Part 1: Cookies

One website we visited states:

A cookie isn’t just a delicious snack. A cookie is also a small text file stored by websites and other applications on your device. This helps a website or app to remember useful information about you.

Sites and applications can use cookies for a variety of reasons, for example to help remember your preferences on the site, to understand how you and other users are using the site, or for maintaining your logged-in status in a protected area, so you don’t have to keep logging in over and over.

Cookies can be more appropriately called “trackers”, for that is exactly what they are. They are not software, and cannot run programs on your computer on their own. They are snippets of code that receive, store, and send information about you. They use this information to deliver ads, analyze your behavior, connect social media, provide access to subscriber-only sections of a site, and more.

And, while cookies do not generally contain information that could be used to identify you personally, they usually contain “unique identifiers” that act like labels, so when you return to a website, that website knows that your browser is one it has seen before.

There are different types of cookies.

• Advertising cookies: Trackers that let Facebook and Google, for instance offer you ads for drill sets after you search for one. These cookies make possible targeted advertising based on your previous browsing behavior.

• Social media cookies: Trackers that help websites integrate with social media networks to help you connect with friends and share with your favorite content on those websites. Social media icons are a clue that these cookies are present.

• Site analytics cookies: Trackers that help companies track user behavior and metrics “behind the scenes” to improve and optimize sites. This data includes information like pages you visited, links you clicked, and terms you searched for.

Cookies can be helpful. For example, each time you go to your favorite online dating site, having a cookie for that site means you don’t have to provide your user name each time you visit.

However, while a cookie may contain elements that benefit the user, a site’s cookie may also have elements that act exclusively in the interests of the owner of that site. Cookies can also slow down a website, make it more cluttered and, most importantly, make your data less private.

It is healthy to view cookies with the same discernment as their flowery, sugary namesakes. One by itself might not hurt, but it is when cookies work together that there is cause for concern.

Google and Facebook’s tracking capabilities through the Google Analytics and Facebook Pixel services, when working with the cookies of any of the websites that use their services, are harvesting vast amounts of data about you and your behavior. When you consider that 74% of ALL websites contain Google tracking devices and 24% contain Facebook trackers, and that in the top 1000 global sites this is closer to 100% and 90% respectively, you can begin to comprehend the amount of data these companies are accessing and aggregating. Oh, and by the way: if Google & Co have it, other entities like your Government have it, too! A huge amount of data is being captured about you.

It is important at this point to note that it does not matter if you are using Incognito Mode (otherwise known as Private Browsing) because, while the cookies that are installed on your browser are deleted at the end of your private browsing session, they are active for the course of the session; and if you are logged into services like Facebook, Google, or Internet Explorer during the session they can collect and send the information of your session back to Google & Co for the duration of that session. Unless you are using an ad blocker “plug-in” and have tweaked your user settings both at the browser and application layer, your user data (and a good amount of private data) is exposed and harvested when you use these services.

While cookies are the most well-known form of online tracking, there are other ways companies track behavior on websites. These include:

• Flash cookies: Your computer may have Adobe Flash Player installed. Adobe uses what is known as "locally shared objects", which are pieces of information that Adobe Flash can store on your computer. While these have been designed to save data such as volume preferences or session information, locally shared objects are controversial because they cannot be deleted in the same way as other cookies. Less scrupulous companies use locally shared objects to enact "cookie backups" that load a traditional cookie back into your computer if you have deleted it. These are known as “Zombie Cookies”.

• Server logs: when you load a page on a website, you make a request to that website’s server. The server logs the type of request and stores information like your IP address (which lets website owners infer your location), the date and time the browser loaded the page, what page was loaded, and what site or page the browser was on before it came to that page (referrer). Unless you use a virtual private network (VPN) or an anonymous browser like Tor, it is very difficult to prevent the server from capturing this data. Generally, server logs form the basis for web analytics and only the owners of the website see them, but Google & Co can access the web analytics from a website that has installed their Analytics or Pixel software.

• Web beacons: Also known as "tags", "tracking bugs", "pixel trackers" or "pixel gifs", these are tiny objects embedded in a web page, often a transparent image only one pixel square. When a site that contains a web beacon loads, it makes a call to a third-party server for the web beacon to load. The "server call" gives that third party access to information about the user who has loaded the page. This is common in email, especially spam email. Spammers use beacons to identify active email accounts by sending emails that include pixel trackers. When you open the email, the pixel tracker lets the spam sender know your account is active. This is why many email systems asks if you trust the sender before it displays images.

So what can I do?

• Adjust Browser Settings: First (and most importantly!), use your browser preferences to delete all cookies. Then set your browser to limit the installation of new ones. Most major browsers allow you to accept some cookies and block others. To maintain logins and settings for sites you visit on a frequent basis, but limit tracking, start by blocking "third-party" cookies. Some browsers, like Safari, do this automatically; you need to instruct other browsers manually.

Note: if you decide to block all cookies, you will need to log in each time you visit sites that require logging in.

In Internet Explorer you can go to Tools >Internet Options > Privacy to set the rules for blocking cookies based on the policies of the cookie-placer. Options include blocking cookies that don’t include a privacy policy and blocking cookies that can save your contact information without your approval.

• Flash “Zombie” cookies can be controlled: use the Adobe Flash Player Settings Manager by right-clicking on a Flash movie and selecting Global Settings from the pop-up menu or by visiting the Adobe Flash Player Settings Manager web page.

• It is good to get into the habit of regularly deleting your cookies.