Are cookies a form of spyware?

What do you think?
1 2
I don't quite seem to get the connection Mike?

Cookies are small cakes made from sweetened dough whereas spywear are clothes that you can look at others discreetly from.

Mike, I can give you my doctor's number if you want, I think you might need some help.
Wise guy eh?! You never watched Get Smart?
[url="http://www.cookiecentral.com/c_concept.htm "]Cookies - you have NO privacy[/url]
Teachers: We supply a list of EFL job vacancies
Cookies are actually really useful: most well-meaning e-commerce sites wouldn't work at all without them. For instance, if you're shopping on Amazon, as you go through the different pages, the Amazon server uses your cookie as a temporary ID card, making sure that virtual shopping cart 'remembers' its contents. The cookie used here is temporary, and is normally deleted automatically after a few hours.

However, some websites also use cookies for data mining purposes, not only to store options. Data mining involves the collection of as much customer data as possible, the more specific the better. Here is a quote from [url="http://www.google-watch.org "]Google Watch[/url]:
Google uses a single cookie for everything, and it expires in 2038. Your browser offers this cookie, which contains a unique ID number, every time you enter any page on Google's site. If you don't have a cookie, Google will give you one with a new unique ID number.

All of your search terms are saved by Google, along with a time stamp, your IP address, and your unique cookie ID. So far this information is not considered "personally identifiable" by Google because your IP addresses might be dynamic. (Broadband addresses are often fixed for weeks or months, but dialup addresses are very dynamic.) The unique ID in the cookie is the one thing that identifies all of your various IP addresses as coming from the same browser.


Earlier in 2004, Google changed their privacy policy to include this statement:
"If you have an account, we may share the information submitted under your account among all of our services in order to provide you with a seamless experience and to improve the quality of our services."


This means that, if you're a GMail subscriber, Google can store your username in the cookie. Everytime you search, Google will build up a database of keywords assigned to your username, and can keep a very accurate record of your searching habits. A shrewd mind would have deduced this already: Google can also cross-reference your username with your real name and address, which you entered while subscribing for GMail. This does sound scary, but its applications are more practical rather than simple eavesdropping. If I search for spanners, Google won't just display ads for spanner suppliers all over the world, but can display the ad for the hardware store down the road from my house.

PS: If you want to see the information contained withing a cookie, just use this quick trick in IE: in your URL bar, just type BLOCKED SCRIPTalert(document.cookie) and hit enter. Try it on English Forums. The large alphanumeric string of text is a unique identifier which keeps track of you as you browse the site (again, not so you can be spyed upon, but simply to make sure that you remain logged in.)
Cookies do not meet the definition of “Spyware". However, having said that, cookies set by third party sites, are there to track your browsing habits. Doubleclick may justify their cookies with altruistic statements about reducing the number of times you may see a given add, but the fact remains they are tracking your browsing activities. While personally, I use the built in cookie control of Zonealarm and Firefox to control my cookies, programs such as Ad-Aware (notice it isn’t called Spy-Aware) are absolutely doing what they were designed for to point out when tracking cookies exist on your computer. Cookies may not be spyware, but at the very least, 3rd party cookies are yet another unwanted invasion of my privacy!
Actually spyware is used to collect data. That data is analysed and used to produce targeted ads. Google and Doublelick use cookies to collect data which they then use to deliver targeted ads. So cookies really can be a form of spyware (which doesn't mean that they are spyware.)

Here are all the definitions of spyware I could find, and cookies can fit into them:

A general term for a program that surreptitiously monitors your actions. While they are sometimes sinister, like a remote control program used by a hacker, software companies have been known to use spyware to gather data about customers. The practice is generally frowned upon.
blackice.iss.net/glossary.php

A technology that assists in gathering information about a person or organization without their knowledge. On the Internet, "spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties." As such, spyware is cause for public concern about privacy on the Internet.
reach.ucf.edu/~coursdev/cdrom/html/help/glossary.html

This is also known as "adware". It is a hidden software program that transmits user information via the Internet to advertisers in exchange for free downloaded software. The Specialty Alliance Corporation™ does NOT use Spyware in any form or fashion, or will do business with companies that do.
www.calnique.com/glossary.htm

There are concerns that some Web sites and commercial organisations track users' online activity through the use of what is called ‘spyware'. Usually coming in the form of ‘cookies' - these enable the cookie writer to build-up information about what you do and where you go on the Web. Software is available that checks for and removes spyware.
www.btsafersurfing.com/glossary/p_t.html

Software that tracks usage and reports it to others, such as advertisers Usually the tracking is concealed from the user of the software.
www.cba.nau.edu/facstaff/durham-j/glossary_orphanware.htm
Site Hint: Check out our list of pronunciation videos.
Some cookies, such as behavior tracking cookies are triggers for malware programs - like the Avenue A Inc cookie Lockergnome seems to have started using recently - my link to this site. Until I’m confident that all the browser tools I’m using now will function - after testing - in Firefox, or until Opera permits .MHT file saving, or text *** image drag N drop functionality - I still use IE 5.5.

