Emory Report

 October 13, 1997

 Volume 50, No. 8

Technology Source

Web site 'cookies' create
footsteps in cyberspace

Imagine shopping at a grocery store and, as you enter, you get a piece of paper with the store name and the time you arrived. Then each time you walk down an aisle, you receive another piece of paper with the name of the aisle, the date and the time. Anyone with enough interest could piece together your visit to the store, based on these bits of information.

Cyberspace "cookies" are like those pieces of paper. Web sites that use cookies transmit them from their server to a file on your hard drive when you visit their site. The contents of a cookie are determined by the owner of the web server. Most keep passwords and IDs so visitors do not have to rekey this information each time they visit. But cookies may also encode the web pages you visited, the Internet Protocol number associated with your workstation or the details of your last web-initiated credit card purchase. Advertisers on the web claim cookies help them target new products to consumers. But privacy is a concern for many Internet users, as was evidenced by this summer's Federal Trade Commission hearings.

Tourbus, a web site dedicated to examining the Internet, recently posted an article reminding 'Net surfers that cookies cannot store any personal data such as names or telephone numbers unless you actually key the information into a form at the web site sending the cookie. Web privacy may have less to do with the fact that information is stored and more to do with who has access to it and what might be done with it. Suppose you were denied a job because of a visit to a web site advocating marijuana or received a hike in your health insurance premiums because of a visit to an AIDS information site, the Tourbus article wondered.

While web users cannot stop a server from sending cookies, you can choose whether to accept them. An option in your browser software will alert you each time a web server wants to send a cookie.

To set this option in Netscape Navigator, go to the Options menu and select Network Preferences, then select Protocols and click on the box Show an Alert before Accepting a Cookie. In the Internet Explorer browser, go to the View menu, select Options, click on Advanced Tab, and check the box Warn Before Accepting Cookies.

Typically a cookie message will be in a code that appears to be meaningless. To see the contents of a sample cookie, set your browser to alert you before accepting a cookie, and visit this Emory web site:<http://www.emory.edu/ITD/RP/TEST/cookie.pl>

For more information on cookies, visit these sites:

Netscape's Cookie Specs: <http://home.netscape.com/newsref/std/cookie_spec.html>; Tourbus web site: <http://www.TOURBUS.com/archive/ tb072997.txt>; Andy's HTTP Cookie Info: <http://www.illuminatus.com/cookie.fcgi>; Cookie Central: <http://www.cookiecentral.com>.

Linda Erhard works in Administrative Services for the Information Technology Division.

Return to October 13, 1997 Contents Page