Let’s build a cookie exchange

Bruce Schneier’s post on Internet privacy hits the nail on the head. He is not the first one to make the point. Scott McNealy did that in 1999. Reporters were asking questions about the privacy implications of Sun’s Java/Jini technology, and he quipped “you have no privacy, get over it.” That was 14 years ago. Since then, we have seen the “web 2.0” technology drive surveillance to ever greater extremes, in the name of better advertisements. Bruce is making the strong argument that, by now, trying individual actions to protect privacy is futile. The only real solution would be political, that our elected representative pass laws that forbid such surveillance. But at the same time, there is so much “synergy” between surveillance by government and tracking by advertisers that such laws are very unlikely to get passed, let alone enforced.

I am all for political action and trying to pass such laws, but I think we should also start developing “protest technology” that actually fights back against tracking by advertisers. My pet project would be a “cookie exchange.” The idea is to mess with the tracking, so that the service end up collecting lots of fallacious information. In effect, this will poison the data collected by trackers, diminish their value, and hopefully make tracking much less profitable.

Tracking services get developers to insert a reference to their services in the web pages, typically in exchange of better analytics, or as part of a display advertisement service. When we visit web pages, the tracking services get their own cookie back. The same tracking cookie identifies a given user on many web pages, allowing for correlation and profiling. The standard defense is to “block third party cookies,” but that’s not always available. In any case, blocking cookies only reduces the total amount of information in the database.

Let’s suppose now that whenever a browser receives a cookie from a tracking site, it sends a copy of that cookie to our “cookie exchange,” and receives back a cookie that was allocated to somebody else. The next time the browser access a web page, it serves back the exchanged cookie instead of the real one. Voila, the tracking service starts getting confused, it will believe that the page was accessed by that other person. If many people play that game, the data base and the statistics will be seriously flawed.

Of course, we need to get a few engineering details right. For example, we have to check how often the local cookie should be swapped with the exchange. We have to find the right way to design cookie exchange plug-ins in the browsers. We have to look at some filtering procedure to avoid swapping the “good” cookies, such as for example the access tokens to our bank account. The exchange will have to understand the lifetime of cookies, so as to avoid serving obsolete ones. If we cannot access the browsers, we may want to check for possible implementation of the exchange inside a web proxy.

There will be a cat-and-mouse aspect to all that, with advertisers trying counter-measures, and exchange developers hacking back. But all in all it sound like fun. If you are interested by such a project, drop me an e-mail!


About Christian Huitema

I have been developing Internet protocols and applications for about 30 years. I love to see how the Internet has grown and the applications it enabled. Let's keep it open!
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s