Ive taken lots of heat for my comments on a Fox News report that the Office of Management and Budget is considering reversing a nine year ban on
using “cookies” to track users’ preferences and interests on federal websites. The shift in policy is being billed as a way for government to enter the 21st century and for federal agencies to use the same technology utilized on news sites, retail sites and
social media networks.
My comments under fire involve some “scaremongering” and potential inaccuracies in relation to cookies and what they do.
“Without explaining this reversal of policy, the OMB is seeking to allow the mass collection of personal information of every user of a federal government website,” said Michael Macleod-Ball, acting director of the American Civil Liberties Union’s Washington
Legislative office. “Until OMB answers the multitude of questions surrounding this policy shift, we will continue to raise our strenuous objections.”
A cookie is a small piece of text or code that is stored on your computer in order to track data. Cookies contains bits of information such as user preferences, shopping cart contents and sometimes user names and passwords. Cookies allow your web browser
to communicate with a website. Cookies are not the same as spyware or viruses, although they are related. Many anti-spyware products will detect cookies from certain sites, but while cookies have the potential to be malicious, most are not.
A colleague sent me a note after reviewing my comments regarding cookies and stated: ”Cookies have been around since the mid-to-late ’90’s, and most people still don’t understand what they are or what they do. If you go to http://osvdb.org and
do a search for “cookies”, you’ll see there have traditionally been tons of vulnerabilities surrounding them. From a privacy standpoint, they’re also a potential issue depending on how they’re used, but that really depends on a site’s environment. Saying that
“cookies store passwords” isn’t really true in most cases based on evidence I’ve seen over the last several years. They might store session IDs or be manipulated to allow admin access to a site, sure… but that’s not true across the board for every (or even
However Informationweek reports Internet users are revealing information that identifies them through the use of social networking
What was said in the video in relation to what cookies do was more of an analogy than stating fact. I was trying to simply give a bit of perspective and explain what the privacy concerns may be. Its a complicated issue that has the ACLU and others up in
The government tracks criminals using specially developed spyware that gathers a wide range of information, including IP and MAC addresses,
operating systems, Internet browsers, open ports, running programs, user names, and recently visited URLs. This scares privacy advocates, for good reason.
But cookies are generally not invasive. They are typically used to produce usage statistics within a single site, or to produce anonymous user profiles across multiple sites, in order to determine which advertisements would be most relevant. Many websites
become unusable if your browser does not accept cookies. Social networking sites are particularly dependent on cookies.
Federal government agencies have banned cookies in their own sites since 2000 in response to demands from privacy advocates. Some claim that the proposal to reverse the ban comes in response to Google’s recent lobbying efforts. Whitehouse.gov posts YouTube
videos that contain Google’s third party cookies. The entire issue requires a bit more transparency for all those involved.
Advertisers have long known that cookies are useful for customizing the user experience. The government seems interested in taking advantage of this benefit as well. If that is the real motivation, it’s great. But privacy advocates aren’t happy, since the
government tends to take a mile when given an inch.
There are a few fundamental ways to keep yourself secure. Browsers all give you the option of simply turning cookies off. Make sure that your Internet security software is updated, and install spyware removal software if it isn’t included in your basic
security suite. Lock down your wireless connection. Use strong passwords that include upper and lowercase letters as well as numbers, and never share them. Get a credit freeze.
Go to ConsumersUnion.org and follow the steps for your particular state. In most cases, this prevents new accounts from being opened in your name. Download CCleaner, a free system optimization, privacy and cleaning tool
that removes unused files including cookies from your system, which frees up disk space and allows Windows to run faster. It also cleans traces of your online activities. And invest in identity theft protection. Not all forms of identity theft can be prevented,
but identity theft protection services can dramatically reduce your risk.