Home > internet startup, news > Cookies


July 4, 2011

About three months ago I started working at an internet company which hosts advertising platforms. It’s a great place to work, with a bunch of fantastically optimistic, smart people who care about their quality of life. I’m on the tech team along with the team of developers which is led by this super smart, cool guy who looks like Keanu Reeves from the Matrix.

I’ve learned a few things about how the internet works and how information is collected about people who are surfing the web, and the bottom line is I clear my cookies now after every session of browsing. Now that I know the ways information travels the risks of retaining cookies seem to outweigh the benefits. First I’ll explain how the system works and then I’ll try to make a case for why it’s creepy, and finally, why you may not care at all.

Basically you should think of yourself, when you surf the web, as analogous to someone on the subway coming home from Macy’s with those enormous red and white shopping bags. You are a walking advertisement for your past, your consumer tastes, and your style, not to mention your willingness to purchase. Moreover, beyond that, you are also carrying around information about your political beliefs, religious beliefs, and temperament. The longer you browse between cookie cleanings, the more precise a picture you’ve painted of yourself for the sites you visit and for third parties (explained below) who get their hands on your information.

Just to give you a flavor of what I’m talking about, you probably are already aware that when you go to a site like, say, Amazon, the site assigns you a cookie to recognize you as a guest; when you return a week later it knows you and says, “Hi, Catherine!”. That’s on the low end of creepy since you have an account with Amazon and it’s convenient for the site to not ask you who you are every time you visit.

However, you may not be aware that Amazon can also see and parce the cookies that other sites, like Google (correction: a reader has pointed out to me that Google doesn’t let this happen, sorry.  I was getting confused between the cookie and the “referring url”, which tells a site where the user has come from when they first get to the site.  That does contain Google search terms), places on your web signature. In other words Amazon, or any other site that knows how to look, can figure out what other sites’ label of you says. Some cookies are encrypted but not all of them, and I think the general rule is to not encrypt- after all, the people who have the tools to read the cookies all benefit from that information being easy to read. From the perspective of Google, moreover, this information is helping improve your user experience. It should be added that Google and many other companies give you the option of opting out of receiving cookies, but to do so you have to figure out it’s happening and then how to opt out (which isn’t hard).

One last layer of cookie collection is this: there are other companies which lurk on websites (like Amazon, although I’m not an expert on exactly when and where this happens) which can also see your cookies and tag you with additional cookies, or even change your existing cookies (this is considered rude but not prevented). This is where, for me, the creep factor gets going. Those third parties certainly have less riding on their brand, since of course you don’t even see them, so they have less motivation to act honorably with the information they collect about you. For the most part, though, they are just looking to see what kind of advertisement you may be weak for and, once they figure it out, they show you exactly that model of showerhead that you searched for three weeks ago but decided was too expensive to buy. If you want to stop seeing that freaking showerhead popping up everywhere, clear thy cookies.

Here’s why I don’t like this; it’s not about the ubiquitous showerhead, which is just annoying. Think about rich people and how they experience their lives. I touched on this in a previous post about working at D.E. Shaw, but to summarize, rich people think they are always right, and that’s a pretty universal rule, which is to say anyone who becomes rich will probably succumb to that pretty quickly. Why, though? My guess is that everyone around them is aware of their money and is always trying to make them happy in the hope that they at some point could have some of that money. So they effectively live in a cocoon of rightness, which after a while seems perfectly logical and normal.

How that concept manifests itself in this conversation about cookies is that, in a small but meaningful way, that’s exactly what happens to the user when he or she is browsing the web with lots of cookies. Every time Joe encounters a site, the site and all third-party advertisers have the ability to see that Joe is a Republican gun-owner, and the ads shown to Joe will be absolutely in line with that part of the world. Similarly the cookies could expose Dan as a liberal vegetarian and he sees ads that never shake his foundations. It’s like we are funneled into a smaller and smaller world and we see less and less that could challenge our assumptions. This is an isolating thought, and it’s really happening.

