Who's watching you on the web? How cookies are changing

OPINION: Before the age of Covid, I was lucky enough to travel offshore a fair bit with work. I spent a lot of time in the Gulf states, allowing me to enjoy the bazaars and souks of Muscat, Abu Dhabi and Doha.
If youve never bargained with an Arab merchant, then you need to. Its a full on experience that is in equal parts charming, alarming and audacious.

You dont need to worry about not agreeing on a price, because if you decide to move on and keep on wander around the market; the shop owners employ small boys to keep track of you in the market and offer you increasingly attractive deals on the merchants goods.

And that in a nutshell is what a computer cookie is. Its a small file that attaches itself to your computer and keeps track of you as you wander around the biggest marketplace in the world.

Over the last 26 years its become the default way of tracking your movements around the web and its also what last week Google announced it was planning to knock on the head.Its a significant move by the Google monster and for the estimated 2.8 million New Zealanders who use Chrome as their desktop browser.

* 87% of websites are tracking you. A new tool can run a creepiness check
* Stuff Cookies Policy and Targeting and Tracking Policy
* Wisdom about online tracking from the Cookie Monster

Before we dig into this, lets do a quick Cookies 101.

Cookie files are either first-party or third-party, and either session or persistent.

First-party cookies are what Amazon puts on your laptop when you are visiting, so when you come back they will know its you and be able to show your watchlist and listings that might interest you.

Third-party cookies are put on your machine by companies you are not directly engaging with, typically advertising companies which track your movements to build up a data picture of you.

First or third-party cookies can be persistent or session. Persistent cookies stay for a long time, years sometimes. Session cookies typically only last for the length of your visit to a situs and them poof they disappear.

The chances are that your computer currently has thousands of cookies sitting on it right now, many of which are from companies youve never heard of.

Cookies can deliver good outcomes by making your life easier, websites faster and removing pain.

Patrick Semansky/AP
Google was fined US$120 million (NZ$166.50m) last year by the French Government for dropping cookies on peoples machines without asking for their consent in certain situations.

Cookies can also deliver bad outcomes by secretly tracking your entire online life, gathering your data for aggregators to sell to others.

Facebook got itself in a lot of expensive trouble with European regulators when it was found to be using third-party persistent cookies to track peoples activity and preferences across the web (ie: outside Facebook).

Google was fined US$120 million (NZ$166.50m) last year by the French Government for dropping cookies on peoples machines without asking for their consent in certain situations.

But now all thats going to stop, with Google saying on its blog last week that it will only use privacy preserving technologies. Specifically, it promised that once it phases out third-party cookies in 2022, it will not build alternative identifiers to track people as they browse the web.

Which is great. The question is what will they replace it with?

What Google has strongly telegraphed so far via its Privacy Sandpit - is a cohort approach, grouping together similar browser behaviours. So, for instance, it might group together browsers who are interested in online trust and safety, motorcycles and long walks on the beach. Then present them with relevant content and offers.

The takeout here is that people would be targeted based on machine-learning generated cohort IDs rather than individual user IDs. Thats a win for privacy.

Kevin Stent/Stuff
Mike ODonnell: The Google move is not purely an attempt to do the right thing. It pays off for the company, too.

But its also a win for Googles advertising business, the one that makes the lions share of revenue for the Google monster. The reason for this is that by disabling the millions of third-party tracking cookies, the relative value of first-party cookies will grow exponentially.

Two of the biggest purveyors of persistent first-party cookies on the planet are Google and Facebook. These companies are already well-known for their love of walled garden ecosystems, so this move bolsters those walls considerably.

And thats the rub.

Many companies have already moved to remove third-party tracking cookies.

Mozilla first offered it aeons ago. Then two years ago it made it default on its Firefox browser. Apple enabled it a year ago.

But neither of these companies has been big advertising businesses, so the move was more motivated around good digital citizenship. Doing the right thing and building trust with users. Which is cool.

Thats not to say themove by Google is just thinly veiled self-interest, it knows privacy is key to its ongoing social license. But youd be a mug to think it didnt run a pretty flash commercial slide rule across the exercise before it pushed go.

As you enter the Souq Wagif market in Doha you pass under an arch with an old Arab Proverb. It reads: Think of how you are going to get out before you enter.

It strikes me that Google had a pretty good idea of how it was going to come out of this change in policy, before it committed to going into it.

Mike MOD ODonnell is a professional director, writer and facilitator. He uses Awesome Cookie Manager a free Chrome extension to track whos tracking him.


Our Partner