Cookies are small files in your computer that tell the web browser that you are, say, user number #745673 on this website and that you like this and that. These cookies were conceived so that every time we visit the same site, we don\u2019t have to specify preferences such as language and location, lose items in the shopping cart or fill out forms from scratch. In the early stages of this technology, we had full control over what data the cookies could collect1,2<\/sup>.<\/p>\n Afterwards, companies realised they could use cookie data to understand what we like to click on or buy. Thus, ads could be served that did not depend on the content of the current page, but our own personal tastes (behavioural targeting)1<\/sup>. Later, companies began to set their cookies on other company websites to track every user even more closely. These third-part cookies paid the host for this privilege. This is when ads started following us across websites.<\/p>\n Moreover, by using things such as email IDs or credit card numbers, these companies could link the different identification numbers to a single user to have better information on their behaviour. This is called cookie synching<\/em>. The user of course has no way of knowing what data is being put together to build their behavioural profile.<\/p>\n To add to this, machine learning algorithms started to be put to use to crunch user data and assign them labels like man, woman, black, European or even \u201cprone to depression\u201d1<\/sup>. These labels have nothing to do with our identities, but with what kind of prior user behaviour most resembles that of our own. These labels are sold to companies that sell products, houses and job opportunities. Thus, users with some labels are shown one ad and someone with a different online behaviour a completely different ad in the same web page. This in turn can determine what type of jobs we apply for and in which neighbourhood we buy a house and thus, which schools our children attend3<\/sup>.<\/p>\n Nowadays, cookie technology is embedded into most internet browsers. A 2016 study found that most third parties do cookie syncing. \u201c45 of the top 50, 85 of the top 100, 157 of the top 200, and 460 of the top 1,000\u201d third parties synch cookies from different sources to put together information on users4<\/sup>. It has been shown that Google, for example, can track a user across 80% of websites5<\/sup> raising threats to privacy and autonomy, and bolstering surveillance and monitoring6<\/sup>.<\/p>\n When these results were published, they raised public outrage. Many cookie-blocking browser plugins became popular, such as DoNotTrackMe. Internet browsers started having controls to block or delete cookies2<\/sup>. Companies such as Apple and Google even stopped or pledged to ban third-party cookies1<\/sup>. Online targeting moved from cookies to more persistent tracking techniques.<\/p>\n For example, cookie-like files could be stored with Adobe\u2019s Flash player; these remain after other cookies have been deleted. These can in turn be blocked by installing apps such as FlashBlock2<\/sup>. Tracking technology is equipped with more persistent tools, such as various types of fingerprinting which are not detected by most blocking\u00a0tools4<\/sup>.<\/p>\n\n\n[caption id=\"attachment_226\" align=\"alignleft\" width=\"300\"] The\u00a0idea is that our devices and services, such as computers, phones and device speakers, process data and give output slightly differently from other users\u2019 devices. They can serve as our unique fingerprints, especially when the different techniques are put together to create our online identity4<\/sup>. The IP address of our devices, ethernet or Wifi addresses (WebRTC-based finger-printing), how our hardware and software play audio files (AudioContext fingerprinting) and even information on the battery, can all be used as our long- and short-term identifiers that keep online tracking alive7,<\/sup>4<\/sup>.<\/p>\n \n\n 1<\/sup> Kant, T., Identity, Advertising, and Algorithmic Targeting: Or How (Not) to Target Your \u201cIdeal User\u201d,<\/em> MIT Case Studies in Social and Ethical Responsibilities of Computing, 2021.<\/p>\n 2<\/sup> Schneier, B., Data and Goliath : the Hidden Battles to Collect Your Data and Control Your World, W.W. Norton & Company, <\/em>New York, 2015.<\/p>\n 3 <\/sup>Barocas, S.,\u00a0 Hardt, M., Narayanan, A.,\u00a0Fairness and machine learning Limitations and Opportunities<\/a>, <\/em>2022.<\/p>\n 4 <\/sup>Englehardt, S., Narayanan, A.,\u00a0Online Tracking: A 1-million-site Measurement and Analysis<\/a><\/em>, Extended version of paper, ACM CCS, 2016.<\/p>\n 5\u00a0<\/sup>Libert, T., Exposing the Invisible Web: An Analysis of Third-Party HTTP Requests on 1 Million Websites<\/em><\/a>, International Journal of Communication, v. 9, p. 18, Oct. 2015.<\/p>\n 6 <\/sup>Tavani, H., Zimmer, M., Search Engines and Ethics<\/a><\/em>, The Stanford Encyclopedia of Philosophy, Fall 2020 Edition, Edward N. Zalta (ed.).<\/p>\n 7\u00a0<\/sup>Olejnik, L., Acar, G., Castelluccia, C., Diaz, C., The leaking battery<\/em>, Cryptology ePrint Archive, Report 2015\/616, 2015.