Cookies

When a customer visits an online retailer such as Amazon.com, they may be welcomed by name, and they may be presented with a list of books, movies, and other items that might interest them. How does Amazon.com's Web server know what they like?

With the help of a Web browser, many websites deposit a file called a cookie on your computer when you visit their site. At its simplest, a cookie may just contain a unique name by which a company can identify who you are. If you revisit their website, they can retrieve their cookie and use the unique name to access your record in their membership database. More precisely, each time you click on a link at a company's website, a cookie allows the software at that site to record the following about you in the company's membership database:

What They Can Track  

What It Can Tell Them
The ID number they assigned you   What they already know about you (from their database)
The date   How long it has been since you last visited their site (a possible measure of how actively interested you are in their site and what they sell)
What page you're visiting   The topics/items that interest you at their site
The timing of your mouse-clicks on links   How long you spend on a page (a possible measure of how interested you are in what's on it )
What you buy   Things in which you are sufficiently interested to spend money

A cookie thus provides the means by which an e-commerce business can tell who is interested in what at their site. An e-business can use such information to determine which products are generating interest and which products are not. In addition, by storing this information in their database, a business can:

  • welcome you back to their site;
  • look up in their database the things in which you have previously shown an interest, and refer to you the kinds of things they think might interest you;
  • based on the information they collect during your visit, refine their demographic profile of you and then sell this profile to other e-tailers.

On the good side, cookies can be convenient for people who frequently visit a website. The site may remember the user's login and/or preferences, thereby customizing the site for the user.

On the bad side, cookies allow a website to collect information about you that you might rather they didn't have. Moreover, they can sell this information about you to anyone they wish, without your consent.

This issue of convenience vs. privacy is the essence of the controversy over cookies. Most Web browser software allows the turning off of cookies. However, this will render some sites inaccessible: some sites insist that you allow cookies in order to user their website.

To begin addressing privacy issues, the World Wide Web Consortium (W3C) has recently defined its Protocol for Privacy Protection (P3P), which would allow users to specify some privacy-related parameters via their browser settings. Upon visiting a P3P-compliant website, a P3P-compliant browser matches the user's preferences against the privacy policies of that site and informs the user of any discrepancies. Unfortunately, P3P does not allow a user to hide their identity. It thus lets websites continue to collect information about their visitors.
Previous Page Next Page

 

 

 


This chapter was written by Jeff Nyhoff and Joel Adams. Copy editing by Nancy Zylstra
©2005 Calvin University (formerly Calvin College), All Rights Reserved

If you encounter technical errors, contact computing@calvin.edu.