Only a few years ago, I probably would have started such an article with, “I guess we don’t have to go into great detail as to what cookies are used for and how they work”. Well, apparently, these days are over. Still, I won’t go into great detail here as regards the use and inner works of cookies. It would be a boring, utterly useless venture. Too many words have been made about them already, and none of those hit home.

Hence, I will give you a rather condensed version of what’s to know about them, lest I should risk to waste any more of your (and my) time: Cookies are not the problem! Neither yours nor mine, and, provided that they were employed in a reasonable manner, not your browser’s, either.

In general, cookies are used to save visitors’ time and effort. Yes, they also may help save programming time and effort. In both respects, they are a godsend. Yet …

It’s a Jungle out There

The internet is a jungle, and not all of the jungle dwellers are cute, friendly creatures you want to pet with your bare hands. Some of them are greedy bastards — even to the point where it’s fair to call them digital predators — who try to sell you to anyone willing to pay the price.

However, this is not the problem, either. Every “internet tourist” (this would be you, or me, or anyone else using their devices to roam the seemingly endless expanses of the information universe) is free to choose vehicle, route, and tour guide for their journey. This is the problem.

The Answer Is Not “Cookies”

Did you never wonder how come you and your friends get (sometimes utterly) different results in response to the same query, using the same search engine in the same browser (model)?

Didn’t it give you pause that YouTube kept recommending certain types of videos (or Facebook displaying certain adverts), even though you diligently deleted all cookies?

The answer to this problem is not “cookies“, it’s “browser” (or rather “browser configuration”) — and, of course, a number of “greedy bastards who exploit this information (behind your back)”.

Is There a Way to Fight Back?

In fact, there are a number of reasonable strategies, to keep them from getting what they want. A first promising step would be to stop disseminating nonsense as to what unheard of tricks cookies are able to pull. Frightening already fearful people even more doesn’t help anyone — except, perhaps, those idiots who enjoy themselves spreading said nonsense.

A side effect of such shenanigans is, that people focus on the wrong things and so miss the real problem. They remain vulnerable to all sorts of exploitation, because they are convinced to have their defence up and working already. You don’t believe me, think I’m judging well–intentioned measures too harshly?

State–Imposed, Utterly Pointless (even Counterproductive) Measures

Then what exactly is anyone to gain from a policy that obliges site owners to display a banner that informs their visitors that cookies are being used? Unless these people happen to live under the proverbial rock (in which case, I have a feeling, they would never see mentioned banners), they will have guessed as much already.

In terms of privacy and data protection this measure does nothing for the average user. It’s a perfect waste of time and effort (for both site owner and visitor), without giving anyone anything in return.

It would make a lot more sense to simply tell the public at large to configure their browser to automatically flush its cache and all activity records, each time a browser session is destroyed (that is, delete all cookies, browsing history and such, once you close all browser windows) or to persuade manufacturers of this software to add this choice to the many already existing, when a browser is launched for the first time after installation (but that promises to be a more tiresome route than nagging site owners is).

Every modern browser has this feature in its settings, and it doesn’t take an MIT graduate to locate and enable it. How does anyone expect the average user to know “relevant cookies” from “optional cookies”, anyway — or expect them to take the time to read up on the matter in order to make an informed decision?

There are hardly ever enough cookies stored on your computer to slow down your browsing experience nearly as much as is having to actively acknowledge this utterly useless piece of information time and time again in order to eventually get full access to information you are actually looking for.

Your “privacy” is (usually) not breached by some “evil” cookie, but by information that your browser voluntarily provides to the server that hosts the website you launch. This is the kind of information that helps identify you as a user — and to some extent also as a person (we’ll talk about this aspect in a bit).

What Information Does the Average Browser Provide Voluntarily?

Your browser profile usually includes:

  • Make, model, and version of browser
  • Type of operating system
  • Browser engine in use
  • “Your” location (usually even the town or city, but most definitely the country)
  • Carrier used to access the internet
  • Browser extensions enabled
  • Whether or not Javascript is enabled
  • Relevant processors (make and chipset)
  • Screen resolution
  • Size of browser window
  • Browser language
  • Which website you came from (unless this information is blocked or you launched the current website directly)
  • The pages you visit on the website (name and order)

Viewed individually, all these bits of information are quite useless; you share them with way too many people to ever target you successfully (and it’s actually meant to improve your browsing experience). However, the combination of these bits helps identify “you” (that is, your browser).

Now, pray tell, why would anyone go to the trouble to place “a cookie that phones home” (which could be deleted at any given time) on your device, if your browser does all the information gathering for them — persistently and free of charge?

The bad news is, you cannot fake or hide all of the information provided, without raising eyebrows, sooner or later. That might be the point when Facebook, and other platforms that require you to log in, show you the door (simply because they cannot make money with obviously false information). For who would be silly enough to pay for fake data?

The good news is, you don’t even have to. Just don’t use one browser (or, more to the point, one browser profile) for all your internet activity. It’s not remotely as tiresome a routine as you may suspect.

Any Strategies, Advice, Ideas?

In short, isolate certain types of websites in certain browsers — and beyond that, use the “hide in the crowd” strategy.

Of course, you could use a VPN (Virtual Private Network) to at least hide your location and carrier. With these data constantly changing, the likes of Facebook would have a great time, struggling to keep your browser profile fresh and ready for sale. Yet why would you pay money (for free services that are any good are few and far between) only to have your right to not being stalked (mind you, I’m not using this term lightly) protected?

(In case you happen to live in some one–horse town — which might also mean that your carrier is some one–server company — there won’t be many ways around the employment of a decent VPN, I’m afraid.)

It’s considerably more fun to have the mutts run in narrow circles and feed them quite useless information (without them realising it) than having to go the extra mile to escape their fangs and claws, because someone gave them too much leash.

Make a list of social media platforms you frequent (that will take you five minutes at most, and will be a one–time investment). These are the websites you visit using your device’s default browser only. Don’t customise that software — at all. You may set the browser to delete all cookies and activity records at the end of each session, though (that’s information browsers don’t pass on — for all I know).

The more you customise a browser, the more distinct its profile will (potentially) become, the easier it may be identified. Like, if you use a Linux machine but Microsoft Edge (I wouldn’t know why anyone would do that, but some obviously are adventurous enough — perhaps they lost a bet or something) to visit Facebook, you could as well dash naked through the streets, yelling, “look at me, here I am”.

If, on the other hand, you use your system’s default browser (without exotic settings), the odds are in favour of your browser profile matching hundreds or thousands of others, living in your town.

Now, install two more browsers (like, Brave and Vivaldi — both are known to be rather privacy–concerned — but as long as you stick to the strategy, it doesn’t really matter which ones you choose) and divide relevant tasks between them. Like, use one to do research and the other to watch the likes of Netflix. This way, each of them will have a considerably deviant image of “you” — and consequently also a different tale to tell.

Comments