Nuts & Bolts: Everything You Wanted To Know About Cookies But Were Afraid To Ask

by Adam Marcus on January 27, 2009 · Comments

As a means of introducing myself to TLF readers, this is an article that I wrote for the PFF blog in September that has not been previously mentioned on the TLF. Most of my other PFF blog posts have been cross-posted by Adam Thierer or Berin Szoka, but I’ve taken ownership of those posts so they appear on my TLF author page.

This is the first in a series of articles that will focus directly on technology instead of technology policy. With an average age of 57, most members of Congress were at least 30 when the IBM PC was introduced in 1981. So it is not surprising that lawmakers have difficulty with cutting-edge technology. The goal of this series is to provide a solid technical foundation for the policy debates that new technologies often trigger. No prior knowledge of the technologies involved is assumed, but no insult to the reader’s intelligence is intended.

This article focuses on cookies–not the cookies you eat, but the cookies associated with browsing the World Wide Web. There has been public concern over the privacy implications of cookies since they were first developed. But to understand them , you must know a bit of history.

According to Tim Berners Lee, the creator of the World Wide Web, “[g]etting people to put data on the Web often was a question of getting them to change perspective, from thinking of the user’s access to it not as interaction with, say, an online library system, but as navigation th[r]ough a set of virtual pages in some abstract space. In this concept, users could bookmark any place and return to it, and could make links into any place from another document. This would give a feeling of persistence, of an ongoing existence, to each page.”[1. Tim Berners-Lee, Weaving The Web: The Original Design and Ultimate Destiny of the World Wide Web. p. 37. Harper Business (2000).] The Web has changed quite a bit since the early 1990s.

Today, websites are much more dynamic and interactive, with every page being customized for each user. Such customization could include automatically selecting the appropriate language for the user based on where they’re located, displaying only content that has been added since the last time the user visited the site, remembering a user who wants to stay logged into a site from a particular computer, or keeping track of items in a virtual shopping cart. These features are simply not possible without the ability for a website to distinguish one user from another and to remember a user as they navigate from one page to another. Today, in the Web 2.0 era, instead of Web pages having persistence (as Berners-Lee described), we have dynamic pages and “user-persistence.”

This paper describes the various methods websites can use to enable user-persistence and how this affects user privacy. But the first thing the reader must realize is that the Web was not initially designed to be interactive; indeed, as the quote above shows, the goal was the exact opposite. Yet interactivity is critical to many of the things we all take for granted about web content and services today.

Continue reading →

Comments Posted in: Privacy Solutions, Privacy, Security & Government Surveillance, Technology, Business & Cool Toys

PFF Launches Center for Internet Freedom

by Berin Szoka on October 24, 2008 · Comments

The Progress & Freedom Foundation has just launched the new Center for Internet Freedom.  CIF offers an alternative to the proliferation of advocacy groups calling for government intervention online by offering timely analyses and critiques of proposals that diminish the vital role of free markets, free speech and property rights.  We aim to drive the Internet policy debate in new directions by emphasizing a layered approach of technological innovation, user education, user self-help, industry self-regulation, and the enforcement of existing laws consistent with the First Amendment.  Such an approach is a less restrictive—and generally more effective—alternative to increased regulation.  

Here are some of the issues I’ll be working on as CIF’s Director in conjunction with my esteemed colleagues Adam Thierer, Adam Marcus, and adjunct fellows: 

  • Defending online advertising as the lifeblood of online content & services, especially in the “Long Tail”;
  • Emphasizing market solutions to problems of privacy protection, especially regarding the use of cookies and packet inspection data;
  • Protecting online speech and expression both in the U.S. and abroad;
  • Defending Section 230 immunity for Internet intermediaries;
  • Opposing online taxation and legal barriers to e-commerce and digital payments, especially at the state and local levels; and
  • Ensuring that Internet governance remains transparent and accountable without hampering the evolution of the Internet.

Comments Posted in: Advertising & Marketing, Broadband & Neutrality Regulation, E-Commerce Taxation & Regulation, First Amendment, Free Speech & Online Child Safety, Inside the Beltway (Politics), Intermediary Deputization & Section 230, Internet Governance & ICANN

Online Advertising & User Privacy: Principles to Guide the Debate

by Berin Szoka on September 24, 2008 · Comments

By Berin Szoka & Adam Thierer
Progress Snapshot 4.19 (PDF)

Since the fall of 2008, a debate has raged in Washington over “targeted online advertising,” an ominous-sounding shorthand for the customization of Internet ads to match the interests of users.  Not only are these ads more relevant and therefore less annoying to Internet users than untargeted ads, they are more cost-effective to advertisers and more profitable to websites that sell ad space.  While such “smarter” online advertising scares some—prompting comparisons to a corporate “Big Brother” spying on Internet users—it is also expected to fuel the rapid growth of Internet advertising revenues from $21.7 billion in 2007 to $50.3 billion in 2011-an annual growth rate of more than 24%. Since this growing revenue stream ultimately funds the free content and services that Internet users increasingly take for granted, policymakers should think very carefully about what’s really best for consumers before rushing to regulate an industry that has thrived for over a decade under a layered approach that combines technological “self-help” by privacy-wary consumers, consumer education, industry self-regulation, existing state privacy tort laws, and Federal Trade Commission (FTC) enforcement of corporate privacy policies.

In an upcoming PFF Special Report, we will address the many technical, economic, and legal aspects of this complicated policy issue-especially the possibility that regulation may unintentionally thwart market responses to the growing phenomenon of users blocking online ads. 

We will also issue a three-part challenge to those who call for regulation of online advertising practices:

  1. Identify the harm or market failure that requires government intervention.
  2. Prove that there is no less restrictive alternative to regulation.
  3. Explain how the benefits of regulation outweigh its costs. 

Continue reading →

Comments Posted in: Advertising & Marketing, E-Commerce Taxation & Regulation, First Amendment, Free Speech & Online Child Safety, Inside the Beltway (Politics), Open Source, Open Standards & Peer Production, Technology, Business & Cool Toys