“Cookies” are tidbits of information that Web sites store on your
computer, temporarily or more-or-less permanently. In many cases
cookies are useful and inocuous. They may be passwords and user IDs,
so that you do not have to keep retyping them every time you load a
new page at the site that issued the cookie. Other cookies however, can be used for “data
mining” purposes, to track your motions through a Web site, the time
you spend there, what links you click on and other details that the
company wants to record, usually for marketing purposes. Most cookies
can only be read by the party that created them. However, some companies
that manage online banner advertising are, in essence, cookie sharing rings. They
can track which pages you load, which ads you click on, etc., and share this information
with all of their client Web sites (who may number in the hundreds, even thousands.) Some
examples of these cookie sharing rings are DoubleClick, AdCast
and LinkExchange. For a demonstration of how they work, see:
http://privacy.net/track/
Browsers are starting
to allow user control over cookies. Netscape, for example, allows you
to see a notice when a site tries to write a cookie file to your hard
drive, and gives you some information about it, allowing you to decide
whether or not to accept it. (Be on the lookout for cookies the
function of which is not apparent, which go to other sites than the one you are trying to load, or which
are not temporary). It also allows you to automatically block all
cookies that are being sent to third parties (or to block all cookies,
entirely, but this will make some sites inoperable). Internet
Explorer has a cookie management interface in addition to
Netscape-like features, allowing you to selectively enable or disable
cookies on a site-by-site basis, even to allow cookies for a site
generally, but delete a specific cookie you are suspicious about. With
Internet Explorer you can also turn on cookies for a site temporarily
then disable them when you no longer need them (e.g., at an online
bookstore that requires cookies to process an order, but whom you
don’t want to track what books you are looking at, what links you are
following, etc., the rest of the time.) Turning on cookie warnings
will cause alert boxes to pop up, but after some practice you may learn
to hit “Decline” so fast that you hardly notice them any more. The
idea is to only enable cookies on sites that require them AND whom you
trust.
You may also wish to try out “alternative” browsers like
Mozilla (Windows, Mac, Linux), Opera (Windows, Mac, Linux), Konqueror (Linux),
and iCab (Mac), which may offer better cookie management.
You can also use cookie management software and services. One example is
the Internet Junkbuster Proxy (
http://www.junkbusters.com/ht/en/ijb.html
).
It runs on Win95/98/NT and
Unix/Linux
(no Mac version), and can selectively
block cookies for you (and banner ads, to boot). interMute (
http://www.intermute.com/
)
does likewise (and more – blocks popup windows, etc.; only runs under Windows).
Another Windows-only
solution is AdSubtract (
http://www.adsubtract.com/
)
A comparable product (Linux, Solaris, Windows) is GuideScope (
http://www.guidescope.com/home/
)
A Java-based solution called Muffin (
http://muffin.doit.org/
) is also available. While it will run
on Mac, Windows and Unix systems, it is definitely for “power users”, as it is complicated
to set up and operate effectively.
Another recent option (Linux, Mac, Windows) is the
(
http://www.webwasher.com/
), which has advanced cookie filtering capabilities,
especially with the Seclude-It and Secretmaker plug-ins available at the same site.
One more (Windows) is CookiePal (
http://www.kburra.com/cpal.html
),
and yet another (Windows) is (
http://www.thelimitsoft.com/cookie.html
).
There are also numerous “cookie eater” applications,
some which run on a schedule or in the background, that delete cookie files for you. As with turning off
cookies entirely, you may have trouble accessing sites that require certain cookies (though
in most cases the worst that will happen is that you’ll have to re-enter a login ID and password
you thought were saved.) “Eating” the cookies periodically still permits sites to track what
you’re doing for a short time (i.e., the time between successive deletion of your cookie file),
but thwarts attempts to discern and record your actions over time.
Yet another option is to use an “infomediary” (some are home-use software products, others may be network-based services),
such as SeigeSoft’s
SiegeSurfer (
http://www.siegesoft.com/_html/tutorial.asp
),
Zero Knowledge Systems’ Freedom
(
http://www.freedom.net
), among others. These products/services act as a proxy or
shield between you and sites you visit, and can completely disguise to Web sites where you are coming from
and who you are (and intercept all cookies). Most are Windows-only at this point, though
Orangatango (
http://www.orangatango.com/
), and SafeWeb
and (
http://www.safeweb.com
) also offer
such services that are Web-based and not platform-dependent.
WARNING: Do not confuse honest infomediaries
with “identity managmenet services” like Microsoft’s Passport service or Novell’s DigitalMe. While you may gain some
temporary convenience at sites that support them, you’ll lose essential privacy, because these services are not
there to serve you but to serve marketing purposes by collecting a vast array of information about you and selling it.
The best solution doesn’t exist yet: Full cookie management abilities built
into the browsers themselves. Only increased user pressure on Microsoft, Netscape
and other browser makers can make this happen. Users should ultimately be able
to reject cookies on a whole-domain basis, reject all third-party cookies by default, reject all cookies that are not essential
for the transaction at hand, receive notice of exactly what a cookie is intended for,
and be able to set default behaviors and permissions rather than have to interact with cookies on a page-by-page
basis. This just isn’t possible yet. You may wish to contact the company that makes your browser software and
demand these essential features in the next version.