Re: ONLINE-ADS>> Whose hand is that in the cookie jar?

Bob Stewart (rstewart_at_mars.superlink.net)
Wed, 16 Apr 1997 10:28:43 -0400

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Archive Home Page
• Search
• Next message: David Samuel: "ONLINE-ADS>> Audio Advertising - who is doing it?"
• Previous message: Sean Pfister: "ONLINE-ADS>> value of requested ad vs. pushed ad?"
• Maybe in reply to: Kenneth C. Jenks: "ONLINE-ADS>> Whose hand is that in the cookie jar?"

At 10:15 PM 4/15/97 -0500, Ken Jenks wrote:
>Yes, I've written some interlocking CGI programs that allow a CGI program on
>your server to read domain-specific cookies sent from my server to the
client.

But only if I were to place a reference to your script on my site. Or, you
actually controlled both domains. You certainly can't read a cookie I've
assigned and I can't read the ones you've assigned. Again, this is what the
author said, "...cookies are ominous strings of random numbers that follow
[users] from site to site." And, again, that is simply not true. It isn't
even true of the sites within DoubleClick's network. Only DoubleClick can
read the cookies they've assigned, their affiliates can't. And DoubleClick
has no way of associating that cookie with a particular person.

At 12:06 PM 4/15/97 -0500, Rob wrote:
>In fairness to DoubleClick, there are others who do this, they don't hide
>the fact that they can do this, and there is no evidence to my knowledge
>that they "misuse" this information.

But how could they "misuse" it? All they would have is a random number
linked to a series of ads. For their purposes this might be useful, and
maybe they could even find a buyer for a breakdown on usage patterns. But
they can't sell someone a list that reveals that Robert Grosshandler visits
site X once a day, because they don't have it. All they have is a random
number and they have no idea who it's associated with.

In many ways, cookies provide GREATER privacy. The forum pages at my garden
site save users' names and email addresses to cookies so that these are
already filled out for them on the submission forms. We require no
registration and users' names are never recorded at the site. I could
alteratively save these to a big database on my site, but wouldn't that
decrease the level of privacy?

And the same argument could be made in Ken's case. What if he just shared
his registration info with the second site in some file form, would that
increase privacy?

Is there greater privacy if tracking is done with manipulating the URL as
Pathfinder does?

If you register with a site, giving them your name and other personal info,
and then proceed to request files from that site, you can reasonably expect
that in some way they're tracking your usage. And they'll do it with or
without cookies. As to whether third parties will have access to that
information, you have to gauge the reputation of the site involved and
decide if what you're doing there is something you'd want others to know
about. But this is true in all aspects of life. I just gave a credit card
company information that I would be very upset if they shared. But I have
pretty good idea they won't spread it around.

Bob Stewart

The Virtual Mirror - http://www.vmirror.com

138 Montgomery St., #1M
Highland Park, NJ 08904

• Archive Home Page
• Search
• Next message: David Samuel: "ONLINE-ADS>> Audio Advertising - who is doing it?"
• Previous message: Sean Pfister: "ONLINE-ADS>> value of requested ad vs. pushed ad?"
• Maybe in reply to: Kenneth C. Jenks: "ONLINE-ADS>> Whose hand is that in the cookie jar?"

With an archive of more than 14,000 postings, since 1996 the Online Advertising Discussion List has been the Internet's leading forum focused on professional discussion of online advertising and online media buying and selling strategies, results, studies, tools, and media coverage. If you wish to join the discussion list, please use this link to sign up on the home page of the Online Advertising Discussion List.