Evercookie: Why oversight matters

September 22, 2010

Opt-out and blocking technologies are important to allow consumers to express their privacy preferences and have assurance that they are honored. But as mentioned in earlier posts, the technology to track users will probably always outpace the technologies available for consumers to avoid being tracked. For this reason, websites must still have a responsibility to make careful choices about which companies’ tags they place on their pages, and tracking companies must submit to regular and meaningful oversight as to which methodologies they use. While there’s no bullet-proof way to avoid tracking, it is possible to limit it substantially through transparency and accountability.

So I was interested to read about Evercookie (read disclaimer below before clicking), which gathers together in one open-source tool a set of ways to track users without normal browser cookies. The author describes the mechanisms used:

– Standard HTTP Cookies
– Local Shared Objects (Flash Cookies)
– Storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out
– Storing cookies in Web History …
– HTML5 Session Storage
– HTML5 Local Storage
– HTML5 Global Storage
– HTML5 Database Storage via SQL Lite

It’s ingenious, and even includes a facility to replant the normal browser cookie if it has been deleted.

PS If you follow the link to Evercookie, I can’t assure you that you won’t end up with one!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: