Jana Joha discusses the overwhelming presence of internet cookies in your browsing life and the effect that they have on our privacy and right to information.
Internet cookies have become an essential and inescapable part of how we browse and search on the internet today. Every time we visit a website we are prompted with a notification asking for our consent to accept cookies. Internet cookies can be useful by helping web developers give users a more personal and convenient experience on their websites. The most common function of cookies is that they let websites remember users’ login details and the items placed in their shopping carts. All this information allows for an enjoyable experience when web browsing but are there hidden dangers?
The modern-day cookie was invented back in 1994 by 24-year-old web browser programmer Lou Montulli. At the time, Montulli was working for Netscape Communications which was having trouble storing shopping cart data while consumers were browsing their website. Their servers couldn’t cope with the overwhelming amount of data and therefore, Montulli was tasked with finding a way to store that data on users’ computers instead of on the company’s servers. Montulli was successful and used an old tool called ‘Magic Cookie’ as inspiration for developing the HTTP cookie. Magic Cookie is an old computing term referring to the data that is shared when a user logs into a system. This small piece of data is shared between the user’s computer and the server. Montulli took this idea and repurposed it for internet browsing. The company was then able to save space on their servers and in turn save money. Cookies today are still used to identify computers but now they have the added function of tracking user activity. This can be very helpful - or it can be a breach of privacy depending on how the website decides to use the information.
There are different types of HTTP cookies which have specific features. Session cookies and persistent cookies have different expiry dates. Session cookies only save data in a computer’s temporary memory while the user is browsing a website. These cookies are sometimes called transient or non-persistent cookies and are automatically deleted when the user ends a session. However, persistent cookies do not delete after a session ends. Instead, they remain on the computer and expire at a specific date or after a certain period which is determined by the website. During its lifespan, it will send data to the server every time a user visits the website it belongs to, or every time a user views a resource which belongs to that website, such as an advertisement. Therefore, these cookies are called tracking cookies and are used by advertisers or website owners to track and record user activity and browsing habits over longer periods of time. This tracking helps websites to suggest items or ads that might interest users based on their browsing history. Gradually, a profile of the user is created.
Another important type of cookie is the third-party cookie. Unlike a first-party cookie that is directly created by the website that the user is viewing, third-party cookies are generated by other websites which are completely different from the web page that the user is currently browsing. These cookies typically appear on web pages that have content, such as banner advertisements, or ones that are linked to other websites. For example, you might be browsing a website that has a button to like or share on Facebook embedded into it. Having this feature means that the website is able to communicate with Facebook, allowing Facebook to send their own cookies through this website, which get stored on your computer to track your activity. Facebook tracks your activity on a completely unrelated site in order to serve up targeted ads on your Facebook newsfeed later. Visiting a website that has, for example, 10 ads may generate 10 different cookies, even if the user never clicked on those ads.
A more concerning type of third-party cookie is a zombie cookie. These cookies are generated by other websites and are permanently installed onto users’ computers, even when they opt not to install. They are incredibly difficult to remove and can even reappear after being deleted, hence the name ‘zombie’ cookie. Web analytics companies use these cookies to track internet usage and user browsing histories. In addition, they allow web traffic tracking companies to retrieve unique user IDs and track their personal browsing habits.
On October 25th 2020, President Michael D Higgins signed into law the controversial Mother and Baby Homes record legislation that protected access to the records and only allowed those with personal connections to access their information. Recent events and the use of internet cookies raise the question of whether or not we have real control over our personal data. How can we ever be sure what our cookie data is used for and can the GDPR truly protect our privacy and rights?