Section 25.1. A Concrete Privacy Problem

25.1. A Concrete Privacy Problem

To ground the discussion in this chapter, we introduce a concrete privacy problem and a potential solution to the problem; we will refer back to both this problem and its solution throughout the chapter. The privacy problem that we examine is that of web cookies, and our solution is Acumen, a system that we have developed. Acumen uses social processes to help users manage their cookies.

Browser cookies are a general mechanism used by web sites to maintain state across multiple web page requests from a single user.^[1] While cookies can store arbitrary data, in practice, web sites frequently use cookies as persistent identifiers for users. Using cookies, then, a web site can identify all web page requests that a user makes to the site.

^[1] RFC 2965: HTTP State Management Mechanism; http://www.rfc-archive.org/getrfc.php?rfc=2965.

One concern that many Internet users have is the collection of personal data by entities such as corporations and government agencies; these users want the ability to control when, how, and what information they share with such entities. Browser cookies are particularly troublesome in this respect because web sites can use cookies to collect and aggregate information about users. In fact, many web sites can and do use cookies to monitor users' browsing activities and then link this data to personally identifiable information volunteered by users (e.g., name, email address), thereby creating personally identifiable profiles of users.^[2] (Another tool used by such web sites is web bugs, discussed by David Martin in Chapter 23.)

^[2] Federal Trade Commission, "Privacy Online: Fair Information Practices in the Electronic Marketplace: A Federal Trade Commission Report to Congress, May 2000"; http://www.ftc.gov/reports/privacy2000/privacy2000.pdf.

Cookies are nearly ubiquitous among the most popular web sites.^[3] As such, managing cookies on an individual or per-request basis is often confusing, tedious, and overly invasive for many users. Existing solutions for managing cookies, such as Platform for Privacy Preferences (P3P) user agents,^[4] Privoxy,^[5] and web browsers' tools, are insufficient at times. These tools are often not well understood by users, offer little awareness of ongoing cookie activity, and provide inflexible settings that do not adapt to changes in users' needs and attitudes.^{[6], [7]} Cookies, then, remain an outstanding privacy problem, and there is a need for tools that enable users to better manage their cookies.

^[3] Ibid.

^[4] Lorrie Faith Cranor, Web Privacy with P3P (Sebastopol, CA: O'Reilly Media, 2002). See also Chapter 22, this volume.

^[5] Privoxy software, http://www.privoxy.org.

^[6] Lynette Millett, Batya Friedman, and Edward Felten, "Cookies and Web Browser Design: Toward Realizing Informed Consent Online," Proceedings of the 2001 Conference on Human Factors in Computing Systems (2001), 4652.

^[7] Batya Friedman, David Howe, and Edward Felten, "Informed Consent in the Mozilla Browser: Implementing Value-Sensitive Design," Proceedings of the 35th Hawaii International Conference on Systems and Science (2002), 247; CD-ROM for full paper. See also Chapter 24, this volume.