SpyBot S&D (I forget exact ap name, it works great) gives privacy warning about every time I try to open a link from any of several newsletters I subscribe to from Lockergnome. I attempted to find an Opt-Out, via personal search of Pest-Patrol site and Google, and it appeared they offered one. It does not work.

Remaining problem is if I deny download of Avenue A cookie, my brwser window crashes and sometimes entire IE session crashes. Whether you want to split hairs over jargon terminology of “spyware", I don’t want anything that will interfere with my brwsing or computer control, against my wishes and against my settings - which function adequately with all my other newsletter links.

Please get Lockergnome to stop using the known privacy bug - and plain hassle - Avenue A Inc cooke - aslo idnetified as another pseudonym at their own site.

Greg
Excerpt from article on Clickz.com By Zachary Rodgers | January 6, 2005
--------------------------------------------------------------------

http://www.clickz.com/features/insight/article.php/3455511

The federal "Securely Protect Yourself Against Cyber Trespass Act" (SPY-ACT) was first introduced in 2003 as bill HR 2929. It passed overwhelmingly in the House of Representatives in October, 2004, but didn't reach a vote in the Senate before the end of the 108th Congress. California Representative Mary Bono reintroduced it this week as HR 29. The bill now starts from scratch in its march toward legislation. It begins in the House Committee on Energy and Commerce and, if successful, comes to the House floor for a vote.

Odds are in the bill's favor, according to Trevor Hughes, executive director of both the Network Advertising Initiative (NAI) and the International Association of Privacy Professionals (IAPP).

"It's notable that [House Commerce Committee] Chairman Barton is one of the co-sponsors on the bill," Hughes said. "That's a strong indication there will be committee support for this bill's movement. I would expect to see it emerging on the House floor sometime this year."

Congresswoman Bono's press secretary, Kimberly Pencille, confirmed Barton's backing, but said the Committee welcomes input from marketers concerned about the bill's language. "The door is open, if they want to come and comment on it," she said.

The proposed legislation primarily seeks to regulate privacy-invading spyware commonly installed on hard drives without users' knowledge or permission, hence the name. However, its definition of "cookie" doesn't distinguish carefully between the various uses of code to capture user information.

While SPY-ACT creates cookie exceptions for publishers wishing to identify return visitors, those exceptions don't apply to third parties or network advertisers. "In the current bill, cookies that behave like cookies are exempt," said Pencille. "If it's monitoring your behavior when you leave [the site that placed it], then it's not covered." The bill wouldn't permit publishers to share cookie information with partners, which would cripple their ability to target ads. Passage of the bill would make illegal such widespread marketing practices as behavioral targeting, cross-site frequency capping, and network traffic analysis. Publishers and site owners are also dependent on third party tracking tools to earn the higher CPMs they've enjoyed of late.

"If cookies go away, it dumbs down publishers' ad inventory and makes it far less valuable," said Hughes. "It potentially devastates the CPA market as well. You use cookies to determine whether actions have occurred."

He believes the passage of the bill could mean a "return to the stone age" of interactive marketing, and he laments a lack of industry awareness of HR 29's negative consequences.

A "notice and consent" clause in the bill allows the placement of cookies that monitor Web surfing, so long as a site owner obtains permission to place the cookie file. Pencille said consent must be granted only once.

"There's a misunderstanding out there that this would create a swarm of pop-up ads, which is not the case," she said.

---------------------------------------------------

The part from the above story which I find interesting is;

"In the current bill, cookies that behave like cookies are exempt," said Pencille. "If it's monitoring your behavior when you leave [the site that placed it], then it's not covered."
Greg
The title of this topic is, 'Are cookies a form of spyware?' I don't feel that I am splitting hairs by giving definitions of spyware and showing where they are relevant to cookies.

Have you considered upgrading to IE6? It might solve the problem with your browser crashing. Just go to [url="http://windowsupdate.microsoft.com /"]Windows Update[/url] and it'll show you the rest.
Students: We have free audio pronunciation exercises.
Show more