I like my privacy as much as the next guy, and I certainly do not appreciate anyone tracking my browsing habits without my knowledge. I became aware that I was being watched after shopping for lighting fixtures. A few months ago, my wife and I looked at online lighting sites while trying to find a set of fixtures for a renovation. After a few weeks, I noticed that advertisements for the exact fixtures that we had looked at began to pop up while I was browsing at unrelated sites. I had not logged in to any of the lighting sites, nor had I left an e-mail address or any identifying information. I had simply visited the site.
This was the first time I had noticed this behavior. I checked my browser settings and my Internet security software and neither had been altered. I would have remained clueless if had I not stumbled across a Wall Street Journal article that revealed what I was experiencing–third-party cookies. Before going further, let me explain a little bit about cookies.
First-party cookies are placed on a user’s computer by the visited site. That is, visiting Amazon will result in a first-party Amazon cookie being placed on your computer. The name of a first-party cookie contains the domain name of the site that placed it on your computer. An Amazon cookie will have “Amazon” somewhere in its tile. Generally speaking, I do not mind first-party cookies–they can make life easier.
Session cookies are a type of first-party cookie. Session cookies help maintain a dialogue between your browser and the site you are visiting. A shopping cart is a good example. When shopping on a site, the site will place a cookie on your computer that keeps track of the number of items in your cart and other information. Therefore, if it takes 20 minutes to make up your mind about what to buy, or if you decide to look at other items on the site before checking out, the shopping cart status is not disturbed.
Third-party cookies are the problem. Third-party cookies are placed on your computer by the advertisements displayed on web sites. Third-party cookies are used for tracking activity. Remember, cookies can only be read by the web server that placed them on your computer. Therefore, if the same advertising company has ads on multiple sites that you visit, its web servers will be aware that you visited each one of those sites. This provides a way of looking over your shoulder as you surf the web. Without knowing it, an advertising company has become the BFF you never wanted. The thing that galls me is that at no time was I asked if I wanted to accept third-party cookies.
Third-party cookies are important for generating revenue from advertisements. As the WSJ article points out, both Microsoft and Google are major players in online advertising and so are friendly towards the idea of third-party cookies. The default privacy modes for both Google Chrome and Microsoft Internet Explorer are set to accept third-party cookies. Fortunately, there are two relatively easy ways to avoid third-party cookies.
If manipulating browser settings is too technical for you, try using the InPrivate mode of Internet Explorer or the Incognito mode of Chrome when surfing. Both options work fairly well in protecting privacy, but as researchers from Stanford point out, there are ways around them. InPrivate and Incognito share a very annoying feature–they cannot be set as default browsing options. Instead, these modes must be activated at the start each browsing session.
Now that I have learned far more about third-party cookies than I ever hoped to know, I have my browser set to block all third-party cookies. Also, I have added cookies to my list of things that one should never accept from strangers.