Cookies Are Bad, M’Kay?
For those who do not follow Dutch politics, due to efforts of the Labour Party, we have legislation that prohibits cookies. More precisely, it prohibits reading information from or storing information on someone’s computer without consent. However, in what way do cookies invade privacy?
When one visits the Dutch parliament, you have to get your bags scanned. Afterwards, they will be tagged with a ribbon on which is written that the bag has been checked by security. One could say that the guards stored a cookie on your bag to remind themselves of having checked it. Comparably, when I am asked by the organisation of a congress to wear a name tag, this tag acts like a cookie containing my name for the organisation.
Nevertheless, the “cookies” I have discussed happen with my consent. Imagine that a shopkeeper will slap a tag on my back as soon as I walk into his store to track my visits – think of the children’s joke where they quietly put a note on the other’s back saying “I stink”. Without my consent, he tagged me and started using this for tracking.
The Web Needs Cookies: Why Else Would They Exist?
First of all, a certain amount of cookies is required for proper functionality, because the protocol used for visiting websites is stateless. This means that every time you connect to a website, a new session is started. Thus, if the website has to recognise you, e.g. to keep you logged in, it has to tag you in some way. This is why cookies were originally invented.
When connecting to a website, your browser will send all cookies stored by that website with the request. This way, the website knows all the information it asked your computer to store in a previous session. Commonly, those cookies are used to identify you as logged in or to recover your preferences. Nevertheless, this mechanism can also be used to track you, by giving you an uniquely identifiable number.
It would be wrong not to mention here that the so-called Dutch cookie legislation does not forbid those cookies that are required for the proper functioning of the system. In other words, cookies used to store your settings or to keep you logged in are fully legal under these rules. As would be a cookie that stores your consent with placing non-functional cookies.
Let’s Track!
Although cookies are very useful for making nice web applications, most of the cookies you will find on your computer are used for tracking you. Those cookies are commonly placed on your computer without your consent and are used to uniquely identify you for various purposes.
A large company like Google will be able to track you along most websites that you visit, because most people use Google’s search engine and most websites use their services. For example, Google Adsense and Google Analytics can be found on a very large number of websites, allowing them to track your moves on all those corners of the web.
It should be noted that users can be tracked in much more ways. For example, the technique of browser fingerprinting, where all information of your browser and computer is read, can be used to uniquely identify you. This is due to the fact that most combinations of plug-ins, operating system versions and browser information are unique – or at least very rare. The Panopticlick of the Electric Frontier Foundation shows this quite nicely. As I stated before, the Dutch legislation on cookies does require prior consent for this, too.
Tracking Cookies: Just Another Means Of Profiling
In the end, tracking cookies provide just another means of collecting the data that is required for profiling. The cookies are not really the ones you should be scared of, it is the profiling and information collecting that harms your free identity, as this has direct effect on how you browse the web. After all, a large behavioural advertising company is able to track you quite well, even without using tracking cookies.
One Response to Cookies Are Bad, M’Kay?
Leave a Reply Cancel reply
Tags
Academia Anonymity Banking Security Chip and PIN Cloud Computing Cookies Copyright Cryptography Cybercrime Data Protection DDoS Decentralisation Decryption Duty Deep Packet Inspection Democracy Digital Activism Digital Voting E-mail Election Security EMV Encryption European Regulation on Data Protection Fundamental Rights Game Theory Het Heerengymnasium Identity Protection Internet Nemo Tenetur Netneutrality Passwords Police Privacy Profiling Remote Search Science Service Oriented Computing Signatures Smart Cards Spam Technocracy Tor Transparency Transport Layer Security Trust VotingRecent Comments
- Lydia Duijvestijn on Het Heerengymnasium: eerste deel
- Patrick Schreurs on Wanneer gebeurt er eindelijk iets aan het auteursrecht?
- Open Access: Unlock Science for the 21st Century | Information Security and Digital Liberalism « All around Open Knowledge on Open Access: Unlock Science for the 21st Century
- Open Access: Unlock Science for the 21st Century | Information Security and Digital Liberalism | Open Knowledge | Scoop.it on Open Access: Unlock Science for the 21st Century
- Beverly on Security + Security = Insecurity
Archives
- May 2017 (1)
- April 2017 (2)
- March 2017 (3)
- February 2017 (3)
- January 2017 (4)
- September 2016 (1)
- November 2015 (1)
- July 2014 (1)
- June 2014 (1)
- April 2014 (1)
- January 2014 (1)
- September 2013 (2)
- August 2013 (1)
- July 2013 (2)
- June 2013 (1)
- March 2013 (1)
- February 2013 (4)
- January 2013 (4)
- December 2012 (2)
- November 2012 (7)
- October 2012 (9)
- September 2012 (9)
- August 2012 (10)
- July 2012 (10)
- June 2012 (10)
- May 2012 (2)
- November 2011 (2)
- July 2011 (2)
- June 2011 (1)
- May 2011 (2)
- January 2011 (2)
- November 2010 (1)
- June 2010 (1)
- May 2010 (1)
- March 2010 (1)
Categories
- Collaborative Efforts (25)
- Bas Wallage (15)
- Beer Sijpesteijn (1)
- Hugo Ideler (2)
- Jeroen Slobbe (18)
- Lukas de Sonnaville (1)
- Mark van Beek (1)
- Nick Leoné (1)
- Paul Oudshoorn (1)
- Paul Stapersma (2)
- Robbert van den Berg (1)
- English (64)
- Fiction (14)
- Nederlands (Dutch) (42)
- Publications (30)
- Books (1)
- Computerrecht (1)
- DEMO (6)
- Forum of EthnoGeoPolitics (1)
- I/O Vivat (1)
- ICT Update (1)
- Internetrecht door Arnoud Engelfriet (1)
- Joop.nl (7)
- Liberaal Geluid (1)
- Nederlands Juristenblad (1)
- NRC Handelsblad (3)
- Proceedings of the TSConIT (1)
- The Post Online (1)
- UT Nieuws (3)
- Volkskrant (1)
- Scientific Papers (12)
- Stories (13)
- Het Heerengymnasium (13)
- Topics (54)
- On Academia (1)
- On Computer Science (1)
- On Cybercrime (3)
- On Democracy (6)
- On Information Security (33)
- On Liberalism (3)
- On Privacy (7)
- Views (47)
- Collaborative Efforts (25)
[…] The previously discussed Dutch legislation on cookies resulted in an avalanche of criticism from both computer experts and marketing specialists. However, is it really that bad? It seems that tracking citizens has become customary to the extent that citizens regard having to give their consent as a nuisance, instead of the fact that most websites insist on placing cookies. If there is to be any identity protection when browsing the web, a certain amount of force towards digital advertisers is unavoidable. […]