Are Internet Cookies Good or Bad?

Friday, February 25, 2011

Robert Siciliano


Neither, they are just a mechanism to how the Web works.  The bigger question is, are the uses thereof good or bad.

Microsoft, Google, and Firefox are implementing do-not-track features into their browsers, giving consumers the option to block cookies that may track their surfing for advertising purposes.

Most major websites now install cookies on your computer, which, over time, help develop a profile that serves as your digital fingerprint. This is why, after searching for a specific product, you may notice advertisements for that particular product or brand appearing on various other websites.

But not all cookies track you in order to sell you something. Many are there for security purposes. Merchant Risk Council considers “where the line is drawn between the proper and improper uses of this type of technology (protecting against online fraud vs. targeted online marketing).”

Several companies use cookies as well as other technologies, such as tokens, along with sophisticated and unique pattern matching that can only be derived from extensive and unique experiences with a shared reputation database, to identify and re-identify devices.

I don’t see any physical harm or identity theft ever happening as a result of of this refined marketing or especially device identification, especially when it comes to techniques meant to watch your back and protect you.

With privacy watchdogs addressing this kind of advertising as a major concern, and the Obama administration now stepping in, we will surely see the implementation of some standards in this kind of marketing practice over the next few years.

The MRC wonders, “As this issue gets more play, and consumers become more aware of this technology, will there be any effect on “good customer” behavior by potentially scaring people away from online shopping?”

I doubt it. But right now, government, industry, and consumers need to understand the difference between good cookies and bad cookies, before rash decisions designed to give us slightly more privacy make us more vulnerable to fraud.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses identity theft in front of the National Speakers Association. (Disclosures)

Possibly Related Articles:
Privacy Digital Identity internet Cookies Tracking Merchant Risk Council
Post Rating I Like this!
Brian Ford My question to you Robert is given these cookies are valuable to web commerce and consumers; what's the impact when employees of an organization start accumulating them on business computing assets?
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.