<\/p>\n ","rendered":" Cookies are small files in your computer that tell the web browser that you are, say, user number #745673 on this website and that you like this and that. These cookies were conceived so that every time we visit the same site, we don\u2019t have to specify preferences such as language and location, lose items in the shopping cart or fill out forms from scratch. In the early stages of this technology, we had full control over what data the cookies could collect1,2<\/sup>.<\/p>\n Afterwards, companies realised they could use cookie data to understand what we like to click on or buy. Thus, ads could be served that did not depend on the content of the current page, but our own personal tastes (behavioural targeting)1<\/sup>. Later, companies began to set their cookies on other company websites to track every user even more closely. These third-part cookies paid the host for this privilege. This is when ads started following us across websites.<\/p>\n Moreover, by using things such as email IDs or credit card numbers, these companies could link the different identification numbers to a single user to have better information on their behaviour. This is called cookie synching<\/em>. The user of course has no way of knowing what data is being put together to build their behavioural profile.<\/p>\n To add to this, machine learning algorithms started to be put to use to crunch user data and assign them labels like man, woman, black, European or even \u201cprone to depression\u201d1<\/sup>. These labels have nothing to do with our identities, but with what kind of prior user behaviour most resembles that of our own. These labels are sold to companies that sell products, houses and job opportunities. Thus, users with some labels are shown one ad and someone with a different online behaviour a completely different ad in the same web page. This in turn can determine what type of jobs we apply for and in which neighbourhood we buy a house and thus, which schools our children attend3<\/sup>.<\/p>\n Nowadays, cookie technology is embedded into most internet browsers. A 2016 study found that most third parties do cookie syncing. \u201c45 of the top 50, 85 of the top 100, 157 of the top 200, and 460 of the top 1,000\u201d third parties synch cookies from different sources to put together information on users4<\/sup>. It has been shown that Google, for example, can track a user across 80% of websites5<\/sup> raising threats to privacy and autonomy, and bolstering surveillance and monitoring6<\/sup>.<\/p>\n When these results were published, they raised public outrage. Many cookie-blocking browser plugins became popular, such as DoNotTrackMe. Internet browsers started having controls to block or delete cookies2<\/sup>. Companies such as Apple and Google even stopped or pledged to ban third-party cookies1<\/sup>. Online targeting moved from cookies to more persistent tracking techniques.<\/p>\n For example, cookie-like files could be stored with Adobe\u2019s Flash player; these remain after other cookies have been deleted. These can in turn be blocked by installing apps such as FlashBlock2<\/sup>. Tracking technology is equipped with more persistent tools, such as various types of fingerprinting which are not detected by most blocking\u00a0tools4<\/sup>.<\/p>\n The\u00a0idea is that our devices and services, such as computers, phones and device speakers, process data and give output slightly differently from other users\u2019 devices. They can serve as our unique fingerprints, especially when the different techniques are put together to create our online identity4<\/sup>. The IP address of our devices, ethernet or Wifi addresses (WebRTC-based finger-printing), how our hardware and software play audio files (AudioContext fingerprinting) and even information on the battery, can all be used as our long- and short-term identifiers that keep online tracking alive7,<\/sup>4<\/sup>.<\/p>\n <\/p>\n 1<\/sup> Kant, T., Identity, Advertising, and Algorithmic Targeting: Or How (Not) to Target Your \u201cIdeal User\u201d,<\/em> MIT Case Studies in Social and Ethical Responsibilities of Computing, 2021.<\/p>\n 2<\/sup> Schneier, B., Data and Goliath : the Hidden Battles to Collect Your Data and Control Your World, W.W. Norton & Company, <\/em>New York, 2015.<\/p>\n 3 <\/sup>Barocas, S.,\u00a0 Hardt, M., Narayanan, A.,\u00a0Fairness and machine learning Limitations and Opportunities<\/a>, <\/em>2022.<\/p>\n 4 <\/sup>Englehardt, S., Narayanan, A.,\u00a0Online Tracking: A 1-million-site Measurement and Analysis<\/a><\/em>, Extended version of paper, ACM CCS, 2016.<\/p>\n 5\u00a0<\/sup>Libert, T., Exposing the Invisible Web: An Analysis of Third-Party HTTP Requests on 1 Million Websites<\/em><\/a>, International Journal of Communication, v. 9, p. 18, Oct. 2015.<\/p>\n![\"\"](\"http:\/\/aiopentext.itd.cnr.it\/wp-content\/uploads\/sites\/10\/2024\/01\/chadd-fingerprint.jpg\")
\"Fingerprint scan\" by Daniel Aleksandersen is licenced under CC0 1.0 . To view a copy of this licence, visit https:\/\/creativecommons.org\/publicdomain\/zero\/1.0\/deed.en<\/a>[\/caption]\n
\n![\"\"](\"http:\/\/aiopentext.itd.cnr.it\/wp-content\/uploads\/sites\/10\/2023\/10\/chaddhttpcookie-300x151.png\")
\n