|
Law in the Internet Society
|
|
Privacy and Cookies: The Choices We Make-- By ManuelLujan - 04 Dec 2024IntroductionAnyone who browses the Internet regularly has heard about cookies. Many people mindlessly accept them without hesitation. Others may be vaguely aware of the privacy concerns associated with them, but still dismiss them as insignificant. To some, fear of surveillance sounds like paranoid delusions or from conspiracy theories. And, in any case, most of us “have nothing to hide,” so why bother? However, no one has nothing to hide. The basic human aspiration to a sphere of individuality that is concealed from the rest of society is reflected in most of the actions that we take all the time. For example, when we walk into a store, we do it with the reasonable expectation that nobody will request that we disclose our personal information in order to be let in. It is safe to assume that a security guard asking us to allow him to go over our browsing history would be met with fierce resistance. And yet, when we go online, all such resistance suddenly vanishes. So, what’s the difference?How Cookies WorkHTTP cookies are data files that contain state information that a server sends to the user’s browser for it to store. Later, when the browser sends a new request, the cookie is included with it to let the server know that both petitions come from the same browser. The HTTP (Hypertext Transfer Protocol) is a stateless protocol, meaning that each HTTP interaction is independent and information about context or previous interactions is not stored. By employing cookies, the limitation of the protocol’s statelessness is overcome—the browser stores state information and makes session continuity possible. Cookies are used to identify users, personalize their sessions, and allow them to say logged in, among other purposes. They can collect all sorts of information about users, such as their unique ID, browsing and download history, and preferences. However, a greater concern as regards privacy is that associated with other kinds of cookies, known as third-party cookies, which are actually placed from domains other than the ones being visited by the user. These can be generated by marketers and social media platforms, for example, and they can track users to get access to their behavior, hobbies, past purchases, political affiliation, and more. This information is then used to present users with customized content, such as targeted ads and political propaganda. Some legislations require websites to apply an opt-in consent system, such as the EU’s General Data Protection Regulation. Others, such as the California Privacy Rights Act, do not contain this requirement. However, even when mandated to request explicit consent from users before placing cookies, website owners devise ingenious ways to induce our complacency. Websites tend to contain readily available “Accept all cookies” buttons, almost always in bright and appealing colors encouraging interaction. On the other hand, “Reject all cookies” or “Reject all non-essential cookies” buttons are usually grey and uninviting, or placed in less intuitive positions. In some cases, they are simply non-existent, and frustrating “Manage cookies” or “Customize cookies” buttons are in their place, forcing users to reject each cookie category individually. These details may appear innocent if we work under the assumption that Internet users are perfectly rational all the time, but that would be a naïve presumption. Most of these features result in the subconscious impression that accepting all cookies is the default option while rejecting them is a cumbersome, inconvenient alternative. Coupled with the belief that the incentive for going out of our way to reject them is insignificant, it is no wonder that users act with such complacency.What We can Do About ItPrivacy hazards are not the inevitable side-effect of technological progress, as data-mining corporations would have us believe. They are the deliberate result of carefully devised—and very profitable—extraction schemes. The first step towards protecting our privacy is gaining awareness of this issue, of how much of our privacy we are giving away and why it matters. Then, what follows is making rational choices in terms of how much we decide to disclose. But there are other options for those willing to go one step forward in the protection of their privacy and break free from the data mining scheme. Brave and Tor Browser are two browsers with user privacy at their core. Tor Browser is a Mozilla-based browser that routs the user’s traffic through the Tor overlay network, relaying and encrypting the user’s traffic, blocks third-party trackers, and automatically clears cookies after each browsing session. Brave is a Chromium-based browser that contains a built-in ad blocker that blocks intrusive ads and trackers by default. Moreover, some built-in components of these browsers can be added to other Chromium- or Firefox-based browsers. One of them is NoScript, which blocks harmful content from untrusted websites. Another popular option is ad blocking software, such as AdBlock Plus and uBlock Origin, which prevent intrusive advertising.ConclusionProtecting our privacy is both easier and more significant than many people think. The dismissive claim that our privacy is irrelevant and not worth the hassle is not only misguided but also inconsistent with our behavior in other aspects of our lives. The fatalist claim that insisting on protecting our online privacy is fighting a losing battle is also misinformed. We have the tools we need to protect ourselves, even if we have been led to believe we do not. Sometimes, huge steps in the right direction can be taken by simply stopping to think twice and taking the time to make more rational decisions.You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. To restrict access to your paper simply delete the "#" character on the next two lines:
|
|
