Since early versions of web browsers, users have had the option to disable cookies, but most users find that the option to be asked whether to accept a cookie is annoying and cumbersome, and the option to completely disable cookies removes the functionality of many popular web sites.
But new technologies that have emerged and, appear to be emerging, are renewing the debate.
As reported in the New York Times and Wall Street Journal articles above, several new lawsuits have accused web site operators of going too far. The outrage is largely focused on a type of Adobe Flash cookie that continues to track users once a visitor has left a web site and is very difficult to detect and/or delete. These new cookie uses and technologies are occurring and most of us have no idea. The appeal to retailers of obtaining this information is huge, and having the information can provide a significant competitive advantage.
Imagine if your company can know that 80% of visitors to your web site also visit the web site of Company A, but only 5% visit the web site of Company B. Which company are you going to focus your efforts with respect to marketing and pricing competition? Conversely, the pressure on Company B to also have this information is huge, otherwise they face the possibility of a competitive push by Company A, the basis for which Company B does not understand.
Plaintiffs also claim that they took reasonable steps to disable cookies, but that Flash cookies are immune from those settings and are planted on users' computers regardless of the user settings. Set your privacy settings to reject cookies, and you still get Flash and similar new breed cookies.
Retailers have for the most part said that the information is not used for marketing, but used for analytics and traffic measurement. Other retailers have not responded.
Legally speaking, the question for many comes down to disclosure and efforts on the part of web site operators to thwart our efforts to protect ourselves. Opponents argue that there is something fundamentally wrong with being presented with the option to disable cookies (which is the industries efforts to police itself without regulatory involvement), but then to have a technology that ignores that option. If web sites only want to use these new breed cookies for analytics and traffic measurement, then why not do it the old fashion way through text-based cookies? The answer for those who oppose this new technology seems to be either because the information is so valuable that web site operators do not care if you want to share this information, or because web site operators are starting down a path of changing the rules so that they can track more deeply our online habits and build a profile on your shopping habits and online behavior.
But Flash-based cookies are not the only new cookie technology on the hot seat. AOL's Download Squad blog paints the worst case scenarios of cookie iterations, for which technology does currently exist. In the example cited, cookies are copied to eight different locations, re-spawning as they are deleted and requiring a computer engineering degree and more time that most people have to track down and kill. Frankly, while I want to know more about evercookie, I was not about to click on the link to the creator's web site to learn more. Fox Mulder was right: Trust No One.