Taking the Bad With the Good!
Blue Bar
Spacer - This is NOT a Web Bug!
Spacer - This is NOT a Web Bug!

Cookies have gotten quite a bit of attention in the past, and even made it into the mainstream press several years ago, so they are really "old news" these days. But they do hold the distinction of being a tool that unscrupulous Web designers use to spy on their visitors, so an explanation is in order.

A cookie is really nothing more than a small text file with a bunch of codes in it that the Web site causes to be saved on your PC. The codes are usually benign: after all, the original intent of cookies were to allow the user to make one-time configuration settings that the Web page could access via the cookie to reset those preferences without asking you again. The great majority of cookies are still used solely for that purpose. For instance, this is the text from a cookie I got after a recent visit to Hewlett-Packard's Web site looking for printer drivers:


Not very threatening to look at, is it? Just numbers. But each of those numbers are codes that could easily stand for paragraphs of information. (In this case all it apparently does is steer me back to where I left off, since that was where I ended up when I returned to the site later that day.) Cookies do have legitimate uses. For instance, e-commerce sites often use cookies to remember your name and account number, your preferences, or where you visited last (as HP apparently is doing with their cookie above), or even steer you to a custom Web page configured to your specifications. All of which are very useful, time saving reasons to use a cookie (visit How to Use Cookies for a nice tutorial on cookie building and use).

However, there are people out there using cookies for less savory uses. For example, marketing wonks pay other companies to use their Web sites and collect information from cookies on multiple Web sites, often in conjunction with Web Bugs, to try and gain insight into who you are, where you go on the Web, and what you do while you're there. They then use that information to target you for advertising (spam, mostly!). Even worse, they sell your information to others so they can spam you too, or spy on you for other, even less savory reasons!

But marketers aren't the ones I worry about the most: it's government officials, law enforcement officers, insurance agents, etc. who might be trolling for information on me! Even though most US federal government Web sites are prohibited from gathering data on visitors, a great many of them still use cookies, and the extent to which they use them for data collection is not clear. Nor do we know if the different agencies are aggregating data on us! But considering typical post-9/11 government paranoia, I imagine they are! And most insurance companies would love to peer into your Web surfing habits to see if they provide insight into your state of health (so they can deny you insurance if you aren't healthy!).

So what can you do about cookies? Most Web browsers have an option you can set to disallow the use of cookies, or prompt you each time a Web site tries to write a cookie (although that gets old pretty quick!). But since most cookies are benign — and some are actually quite helpful! — it's probably best to just accept them for what they are. And rather than worrying about cookies, I'd worry more about which sites you visit: most reputable company and e-commerce sites stay far away from any behavior that might brand them as privacy violators, since they really want you to come back!

Spacer - This is NOT a Web Bug!
Spacer - This is NOT a Web Bug! Blue Bar
Spacer - This is NOT a Web Bug!
Privacy Foundation Spacer - This is NOT a Web Bug! Privacy Foundation
Spacer - This is NOT a Web Bug!
Spacer - This is NOT a Web Bug!