Websites may place small files called “cookies” on an Internet user’s machine, and some types of cookies can be used to collect information about the user without his or her consent. The Cookie Clearinghouse will develop and maintain an “allow list” and “block list” to help Internet users make privacy choices as they move through the Internet. The Clearinghouse will identify instances where tracking is being conducted without the user’s consent, such as by third parties that the user never visited.
To establish the “allow list” and “block list,” the Cookie Clearinghouse is consulting with an advisory board that will include individuals from browser companies including Mozilla and Opera Software, academic privacy researchers, as well as individuals with expertise in small businesses and in European law, and the advisory board will continue to grow over time. The Clearinghouse will also offer the public an opportunity to comment. With this input, the Clearinghouse will develop an objective set of criteria for when to include a website’s cookies on the lists.
The Clearinghouse will create and maintain the lists. Browser developers will then be able to choose whether to incorporate the lists into the privacy options they offer to consumers. Company websites with cookies that have been included on the “block list” will be able to respond to the Clearinghouse to correct any mistakes in classification.
“Internet users are starting to understand that their online activities are closely monitored, often by companies they have never heard of before,” said McDonald, “But Internet users currently don’t have the tools they need to make online privacy choices. The Cookie Clearinghouse will create, maintain, and publish objective information. Web browser companies will be able to choose to adopt the lists we publish to provide new privacy options to their users.”
The need for the Clearinghouse evolved out of an effort by CIS fellows called Do Not Track. Initially, Stanford’s Do Not Track work raised consumer awareness about the way in which “tracking cookies” are used by websites—and by unaffiliated third parties—to compile extensive individual browsing histories that provide those companies with data about individual consumer behavior.
This effort has since progressed to a global standards effort led by the World Wide Web Consortium (W3C.) More recently, CIS researchers began a new effort to prevent companies from tracking without the user’s consent. CIS student affiliate Jonathan Mayer wrote a software patch for use in Mozilla’s Firefox browser that limits third party tracking through cookies.
Mayer’s patch mimics existing functionality in the Safari browser, which already prevents tracking from websites users have not visited. While Do Not Track efforts continue into their third year, the Cookie Clearinghouse is a new opportunity to accelerate Internet users’ ability to make effective online privacy choices.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.