At the same time, people sometimes want to be coddled, and I’m one of those people. Sometimes I enjoy it when my favorite yarn store advertises absolutely gorgeous silk-cashmere blends at me, or shows me to a rant against greedy bankers, and no I’d rather not replace them with Viagra ads. So it’s also a question of how much does this matter. For me it matters, but I also like New York City because it is dirty and gritty and all these people from all over the world live there and sweat on each other on the subway and it makes me feel like part of a larger community- I like to mix it up and have it mixed up.

I’d also like to mention another kind of reason you may want to clear your cookies: you get better deals. A general rule of internet advertising is that you don’t need to show good deals to loyalists. So if you don’t have cookies proving you have an account on Netflix, you may get an advertisement offering you three free months of membership. Or if you want to get more free articles on the New York Times website, clear your cookies and the site will have no idea who you are. There are many such examples like this.

Lastly, I’d like to point out that you probably don’t need to worry about this. After all, many browsers will clear your cookies but also clear your usernames and passwords, and you may never be able to get some of those back. And maybe you don’t mind being coddled while online. Maybe it’s the one place where you get to feel understood. Why question that?

Categories: internet startup, news
  1. July 4, 2011 at 4:27 pm

    I don’t think amazon can see google cookies without google’s cooperation. Of course the high level of cooperation between the sites you visit is really the problem.


  2. July 4, 2011 at 4:44 pm

    Thanks, that’s a good point. I was getting confused between cookies and “referral url”. I corrected this mistake in the post. Thanks again!


  3. July 4, 2011 at 6:52 pm

    You didn’t mention Flash Cookies (totally different mechanism, not controlled by browser cookie settings, arbitrary-length data and persistence). Or HTML5 “offline data storage”, yet another mechanism sites can use to store arbitrary-length data, between visits.

    Neither is affected by the browser’s “clear cookies” command.


  4. Anonymous
    July 4, 2011 at 7:29 pm

    Thank you for the post. I think clearing all cookies is a great idea (I use Firefox and most of my cookies are set to “Allow for Session” only), however there are a few I allow permanently (e.g. email, Yahoo! mail, my banks, wireless carrier, utilities, etc.).

    Is there a way to clear these cookies too (e.g. reset to Session-only), but retain my account information? Or is this a bad idea? Thanks.


  5. Richard Séguin
    July 4, 2011 at 11:15 pm

    I generally use Omniweb on my Mac rather than Safari, and it allows me to set a number of site specific preferences. So, for example, I can bring up a particular site, click on the site-specific button, and tell the browser to reject cookies from that site. If I tell it to accept cookies from that site, there are two more options. I can tell it to remove cookies related to that site when I exit the browser, or accept cookies only from the current site (no second party cookies). You can also adjust site specific ad blocking options. Nice feature!

    I don’t always use this feature, but after last night’s experience manually removing a ton of cookies, I’m going to be a lot more disciplined about it. I accidentally removed a cookie that apparently is involved in auto-filling my email address and name for WordPress. I suppose now I might have to be re-approved for several blogs.


    • Richard Séguin
      July 5, 2011 at 10:56 pm

      After playing around with this a bit, I’ve concluded that it’s far easier to take the opt-in approach rather than the opt-out approach. So I’ve set the global cookie preference to not accept any cookies at all, but then I’ve used the site-specific settings, which override the global setting, to accept cookies from only a few specific sites, such as WordPress, Amazon, and the AMS.


  6. SisofmySis
    July 5, 2011 at 10:25 am

    Hey beautiful: Check this out: http://www.thefilterbubble.com/ Loads of talk of this at last month’s Personal Democracy Forum conference: http://personaldemocracy.com/


  7. July 5, 2011 at 1:04 pm

    Unfortunately, the downside of clearing your cookies and putting yourself into the bucket of people that advertisers know nothing about is that you’re generally going to end up with the most annoying (and highest converting) ads on the internet. The only real way to move away from the “Punch the Monkey” type ads is to build up a targetable profile so that you’re valuable to advertisers in some way.


  8. Matt
    July 5, 2011 at 2:15 pm

    Seems relevant:


  1. No trackbacks yet.
Comments are closed.
%d bloggers like this: