May I Offer You A Cookie? Part 1

As a senior nomad, I spend a lot of time using my browser to read the news, to do research, and to plan my travels. I use various tools, such as a VPN and a password manager, to protect my vital information. I’ve also grown increasingly sensitive to the technologies used to track, and profit from, my browser usage.

Most people think of Google as the Big Boogie Man when it comes to this kind of thing. But, increasingly, all websites are becoming vectors for privacy invasion, and the standard browser mechanism for this is a file called the “cookie”. Unless specifically blocked in their settings, browsers allow websites to create small files, or cookies, on your device.

Why? Well, the communications scheme typically used between your browser and the website server is “stateless”, i.e. there’s no implicit correlation between two successive requests on the same connection. That means the website has no way of knowing what’s already happened. For example, it doesn’t know whether you’ve already logged in or you’ve selected an item to purchase.

That’s where cookies come in – they provide a continuity of information between requests. One of the most obvious cookies is the “shopping cart” that keeps track of things you want to buy from a website. Others may be used to register the font-size you’ve selected, or a site language option. Often cookies have a very brief lifetime and delete themselves, but others can last forever.

The nefarious Third-party Tracking Cookie is at the heart of my privacy concerns. These cookies can be, and often are, used to make a record of everything you do, every page you visit, every click you make, every decision you take, when visiting a website.

Worse yet, this information can then be shared with other websites, or services like Google, and combined with other identifiers (your email address, your network address) to build a very complete picture of you and your habits. This is then used to target you with ads, emails, scams, and even disinformation campaigns. Essentially, someone is looking over your shoulder as your browse and your privacy is a myth. The use of tracking cookies has increased exponentially in recent years.

And it’s not just businesses seeking to sell you something. “Data brokers” now vacuum up your data and sell it for all sorts of purposes, including to political campaigns, without your knowledge or informed consent.

Can’t we just ban cookies? Well, yes, and some browsers allow you to do this, but then many websites, having been designed to be dependent upon them to function, break.

How many cookies are we talking about? There’s almost no limit on how many a website might install on your device, so while it may be a few, it can be hundreds.

If you’ve not heard of SEO, it’s also part of the equation. When you search using Google, Bing, or another search service, often thousands of results are returned. Some studies show that most users won’t look at them past the first results page, others say only the top five results matter. So for a website owner, their position or ranking in search results becomes important.

If a business or website depends on marketing through search results, as many do, then they can pay Google, Bing, etc. to appear sooner in the results. Or they can use Search Engine Optimization (SEO) techniques to attempt to improve their ranking in the results. SEO is practically a science and website developers work very hard to apply it.

How does one know, though, if SEO is working? Or where one stands in the search results in the first place? Why, Google and others offer tracking cookies, programming scripts, and remote services that can measure all that, for a price.

So not only is Google selling your information by tracking your use of its search service, it also sells that same technology to others, so they can monitor their SEO effectiveness, develop profiles of their site visitors using cookies, and also profit from your information.

I hear the counter-arguments, that “the Internet is a wonderful thing” and “search provides an invaluable service”, “we’d be lost with out it”, etc. and I agree! As someone whose life and IT career included the pre-Internet years, I remember how it was before and I’m a big user of search. But, like so many things that take hold by accretion and are unregulated until it’s too late, just because a thing has become essential doesn’t mean it’s good for us.

Web inventor Sir Tim Berners-Lee is very worried that his 30-year-old creation is turning into a “digital dystopia”, in a head-long plunge into a moral abyss. It’s not an recent worry – Berners-Lee has publicly fretted about the web’s direction many times over the years – and it’s not hard to understand where his pessimism comes from.

Yeah, thanks, Tim, but you can’t put the genie back in the bottle now. In my next post, let’s look at one attempt to regulate control of our data.

One thought on “May I Offer You A Cookie? Part 1

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s