doing the same. After all, what does a salesperson really do: Inform and persuade.

ERIC REYES lives in the San Francisco Bay Area and writes about technology and business. His work has appeared in Business 2.0, the New York Daily News, the San Francisco Chronicle and Worth magazine. He has directed and contributed to websites such as Amazon.com and Excite.com.

Should I Promote This Merchant

There are thousands upon thousands of affiliate programs offered by various Internet merchants. Deciding what programs to promote can be a daunting task. Let’s explore the factors most successful affiliate marketers consider when faced with this decision.

First and foremost, you must consider your site visitors’ propensity to purchase the product or service or take the “desired action” (filling out a lead form, etc.). You should consider the attractiveness of the merchant’s site and offer, but you also need to consider your ability to properly pre-sell the product or service and your interest in doing so. After all, if you don’t refer a qualified buyer, and if the merchant’s site doesn’t convert your referrals, you won’t be successful with this offer.

Once you’re satisfied, both you and your customers will be interested in what a merchant has to offer, then consider the following six factors.

1. The Agreement Read the Terms and Conditions of the program, and be sure you understand and agree with all the points. If there is no such document, move on.

2. Compensation Terms How much a merchant is willing to pay you is surely important, but you must also consider the expected conversion rate. Look at the program’s earnings-per-click, or EPC. A program that pays you $5 per lead may be far more attractive than one offering an average commission of $25 per sale. Using this example, if 10 out of 100 of your referrals submit a lead form, you’ll earn $50, with an effective EPC of 50 cents. If just one in 100 of your referrals makes a purchase, you’ll earn $25 with an effective EPC of a quarter. You’ll also need to consider the volume of clickthroughs, which isn’t part of the EPC measurement. In other words, if very few of your site visitors click on the lead campaign and many more click on the per-sale campaign, you could end up earning more total commission on the per-sale campaign, even though it does not convert as well.

The average EPC is public knowledge for many programs. If it isn’t disclosed, I urge you to write to the program manager to ask about the average EPC. I suggest participating in programs with a minimum EPC of 10 cents (unless you expect very high volume).

3. Return Days and Lifetime Commissions “Return days” refers to the length of time a cookie is set on your referral’s computer to allow you to earn commissions even if the referral returns directly to the merchant’s site.

The importance of return days will depend on the length of time a customer typically takes to decide to purchase a particular product. As a general rule, I suggest you consider programs with a minimum of 30 return days.

Many merchants expect customers to make repeat purchases. It’s even built into many situations, like ongoing services. As an affiliate, you should be compensated for future purchases, so look for these types of programs to offer lifetime commissions. (Especially good are those tracked by a database, where your referred customer is “assigned” to you and your ongoing commissions aren’t dependent on cookie tracking.)

4. Leakage I define leakage as any time affiliates don’t get credit for commissions they rightfully earned (based on the program’s terms and conditions). Below are a couple examples of leakage. Again, don’t hesitate to ask the program managers how they minimize these issues for their affiliate partners.

Phone Orders: There are ways to credit affiliates with their phone orders. (Contact me at my company if you’d like more information.)

Participation of Parasite Affiliates: This critical issue is beyond the scope of this article, but clearly you want to avoid programs that have relationships with affiliates who will intercept your referrals and claim the commissions for themselves. There are many sites and discussion groups where you can find lists of affiliate programs that have parasites participating in their programs.

Even if you’ve earned commissions, there are unscrupulous merchants who may not pay as they have promised or are very slow payers. Again, check the affiliate discussion boards before you start promoting any merchant to see if other affiliates have registered complaints about them.

5. Program Management If you’ve gotten this far in your evaluation of an affiliate program opportunity, then I suggest you also look for information about the program’s management. Have you been provided with full contact information for an individual you can reach with your questions or comments? If so, chances are, you’re going to get the support and guidance you will need to promote this merchant. On the other hand, if you’re given a generic email address (affiliates@companyxyz.com) that you find is unresponsive to your inquiries, this should be a red flag. I also suggest you avoid programs that use “customer service” to handle all kinds of affiliate matters.

A productive affiliate should be viewed as a true business partner or an in-house salesperson. Therefore, look at the quality of the sales promotion support. For example, does the program go “beyond the banner” and provide affiliates with good content in the form of articles you can publish and/or emails you can send to your subscribers? Do you have access to individual product links or a product data feed? Has it provided you with a list of its most important keywords and keyword phrases? Does the program manager keep affiliate partners informed of the hottest-selling products and most successful promotions? Are you provided with coupon/promotion codes or other special deals that you can offer your customers?

6. Reporting Most well-run programs will allow you to log in to your account 24/7 so that you can view your performance in real time.

While there are no guarantees, following these guidelines should help you to partner with those merchants who offer you the greatest chance of success. Above all, remember to work smart, run your affiliate activities professionally and be aware of red flags.

JIM GRIBBLE is managing director of LinkProfits.com, which he founded in 1999 to manage partnership programs. He also runs LinkProfit.net, an exclusive business development network, and PartnerIndustry.com, a resource for merchants and affiliates.