Tuesday, 15 November 2011

Cookie privacy

I watched a talk by Cory Doctorow about browser privacy and the need for cookie management similar to popup management. He made a compelling point. A lot of our cross-site privacy and tracking issues these days are caused by cookies, and there are so many of them that we can't deal with them ourselves. We need our software to help us, the same way Mozilla (later Firefox) started refusing to display popup windows on websites. That choice, even though it was only enacted by a small, geeky subset of internet users, eventually changed the face of the whole internet, in browsers and websites alike. We can do that again if we just figure out how to manage our browser cookies better. It's going to be harder, I expect, but it's going to be even more worthwhile. The trouble is that cookies are so invisible that most people don't realise it's even happening, let alone that it's a problem.

Making cookies more visible might be the first step, or part of the first action. Next might be applying a reasonable upper limit to cookie expiry dates, regardless of what they request. Right now, a website can request that your browser store a cookie indefinitely, and your browser will oblige. That doesn't seem right.

Mokalus of Borg

PS - I use the Vanilla Cookie Manager plugin for Chrome.
PPS - It deletes cookies after 30 minutes unless I whitelist them.

No comments: