While setting the performance goal for any particular page on our site, and starting discussions around the performance budget...
... we examined the cookies being loaded to make our site functional. The list was enormous, over 30 cookies were being passed back and forth for almost every call to the site, including for assets like js/css/images. Many of these cookies contained legacy data that was rarely, if ever, used after it was set. Many others contained personal information that should never have been saved into cookies in the first place:
As an online customer, I want my personal information to be served securely, but quickly, because both my time and privacy are important to me
In discovery: Set up a mini test site to determine how much speed we could gain by severely cutting our cookie overhead. This would include a test db to store a customer cache based on the levels of security needed, a happy-path service to parrot back the customer data requested and page-level security to mimic real-world conditions.