Chip's Technical Blog

Tech commentary of thoughts, challenges, how-to's, and the mundane.

Server Cookies, and I don’t think they quite understand advertising…

I should start by explaining I regularly run my web browser with cookies disabled. The reason is that I decided websites are tracking you too closely, and especially websites which you didn’t even know you were visiting. For example, open up your cookie list. (In firefox, this is: Tools->Options (under Windows, Edit->Preferences under Linux), then Privacy->”Show Cookies”. The questions to ask yourself are:

  1. How many of the sites listed do I even recognize?
  2. Of the sites I do recognize, what do I want that site to remember about me the next time I visit?

Cookies, you see, are files that a server gives to a web browser, and asks it to present them whenever they visit a set of pages on a set of sites. Cookies have a number of legitimate uses, most notably to give the browser a “session” id. The “session” id is used so the browser user can, e.g., log in, and have the server remember keep track of information related to the login. (The other option, not using cookies, is to make the sessionid part of the URLs, which is both ugly, and more likely to be logged by third parties such as proxies and caches run by ISPs)

Then there are some arguably useful features of cookies. For example, many online retailers will set a cookie identifying you at your browser, and recognize you immediately when you visit again (not for purchasing, but for welcoming, tracking the products you look at, so to remind you of past products you’ve visited and to suggest new products based on your viewing history. I personally find that a little creepy, though I admit in some cases it can be valuable. A few years ago, there were even reports of sites using cookies to do Dynamic Pricing (story by CNN), a practice where sites change the prices based on information they keep about the customer. There were reports of users visiting Amazon from a new computer, finding an item they like, then logging in, and seeing it for a new price. In my opinion, these types of things outweigh the possible positive benefits from having a site remember me just for cause.

Next there are in my book some outright despicable practices. Advertisements placed on sites will add cookies which get reported back to these tracking sites anytime you visit any site with an advertisement from the same company. As a result, there are sites which simply compile vast amounts of information about where you go and what you do online, to use in any way they seem fit. These are commonly called “Tracking Cookies” by products such as Ad-aware and Spybot, which will remove the ones they recognize for you.

I have simply taken the approach (mostly as an experiment) that sites shall not store cookies without my express consent. To that end, I have installed CookieSafe, which makes it easier to manage cookie settings. I either give or reject cookies from specific sites. This occurs as a site preference, meaning if a site uses both kinds of cookies, and I want to use the site, I accept them both. Importantly, the third-party cookies are still rejected — I have to authorize them separately.

So my browsing works like this: I browse normally, then if a site isn’t working (and particularly if submitting a login doesn’t work), I realize it needed cookies to work. I then decide if I really want to use the site, and if I do, I enable cookies for that site only.

Now, when I view my list of cookies, I can identify most of the sites. (Some I must have authorized, but don’t quite recognize by site name, like the third party my bank uses to process online billpay.). I find this to be much more acceptable, and my browsing hasn’t been worse for the wear.

A few days ago, however, I saw something that really brought a smile to my face. On a site I visited while trying to figure out what it meant to buy fertile eggs, I saw this image, where an ad belongs: “No Cookie” Advertisement

I just had to laugh. If a site wants to not send me ads because I reject cookies — then great! I didn’t want them anyway. But somehow I think they’ve missed the point of advertising. If I were they, I would send SOMETHING back. But all the same – I hope other sites take this approach. It could be the end to all the annoying flash ads I get, if instead I got these images everywhere!

Leave a Reply

Chip's Technical Blog is proudly powered by WordPress
Entries (RSS) and Comments (RSS).