Go to Portfolio Help

Go to Stocks Page

Trail of Crumbs Leads Right to the Cyber-Cookie Jar

Had enough cookies yet?

Cyber-cookies, I mean: the colorfully named snippets of software that report selective information about you to World Wide Web sites that you visit. Cookies help on-line marketers get to know you, whether you want them to or not.

To see this kind of data-dredging action, go to the Center for Democracy and Technology's Web Privacy site. As soon as you click your way onto the page, it displays a bit of personal information you provided just by showing up -- in my case, it was my e-mail address, my affiliation with The Washington Post and the kind of computer I own. [The site also links you to The Anonymizer, a web site that strips away your personal information when you pass through, leaving no personal trace on subsequently-visited pages.]

Other sites can collect far more information, by recording your transactions -- whether you bought a coat, or looked at a dirty picture.

Goodbye to the famously funny New Yorker cartoon that explained, "On the Internet, no one knows you're a dog." One site now displays a twist on the joke: "On today's Internet," it reads, "people do know you're a dog."

"Most people really do use the Web with an illusion of anonymity," said Janlori Goldman, CDT's deputy director, "and we want to shatter that" illusion.

It's easy enough to see why companies would love to have this kind of information: the more they know about potential customers, the more accurately they can aim their direct marketing pitches. Cookies -- the name was simply given arbitrarily -- were designed into the system in part to help commercialize the process by allowing Web site operators keep track of their visitors.

Yet many people are growing increasingly uncomfortable with the myriad ways that surfing the Web reveals our interests. Buying a racy magazine at the newsstand, even with a credit card, remains the buyer's business. Visiting a Web site for that same magazine could put the cyber-voyeur's e-mail address into a database that might be resold to other companies that will in turn send unbidden solicitations of their own. The same, of course, goes for visits to sites with political, religious or other sensitive themes.

Already, there is free software floating around the 'Net that lets you disable cookies so that you leave fewer tracks.

That doesn't completely close the question, however. Earlier this year a study by the nonprofit Center for Media Education and other groups warned of on-line sites for youngsters that required them to divulge personal information, such as e-mail addresses, birthdays and parents' occupations, before they can play games or enter contests.

Now, the government is pondering the issue. Earlier this month the Federal Trade Commission held two days of hearings on this topic, and gave stern instructions to the industries doing business on the Web to find ways to better safeguard the privacy of on-liners.

And last week, Rep. Edward Markey (D-Mass.) introduced legislation that would push industry to develop and implement privacy tools for on-line consumers. It would require those people collecting data to let Web surfers know that the data is being collected, tell them whether it will be reused or resold, and give them the right to opt out of the collection game.

"These rights are part of a privacy zone that every American is entitled to," Markey told me.

Markey noted that Congress upped privacy rights for video rentals because journalists got hold of Supreme Court nominee Robert Bork's viewing list, but has yet to act on similar protections for our vitally important medical records or our on-line explorations.

"In the World Wide Web era, Judge Bork will be accompanied by hundreds of thousands and millions of other people who will find that their privacy has been compromised," Markey said.

A spokesman for the direct marketing industry said Markey has a good idea but is going about it the wrong way. Jerry Cerasale, senior vice president for government affairs at the Direct Marketing Association, said, "We agree with Congressman Markey that people should have notice that information might be exchanged and they should have the opportunity to say no."

But the association wants voluntary guidelines administered by the industry, not federal laws. "We just think there's not a need right now to expand the [government] jurisdiction in this area," Cerasale said.

Marc Rotenberg, who runs the Electronic Privacy Information Center here in Washington, insists that Markey's efforts don't go far enough. "Notice and consent is not the solution," he said. "The answer is anonymous transactions." The same anonymity we enjoy when we walk into a diner and buy a hamburger with cash, said Rotenberg, should apply on the Net.

Sounds simple. But of course, nothing is simple anymore.

I'd bet on a compromise.

John Schwartz's e-mail address is schwartj@twp.com.