News

Nothing But Net

Mark McFadden<br>Microsoft Milks New Cookie Strategy

• By Scott Bekker
• July 28, 2000

The strategy involves improving on the primitive methods of managing cookies currently built into browsers. Today a user can turn off cookies entirely or have the browser prompt you when a cookie is about to be placed on your hard disk. Most users, however, simply allow any site to store cookies on their disk at the site’s whim because many of the best Web sites on the Internet won’t work without cookies.

What if, Microsoft ask, we give the user more sophisticated control over the cookies and the sites that use them? Good start, I say, but it’s not enough.

First of all, let me be clear: I am not among the chosen 2,000 Windows users and Internet Explorer 5.5 testers that are getting a first shot at the technology. What Microsoft intends to do is get some feedback from a small group of savvy Internet users, incorporate their ideas, and then release a beta version of the cookie control to the rest of us.

In a press release, Microsoft suggested that the new features will offer more selective prompts, or alerts, when cookies arrive, as well as a straightforward way to manage and delete cookies. The features also seek to give users a better understanding of the different types of cookies and how they are used.

I applaud Microsoft for trying, but many demographic and advertising managers are tracking us with a new technology that doesn’t use cookies. The new tactic is to introduce tiny, invisible, 1-pixel files on Web pages that tell an advertising company what page you are visiting. Often called by the name Web bugs, these tiny graphics files have no function other than to let an advertiser know where you are traveling on the Web. Unlike cookie technology, the Web bug is insidious because a browser can’t selectively eliminate it from the page. Since it acts like Web content -- and because it is so small -- the browser simply ignores it as it renders the page.

As a result, Web bugs can track your travels in sites where banner ads aren’t used and on sites where most visitors don’t expect to be watched.

Ad networks and agencies say they keep the information private. We know better. As an example, in an attempt to forestall bankruptcy, the online toy company ToySmart attempted to sell its demographic information -- collected by tracking Web users -- to raise money.

That means that if you visit a site on breast cancer -- before the page even loads on your screen -- somewhere the world the fact that you visited is now registered. Microsoft’s approach is useful, but the tiny graphics files will not be affected by the change to Internet Explorer. We’ll need something a bit more sophisticated than cookie management if we are to retain a shred of privacy on the Internet. --Mark McFadden is a consultant and is communications director for the Commercial Internet eXchange (Washington). Contact him at [email protected].