Recently, Facebook has been under fire because of a “bug” in their system. According to PCWorld the bug violated Facebook users’ privacy, and Congress even asked the Federal Trade Commission to step in and investigate. And as USA Today pointed out, this is a repeating pattern. Researcher Arnold Roosendaal said, “They have been confronted with the same issue now several times and every time they call it a bug. That’s not really contributing to earning trust.”
What was the cause of this issue? Cookies. (What’s a cookie? Read on, you’ll find out.)
Facebook is not unique in drawing negative attention for user privacy violations due to tracking cookies. The Register reports that a “host of companies – including Facebook , Microsoft, McDonald’s, the CBS Network, and a Walt Disney subsidiary – have faced legal actions for using cookies and other techniques to track the browsing histories of web visitors, even when they took pains to keep that information private.” In fact, as a follow-up to the legal actions facing these companies, on November 8, 2011, advertising company ScanScout was required to change its policy to opt out of targeted Internet ads.
What is a Cookie?
If you’ve spent time on the Internet in the last decade, you probably have a basic awareness of what a cookie is and does. The simple explanation is that cookies are little pieces of tracking code that attach themselves to your computer so a given website knows your preferences and creates a better experience for you. Is your Gmail account set to log in automatically? That’s a cookie. Ever notice how Amazon recommends items based on your previous purchases as soon as you hit their site? That’s because they’ve preserved your identity with a cookie.
At that level, these first-person tracker files are fairly benign, and in fact many people value this service. After all, it’s all about making a better experience for you online.
It’s the third-party files that start causing problems.
The Wall Street Journal identifies three types of third-party tracker files:
- Cookies are the most common type. They assign your computer a unique number, which advertisers then use to track your online browsing and purchasing habits to target advertising to you.
- Beacons are more powerful cookies and may actually log your keystrokes.
- Flash Cookies store your preferences on Flash players (like video volume), but are occasionally used to reinstall cookies you previously deleted.
Let’s extend the cookie metaphor for a moment. First-party tracker files are a lot like Girl Scout Cookies. They support a good cause (your user experience), and you kind of miss them when they’re not available. On the other hand, you also have the Cookie Crisp burglar. Remember him from children’s television in the 80s and early 90s? In the Cookie Crisp cereal ads, the burglar would attempt to steal peoples’ breakfast, only to be foiled at the last moment by Officer Crumb. In many cases, website cookies come with your own Cookie Crisp burglar ride-along. Only instead of stealing your breakfast, he is trying to steal personal data for sales purposes.
How does this play out? At Covenant Eyes we use Constant Contact to send out Pure Minds Online. Because I spend quite a bit of time on their site, they or a third-party advertising company have downloaded a cookie to my computer, recording this high usage pattern. As a result, I frequently see ads for Constant Contact on unrelated sites such as YouTube.
As an adult, this does not personally bother me. In many cases, I can link the ad to my own browsing habits and don’t care if a site tries to sell me on a product I already use. However, this should be much more frightening for parents, as children often lack discernment about advertisements. This also highlights the continued push for complete openness and zero privacy on the Internet. And it makes the FTC’s investigations against sites like Facebook and Disney and advertising agents like ScanSoft critically important. When an advertiser can look at your browsing habits across the entire Internet, the advertiser wins and (they hope) your wallet loses.
What You Should Do
Now that you have a better idea of what tracker files are and both their benefits and hazards, here are some tips to protect yourself and your family from the risks.
1. Talk to your kids about advertising.
Marketers turn a hefty profit by targeting kids and teens, and are eager to turn them into lifelong loyal consumers. Tracking cookies based on your childrens’ Internet use help facilitate brand loyalty through targeted ads. Unfortunately, there are health and maturity risks associated with targeted advertising. Take the time to educate yourself and your family about these dangers. The Pure Minds Online article “Sold for Life” is a good place to start.
2. Avoid certain sites.
Some sites track more information about visitors than others. Consider limiting use of these sites, or avoiding them altogether. The Wall Street Journal provides a list of popular sites for kids and teens ranked on their level of user exposure to tracking software. If you use the Covenant Eyes Filter, consider adding some or all of these to your custom Block list.
3. Clear all browser cookies, then opt out of ad networks.
You may want to take this opportunity to give yourself a clean slate browser-wise. You should be able to find the option to clear your Internet cookies under “Preferences” in your browser menu. Please note that doing so will log you out of sites like Google, Facebook, or Amazon. Since cookies are stored by the browser, if you use more than one browser you will need to clear cookies in each browser individually (such as Internet Explorer, Chrome, Firefox, Safari, etc.).
Once you have tossed your cookies, consider opting out of certain advertising networks. Since ScanSoft was recently under fire from the FTC, it would be a good place to start. You can opt out of their ads here. Google is also a primary provider of ads; you can learn more about their ad network and opt out here.
It’s important to remember that by opting out of these ad networks, you are actually adding a new cookie, albeit one that tells the advertisers not to track your browsing. You will have to opt out again any time you clear your browsing cookies.