Never Accept Cookies from Strangers

I like my privacy as much as the next guy, and I certainly do not appreciate anyone tracking my browsing habits without my knowledge. I became aware that I was being watched after shopping for lighting fixtures.  A few months ago, my wife and I looked at online lighting sites while trying to find a set of fixtures for a renovation. After a few weeks, I noticed that advertisements for the exact fixtures that we had looked at began to pop up while I was browsing at unrelated sites. I had not logged in to any of the lighting sites, nor had I left an e-mail address or any identifying information. I had simply visited the site.

This was the first time I had noticed this behavior. I checked my browser settings and my Internet security software and neither had been altered. I would have remained clueless if had I not stumbled across a Wall Street Journal article that revealed what I was experiencing–third-party cookies. Before going further, let me explain a little bit about cookies.

Cookies are text files placed on your computer by visited web sites. They may contain any data that can be included in a text file; however, they are not programs or viruses. Websites use cookies to keep track of things such as usernames and passwords. This way, when you visit a site, you are recognized without having to re-enter login information. Cookies can be only read by the website that placed them on your computer. For example, Amazon cannot read the cookies placed on a computer by CNN.

First-Party Cookies
First-party cookies are placed on a user’s computer by the visited site. That is, visiting Amazon will result in a first-party Amazon cookie being placed on your computer. The name of a first-party cookie contains the domain name of the site that placed it on your computer. An Amazon cookie will have “Amazon” somewhere in its tile. Generally speaking, I do not mind first-party cookies–they can make life easier.

Session Cookies
Session cookies are a type of first-party cookie. Session cookies help maintain a dialogue between your browser and the site you are visiting. A shopping cart is a good example. When shopping on a site, the site will place a cookie on your computer that keeps track of the number of items in your cart and other information. Therefore, if it takes 20 minutes to make up your mind about what to buy, or if you decide to look at other items on the site before checking out, the shopping cart status is not disturbed.

Third-Party Cookies
Third-party cookies are the problem. Third-party cookies are placed on your computer by the advertisements displayed on web sites. Third-party cookies are used for tracking activity. Remember, cookies can only be read by the web server that placed them on your computer. Therefore, if the same advertising company has ads on multiple sites that you visit, its web servers will be aware that you visited each one of those sites. This provides a way of looking over your shoulder as you surf the web.  Without knowing it, an advertising company has become the BFF you never wanted. The thing that galls me is that at no time was I asked if I wanted to accept third-party cookies.

Third-party cookies are important for generating revenue from advertisements. As the WSJ article points out, both Microsoft and Google are major players in online advertising and so are friendly towards the idea of third-party cookies. The default privacy modes for both Google Chrome and Microsoft Internet Explorer are set to accept third-party cookies. Fortunately, there are two relatively easy ways to avoid third-party cookies.

All browsers allow privacy adjustments, and cookies can be blocked by a few changes in these settings. However, since many sites use cookies, setting your browser to block all cookies may result in some sites not working correctly. This isn’t a problem. You can set your browser to accept cookies from specific sites while excluding others.

If manipulating browser settings is too technical for you, try using the InPrivate mode of Internet Explorer or the Incognito mode of Chrome when surfing. Both options work fairly well in protecting privacy, but as researchers from Stanford point out, there are ways around them. InPrivate and Incognito share a very annoying feature–they cannot be set as default browsing options. Instead, these modes must be activated at the start each browsing session.

Those who desire more control of their online footprint than can be provided by browser features may wish to use services like Ghostery and AdBlock for peace of mind.

Now that I have learned far more about third-party cookies than I ever hoped to know, I have my browser set to block all third-party cookies. Also, I have added cookies to my list of things that one should never accept from strangers.




1 Comment

  1. Very nice and informative article, as a travel agent, I suppose this is why all the ads displayed while using my Gmail are related to travel concepts I have been researching.

    Thanks for the info

Leave a Reply

Your email address will not be published. Required fields are marked *