Half Baked: The Opportunity to Secure Cookie-Based Identifiers from Passive Surveillance

Andrew Hilts, Christopher A. Parsons
2015 Social Science Research Network  
Documents released by Edward Snowden have revealed that the National Security Agency, and its Australian, British, Canadian, and New Zealand equivalents, routinely monitor the Internet for the identifiers that are contained in advertising and tracking cookies. Once collected, the identifiers are stored in government databases and used to develop patterns of life, or the chains of activities that individuals engage in when they use Internetcapable devices. This paper investigates the extent to
more » ... tes the extent to which contemporary advertising and analytics identifiers that are used in establishing such patterns continue to be transmitted in plaintext following Snowden's revelations. We look at variations in the secure transmission of cookie-based identifiers across different website categories, and identify practical steps for both website operators and ad tracking companies to take to better secure their audiences and readers from passive surveillance. HTTP-Based Ad Tracking is a problem Identifiers, such as those transmitted to advertisers, social networking companies, or analytics companies, are a key component of the contemporary Internet ecosystem. These identifiers are routinely stored in cookies,
doi:10.2139/ssrn.2640610 fatcat:scpnptgbkfd6dc4erp2qo4muom