After a decade of Facebook, we’re all aware of location tracking. In fact, many of my friends and family either have location services shutoff or don’t check-in at hotels, restaurants, etc. when they are away.
“I don’t want to get robbed,” said a friend recently before leaving on vacation to a much warmer place than New England this month. Even Alaska is warmer than Massachusetts at the moment, having not dropped below 32 degrees this winter.
However, location tracking isn’t the only way the internet is tracking our behavior. Every day, we allow cookies on our devices each time we enter a url in our browser. “Cookies are small files that websites put on your PC to store information about you and your preferences. Cookies can make your browsing experience better by letting sites remember your preferences or letting you avoid signing in each time you visit certain sites. However, some cookies might put your privacy at risk by tracking sites that you visit” (Delete and manage cookies, Microsoft Windows).
Cookies were invented by Netscape, a browser some of you may remember. They allow a website to remember us. Before cookies, each time you accessed a site, the session was treated as a new, unique session. Now you can navigate away from your e-mail and come back to it still logged in. This behavior has its downsides. As I saw back in my heydays of college, when you used a shared computer and forgot to log out of certain accounts, anyone could access them.
But as technology has advanced, so has the behavior of authenticated access to certain sites. While yahoo.com or gmail.com would leave you logged indefinitely, credit card companies and banks automatically time you out in a very short window to reduce the risk of someone else accessing your information. In addition, sites such as Amazon.com require you to verify yourself at the checkout layer so that even if you were logged in at a computer and someone accessed your account, they would need your account information to finish their shopping spree.
Cookies are not the real problem in a data connected world. “Cookies cannot be used to ‘steal’ information about you or your computer system. They can only be used to store information that you have provided at some point. To give a benign example, if you fill out a form giving your favorite color, a server can turn this information into a cookie and send it to your browser. The next time you contact the site, your browser will return the cookie, allowing the server to alter background color of its pages to suit your preferences” (Client Side Security – Cookies and Privacy, The World Wide Web Security FAQ)
Managing cookies isn’t the end all of staying safe online; neither is not checking in at a hotel when you are on vacation. They are only a piece of the puzzle. You can block cookies or at least customize your settings. You don’t necessarily need (or want) your preferences saved for Amazon.com, but you may want them saved for your favorite news sites.
You must be responsible when surfing the web by verifying the wireless domains you access are secure, logging out of bank accounts, not using a shared lab computer or friend’s computer to access sensitive information, and by clearing browser history when you are finished browsing the internet for the day.
Finally, remember to always validate the websites you visit, especially those that require authentication. The green bar is your friend; hackers are not.
Watch this Wall Street Journal video for more information about cookies.