Google and Third Party Cookies...
I remove my cookies every so often just to reset my click stream with sites I visit. Well, today when I did that, I also changed the settings in Firefox that determines how long to keep a cookie.
I have to say that I was completely shocked to see that when I use Google, some of my keywords cause cookies to be written with third party domains! For example, when I search for 'cars' I'm asked to set a cookie for www.cars.com.
Since it is a Google page, and there isn't any banner ad this must be coming from Google.
I experimented a little with this and found some interesting behavior.
These cookies were set, even though I've always had the set cookies 'for the originating site only' check box checked. Checking that box apparently prevents third parties (like ad networks that set cookies for cross site tracking) from setting cookies, but since Google IS the originating site, they can set the cookie on behalf of their advertisers. No problem.
Technically, this may not be a 'third party cookie' since its set by the originating site, and I'm pretty sure that browsers are easily fooled into setting a third party domain cookie since it's coming in on the same TCP connection (whereas, a cookie coming from an ad insertion server would be a different TCP connection and easily identified as not from the originating site).
If this really is the case, I hope (request) that Firefox enhances their cookie management so that it checks the contents of the cookie to see if the written domain matches the domain of the originating site. This would prevent this.
There's only one word for this: Evil
I read Google's Privacy policy and there is no mention of third party cookies anywhere. I searched for more info on this and there is a forum posting at WebMasterWorld, but I can't access it.
I don't think there is any question that Google is selling third party cookies, but I would like them to be more clear about this policy.
I have to say that I was completely shocked to see that when I use Google, some of my keywords cause cookies to be written with third party domains! For example, when I search for 'cars' I'm asked to set a cookie for www.cars.com.
Since it is a Google page, and there isn't any banner ad this must be coming from Google.
I experimented a little with this and found some interesting behavior.
- When I search for 'cars' an AdWords link appeared for www.cars.com and an attempt to set a www.cars.com cookies is made.
- When I search for 'Amazon' an AdWords link appeared for www.amazon.com and an attempt to set an Amazon cookies is made.
- When I search for 'Walmart' no AdWord link appeared, but an attempt to set a Walmart cookie is made anyway.
These cookies were set, even though I've always had the set cookies 'for the originating site only' check box checked. Checking that box apparently prevents third parties (like ad networks that set cookies for cross site tracking) from setting cookies, but since Google IS the originating site, they can set the cookie on behalf of their advertisers. No problem.
Technically, this may not be a 'third party cookie' since its set by the originating site, and I'm pretty sure that browsers are easily fooled into setting a third party domain cookie since it's coming in on the same TCP connection (whereas, a cookie coming from an ad insertion server would be a different TCP connection and easily identified as not from the originating site).
If this really is the case, I hope (request) that Firefox enhances their cookie management so that it checks the contents of the cookie to see if the written domain matches the domain of the originating site. This would prevent this.
There's only one word for this: Evil
I read Google's Privacy policy and there is no mention of third party cookies anywhere. I searched for more info on this and there is a forum posting at WebMasterWorld, but I can't access it.
I don't think there is any question that Google is selling third party cookies, but I would like them to be more clear about this policy.
3 Comments:
Couldn't somebody come up with a whitelist-based cookie blocker, like NoScript javascript blocker which I have on my Firefox?
It's due to Firefox prefetching the first page listed in Google's free, regular search results. They explained this last March, and it's on the site, though easy to overlook. I certainly didn't remember it at first. More details here, http://blog.searchenginewatch.com/blog/060124-124030
Google is not setting third party cookies. It's Firefox prefetching the first search result.
See follow-up post.
Post a Comment
Links to this post:
Create a Link
<< Home