Editing Internet privacy (section)

===HTTP cookies===
{{Main|HTTP cookie}}
An [[HTTP cookie]] is data stored on a user's computer that assists in automated access to websites or web features, or other [[State (computer science)|state]] information required in complex websites. It may also be used for user-tracking by storing special usage history data in a cookie, and such cookies — for example, those used by [[Google Analytics]] — are called ''tracking cookies''. Cookies are a common concern in the field of Internet privacy. Although website developers most commonly use cookies for legitimate technical purposes, cases of abuse occur. In 2009, two researchers noted that social networking profiles could be connected to cookies, allowing the social networking profile to be connected to browsing habits.<ref>Krishnamurthy B, Wills CE. (2009). [http://conferences.sigcomm.org/sigcomm/2009/workshops/wosn/papers/p7.pdf "On the Leakage of Personally Identifiable Information Via Online Social Networks"] {{Webarchive|url=https://web.archive.org/web/20110817125407/http://conferences.sigcomm.org/sigcomm/2009/workshops/wosn/papers/p7.pdf |date=2011-08-17 }}.</ref>

In the past, websites have not generally made the user explicitly aware of the storing of cookies, however, tracking cookies and especially ''third-party tracking cookies'' are commonly used as ways to compile long-term records of individuals' browsing histories — a privacy concern that prompted European and US lawmakers to take action in 2011.<ref>{{cite news |url=https://www.bbc.co.uk/news/technology-12668552 |work=BBC |title=New net rules set to make cookies crumble |date=2011-03-08 |access-date=2018-06-20 |archive-date=2018-08-10 |archive-url=https://web.archive.org/web/20180810220427/https://www.bbc.co.uk/news/technology-12668552 |url-status=live }}</ref><ref>{{cite web |url=http://adage.com/article/digital/sen-rockefeller-ready-a-real-track-bill/227426/ |work=Adage.com |title=Sen. Rockefeller: Get Ready for a Real Do-Not-Track Bill for Online Advertising |date=2011-05-06 |author=Edmond Lee |access-date=2012-09-17 |archive-date=2011-08-24 |archive-url=https://web.archive.org/web/20110824225528/http://adage.com/article/digital/sen-rockefeller-ready-a-real-track-bill/227426/ |url-status=live }}</ref> Cookies can also have implications for [[computer forensics]]. In past years, most computer users were not completely aware of cookies, but users have become conscious of the possible detrimental effects of Internet cookies: a recent study has shown that 58% of users have deleted cookies from their computer at least once, and that 39% of users delete cookies from their computer every month. Since cookies are advertisers' main way of targeting potential customers, and some customers are deleting cookies, some advertisers started to use persistent [[#Flash cookies|Flash cookies]] and [[zombie cookies]], but modern browsers and anti-malware software can now block or detect and remove such cookies.<!-- United Virtualities has built a substitute: PIE (persistent identification element). PIEs unlike cookies, cannot be easily deleted or detected and can reinstate any deleted cookie. PIEs also hold a sufficient amount more data than a cookie can. If a website is connected to a PIE, then one's browser will be marked with a Flash object. This is very alike to the process of a cookie. {{Citation needed|date=January 2012}} -->

The original developers of cookies intended that only the website that originally distributed cookies to users could retrieve them, therefore returning only data already possessed by the website. However, in practice, programmers can circumvent this restriction. Possible consequences include:
* the placing of a personally identifiable tag in a browser to facilitate [[web profiling]] {{see below}}, or
* use of [[cross-site scripting]] or other techniques to steal information from a user's cookies.

Cookies do have benefits. One is that for websites that one frequently visits that require a password, cookies may allow a user to not have to sign in every time. A cookie can also track one's preferences to show them websites that might interest them. Cookies make more websites free to use without any type of payment. Some of these benefits are also seen as negative. For example, one of the most common ways of theft is hackers taking one's username and password that a cookie saves. While many sites are free, they sell their space to advertisers. These ads, which are personalized to one's likes, can sometimes freeze one's computer or cause annoyance. Cookies are mostly harmless except for third-party cookies. These cookies are not made by the website itself but by web banner advertising companies. These third-party cookies are dangerous because they take the same information that regular cookies do, such as browsing habits and frequently visited websites, but then they share this information with other companies.

Cookies are often associated with pop-up windows because these windows are often, but not always, tailored to a person's preferences. These windows are an irritation because the close button may be strategically hidden in an unlikely part of the screen. In the worst cases, these pop-up ads can take over the screen and while one tries to close them, they can take one to another unwanted website.

Cookies are seen so negatively because they are not understood and go unnoticed while someone is simply surfing the Internet. The idea that every move one makes while on the Internet is being watched, would frighten most users.

Some users choose to disable cookies in their web browsers.<ref>[http://pewinternet.org/Reports/2000/Trust-and-Privacy-Online/Summary/Findings.aspx "Trust and Privacy Online: Why Americans Want to Rewrite the Rules". Pew Internet & American Life Project. Released Aug. 20, 2000] {{webarchive|url=https://web.archive.org/web/20120113003519/http://www.pewinternet.org/Reports/2000/Trust-and-Privacy-Online/Summary/Findings.aspx |date=2012-01-13}}</ref> Such an action can reduce some privacy risks but may severely limit or prevent the functionality of many websites. All significant web browsers have this disabling ability built-in, with no external program required. As an alternative, users may frequently delete any stored cookies. Some browsers (such as [[Mozilla Firefox]] and [[Opera (web browser)|Opera]]) offer the option to clear cookies automatically whenever the user closes the browser. A third option involves allowing cookies in general but preventing their abuse. There is also a host of wrapper applications that will redirect cookies and [[browser cache|cache]] data to some other location. Concerns exist that the privacy benefits of deleting cookies have been over-stated.<ref>{{cite web|url=https://www.danieldent.com/blog/six-internet-privacy-myths/|title=Six Common Internet Privacy Myths|work=Daniel Dent|date=2014-10-23|access-date=2014-10-24|archive-date=2022-02-15|archive-url=https://web.archive.org/web/20220215212919/https://www.danieldent.com/blog/six-internet-privacy-myths/|url-status=live}}</ref>

The process of ''profiling'' (also known as "tracking") assembles and analyzes several events, each attributable to a single originating entity, in order to gain information (especially patterns of activity) relating to the originating entity. Some organizations engage in the profiling of people's web browsing, collecting the [[URL]]s of sites visited. The resulting profiles can potentially link with information that personally identifies the individual who did the browsing.

Some web-oriented marketing-research organizations may use this practice legitimately, for example: in order to construct profiles of "typical Internet users". Such profiles, which describe average trends of large groups of Internet users rather than of actual individuals, can then prove useful for [[market analysis]]. Although the aggregate data does not constitute a privacy violation, some people believe that the initial profiling does.

Profiling becomes a more contentious privacy issue when data-matching associates the profile of an individual with personally-identifiable information of the individual. This is why Google, the dominant ad platform, that uses cookies to allow marketers to track people has announced plans to "kill the cookie."<ref>{{Cite magazine |last=Burgess |first=Matt |title=Google Has a New Plan to Kill Cookies. People Are Still Mad |language=en-US |magazine=Wired |url=https://www.wired.com/story/google-floc-cookies-chrome-topics/ |access-date=2023-05-14 |issn=1059-1028}}</ref>

Governments and organizations may set up [[Honeypot (computing)|honeypot]] websites – featuring controversial topics – to attract and track unwary people. This constitutes a potential danger for individuals.