Cookies are messages that a Web
server transmits to a Web browser so that the Web server can keep track of
the user's activity on a specific Web site. The message that the Web server
conveys to the browser
is in the form of an HTTP
header
that consists of a text-only string.
The text is entered into the memory of the browser. The browser in turn stores
the cookie information on the hard
drive so when the browser is closed and reopened at a later date the cookie
information is still available.
Web sites use cookies for several different reasons:
- To collect demographic information about who is visiting the Web site.
Sites often use this information to track how often visitors come to the
site and how long they remain on the site.
- To personalize the user's experience on the Web site. Cookies can help
store personal information about you so that when you return to the site you
have a more personalized experience. If you have ever returned to a site and
have seen your name mysteriously appear on the screen, it is because on a
previous visit you gave your name to the site and it was stored in a cookie
so that when you returned you would be greeted with a personal message. A
good example of this is the way some online shopping sites will make
recommendations to you based on previous purchases. The server keeps track
of what you purchase and what items you search for and stores that
information in cookies.
- To monitor advertisements. Web sites will often use cookies to keep track
of what ads it lets you see and how often you see ads.
Cookies do not act maliciously on computer systems. They are merely text
files that can be deleted at any time - they are not plug
ins nor are they programs. Cookies cannot be used to spread viruses
and they cannot access your hard drive. This does not mean that cookies are not
relevant to a user's privacy and anonymity on the Internet. Cookies cannot read
your hard drive to find out information about you; however, any personal
information that you give to a Web site, including credit card information, will
most likely be stored in a cookie unless you have turned off the cookie feature
in your browser. In only this way are cookies a threat to privacy. The cookie
will only contain information that you freely provide to a Web site.
Cookies have six parameters that can be passed to them:
- The name of the cookie.
- The value of the cookie.
- The expiration date of the cookie - this determines how long the
cookie will remain active in your browser.
- The path the cookie is valid for - this sets the URL
path the cookie us valid in. Web pages outside of that path cannot use the
cookie.
- The domain the cookie is valid for - this takes the path parameter
one step further. This makes the cookie accessible to pages on any of the servers
when a site uses multiple servers in a domain.
- The need for a secure connection - this indicates that the cookie
can only be used under a secure server condition, such as a site using SSL.
Both Netscape
and Microsoft Internet
Explorer (IE) can be set to reject cookies if the user prefers to use the
Internet without enabling cookies to be stored. In Netscape, follow the Edit/Preferences/Advanced
menu and in IE, follow the Tools/Internet Options/Security menu to set
cookie preferences.
For more information, see:
The Electronic Privacy
Information Center
The Unofficial Cookie FAQ
