Cookies are simply tiny text files that a Web server sends to the browser and retrieves each time the user accesses the Web site. The purpose is to maintain a sort of profile of the user containing such things as preferences as to how the user wants to view or use the site, shopping cart selections from previous sessions, and so on. In short, cookies enable a Web site to provide a more customized or personalized form of service and minimize the amount of repetitive data entry on the part of the user. (This type of cookie is called persis-tent, since it survives across sessions. There can also be tem-porary cookies that apply only to the current session.)
However, cookies also have benefits for the Web site owner. They can be used to track which pages or items the user has looked at in the past. This information can then be used (see data mining) to create generic user profiles that can help with marketing or targeting advertising. In the case of some companies (notably Amazon.com) much more elaborate profiles associated with the cookie’s identity can be used to create personalized recommendations, in effect continually directing targeted advertising at the user.
Security and Privacy Concerns
There are many popular misconceptions about cookies. Cookies contain only data, not executable code. This means they cannot function as worms or viruses or otherwise interact with the user’s system. However, while cookies do not in themselves represent a security threat, they do have privacy implications. Although most profiles created using cookies are anonymous (containing no personal identifying data), an unscrupulous site could attach such data (such as addresses or credit card numbers entered by the user) to a profile and sell it for purposes ranging from spamming to identity theft.
Another risk comes from “third party” cookies such as are often included in advertisements (see online advertis-ing). Potentially, these could be used to create a much more comprehensive profile of a user based on his or her actions on multiple Web sites.
Users do have some control over how cookies are stored. Most browsers allow the user to reject all cookies, accept or reject cookies from certain sites, or store cookies only tem-porarily. However, sites may in turn refuse services to users who do not accept cookies, and at any rate the user would see only a generic rather than a personalized view.
There has been a certain amount of government regula-tion of Web cookies. The U.S. government has strict rules for the use of cookies on federal Web sites. The European Union also has recommended (but not fully implemented) regulations that require that users be told how the stored data will be used and be given the opportunity to opt out.
No comments:
Post a Comment