Why the Fury Around Cookies?

If you have read the article to this point, you may be wondering why there has been such an uproar in the media about cookies and Internet privacy. You have seen in this article that cookies are benign text files, and you have also seen that they provide lots of useful capabilities on the Web.

There are two things that have caused the strong reaction around cookies:

• The first is something that has plagued consumers for decades. Let's say that you purchase something from a traditional mail order catalog. The catalog company has your name, address and phone number from your order, and it also knows what items you have purchased. It can sell your information to others who might want to sell similar products to you. That is the fuel that makes telemarketing and junk mail possible.

  On a Web site, the site can track not only your purchases, but also the pages that you read, the ads that you click on, etc. If you then purchase something and enter your name and address, the site potentially knows much more about you than a traditional mail order company does. This makes targeting much more precise, and that makes a lot of people uncomfortable.

  Different sites have different policies. HowStuffWorks has a strict privacy policy and does not sell or share any personal information about our readers with any third party except in cases where you specifically tell us to do so (for example, in an opt-in e-mail program). We do aggregate information together and distribute it. For example, if a reporter asks me how many visitors HowStuffWorks has or which page on the site is the most popular, we create those aggregate statistics from data in the database.

• The second is unique to the Internet. There are certain infrastructure providers that can actually create cookies that are visible on multiple sites. DoubleClick is the most famous example of this. Many companies use DoubleClick to serve banner ads on their sites. DoubleClick can place small (1x1 pixels) GIF files on the site that allow DoubleClick to load cookies on your machine. DoubleClick can then track your movements across multiple sites. It can potentially see the search strings that you type into search engines (due more to the way some search engines implement their systems, not because anything sinister is intended). Because it can gather so much information about you from multiple sites, DoubleClick can form very rich profiles. These are still anonymous, but they are rich.

  DoubleClick then went one step further. By acquiring a company, DoubleClick threatened to link these rich anonymous profiles back to name and address information -- it threatened to personalize them, and then sell the data. That began to look very much like spying to most people, and that is what caused the uproar.

  DoubleClick and companies like it are in a unique position to do this sort of thing, because they serve ads on so many sites. Cross-site profiling is not a capability available to individual sites, because cookies are site specific.

For more information on Internet cookies and related topics, check out the links on the next page.