They are not fattening, and they even reduce-- your privacy that is. HTTP Cookies (or MagicCookies) are a stealth infoage technology built into Netscape, Explorer, and NetCruiser browsers and allow Web servers to recognize users and keep tabs on their movements within websites as well as record their preferences and/or personalized data. If you look inside your computer's hard drive under preferences you will find a Cookie page.

"Cookies represents an effort by organizations to monitor people's interest in their products and services through the covert gathering of personal data," said Privacy Times Editor Evan Hendricks. The civil liberties and privacy debate is growing about Cookies. Netscape and Microsoft claim 'it's all in the manual,' but since most people download the software free off the web, who's ever seen one?

Many users are horrified when they discover that businesses or organizations can "secretly" request and receive information from their desktops without their knowledge or consent. Cookies track users' Web page requests, and therefore, record the users' surfing on a given site. It is like having a spy inside your computer--the equivalent of a Nielson recorder box on your TV-- without your permission.

Cookies are particularly offensive because the methods they use for collecting customer information extend far beyond expected social conventions. For example, it is unlikely that people would have a problem with an auto service department keeping maintenance records through the use of their car license plate number. Yet, those same people would be shocked if a drug store made a note of their license plate numbers every time they filled a prescription.

Why do cookies continue to be foisted on the public? One reasons is that sites are increasingly interested in offering personalized service to their users. Shopping cart programs allow users to keep shopping lists of purchases from site, and allow them to resume shopping another day without resubmitting their credit card number. While there are helpful ways that cookies can be used, like a technical support site offering you a customized list of new bug fixes and upgrades for only those products which interest you, for the most part the price you pay in decreased privacy doesn't seem to justify them. Cookies also make users vulnerable to credit card fraud, and confusion of records between multiple users of the same dialup connection.

Another insidious way cookies are used is to target advertising exposure to your preferences and interests. If you go to a search engine like Lycos and enter some keywords, Lycos can store in the cookie file a number that helps it know that you're user ID 238f983298ds8s9df (for example) and store what you looked for in its database. Let's say that a cybersmut purveyor wants to spam some ads, it could ask Lycos to setup a specific GIF image on Lycos' page only to users who looked up sex related links.

How to deal with the cookie problem? With Netscape version 3.0 or later, you can set the browser's preferences to give you a warning when a site is attempting to serve you one, and then accept or decline it. Some sites use what is called "persistent cookies" so if you opt for the warnings, it may slow down your browsing a little, but you will retain the right to decide on a site by site basis whether or not to be tracked. In spite of the controversy around their use, some online stores and membership sites use cookies to identify their users and make transactions possible, so there may be some minor reduction in your overall web functionality. You should remove your identity from the browser settings while surfing, and enter it only when you need to send a mailto from a webpage.

A recent proposal by the Internet Engineering Task Force would make it easier to control the use of "cookies." According to the BNA Daily Report for Executives (23 May 97), The Association of Online Professionals has come out against the proposal, citing potential loss of services from online providers who rely on cookies for passwords, preferences and other tasks; loss of a major method used to assess the success of Web advertising; and loss of "hundreds of thousands of man-hours for reprogramming Web sites."

There are other less covert ways to accomplish the goals that cookies are meant to meet. Until the debate gets specific about Cookie solutions, such as eTrust banners, or other disclosures of how they use your data are hung from all responsible business sites, there will be growing distrust of their use. By not allowing sites to serve them to you a message is being sent that you value your privacy and want to share information about you only with your active consent. Cookies will be around for a while, but ultimately the sites that serve them will get the message and use other means.



some cookie resources on the web: