The crumbs we leave…
By Khakali Olenja | October 8, 2021
In 1994 an engineer at Netscape by the name of Lou Montulli created the webs first cookie. Cookies are text files that reside on user’s computer and store information from the websites users visits. Montulli noticed that the internet lacked a mechanism to facilitate short-term memory storage. This meant that users who added items to their cart would not see that same item if they selected another tab or if users logged into their email account and refreshed the page the users would have to log in again. Cookies in their purest form were designed to enhance user experience, and without them we would not know the internet as we do today.
How Cookies are used today
While it is true that cookies are an integral part of the web experience, it is also true that their initial intent has been repurposed over time. Brands want to reach individuals with the highest probability of converting to customers. To target these customers, internet companies have built multibillion dollar business models using cookies to connect advertisers and customers.
According to a report published by Statista Research Department, digital advertising spent worldwide amounted to approximately $378 billion dollars and is estimated to reach more than $645 billion dollars by 2024.
When users access a website a first-party cookie is created. First-party cookies can store attributes (e.g., Location, Cart, Time Spent, Username, Password, etc.). Brands will use these first-party cookies created to continue to share ads from their site to other websites using platforms and publishers. Platforms and publishers are companies (e.g. Youtube, Facebook, Snapchat, Google etc.) that have audiences of people who they can connect brands with via ads. In between, there are also middlemen who are dedicated to ensuring that brands ads are reaching the right people, companies like Facebook and Google serve both roles because of their scale.
As a result of the amount of money that is available to be generated from ads, platforms, publishers, and middlemen are all incentivized to collaborate with one another, which means more cookies are being generated than just the site a user is on. These additional cookies are called, third-party cookies. With third-party cookies, brands can go to Facebook or Google and request their ads be shared with users who visited the site a month ago.
The Impact on Privacy
While some individuals might think ads are nothing more than a nuisance at worst and a welcomed convenience at best, the enablement of third-party cookies allows companies to circumvent consent and allow for surveillance at scale without user’s privy to this. Some technology companies have rolled out features that will allow users to block third-party cookies which would prevent companies (e.g., Google, Apple, etc.) from identifying that a user on site A is the same user on site B. The problem is that companies like Google and Facebook are incentivized to find legal loopholes in existing policies. Facebook and Google can provide websites with a piece of code that looks like a first-party cookie data but sends all the data to a company anyway (e.g., Facebook Pixel).
Regulation has historically had trouble keeping pace with business, and the technology sector more broadly. While it is my belief that technology companies are generally well-intentioned, it is abundantly clear that the capital incentives make it materially difficult for technologies companies to self-regulate.
The Federal Trade Commission should enact legislation that provides guardrails on how customer data is being obtained and utilized beyond the terms and conditions. Open-source projects like Cookiedatabase.org – a project to bring more transparency to the world of online tracking and data collection should be referenced to help draft legislation.