- From: Jaye, Dan <DJaye@engagetech.com>
- Date: Fri, 14 Mar 1997 18:39:18 -0500
- To: 'Yaron Goland' <yarong@microsoft.com>, "'hedlund@best.com'" <hedlund@best.com>
- Cc: "'dmerriman@doubleclick.net'" <dmerriman@doubleclick.net>, "'http-wg@cuckoo.hpl.hp.com'" <http-wg@cuckoo.hpl.hp.com>
It is clear that the current cookie standard provides the potential of abuse and could be used to violate an individual's right to privacy. However, the number of web sites and applications that make use of "unverifiable transactions" for legitimate, non-privacy invading uses is significant and growing. Content providers are assimilating many different technologies to provide rich, meaningful content to visitors. An easy was to do this is to employ multiple web servers and use redirection to route the user between different applications (a search engine, a personal news delivery service, a registration system,etc.) In these type of installations, cookies are used as a means of maintaining state across the servers, which may or not be under the same domain if content is being aggregated from many providers. EVERY Fortune 500 customer that we have spoken to has multiple domains. How do they measure the effectiveness of this channel if they cannot aggregate ANONYMOUS log data into visits and visitors? If possible, we should modify the standards to prevent violations of privacy. At the same time, let's not impose restrictions that will obstruct development. In the end, if we want the media to grow and provide lots of free or low-cost content, commercial organizations are going to pay a significant portion of the costs. They will only do this if they see that it is an effective place to spend their money. Measurement is important. Effective targeting of information, content, and yes, advertising is important. There are at least a hundred small to medium web content sites who depend on advertising networks to generate revenue and traffic. One of the great opportunities of this media is the ability to provide relevant information to a visitor WITHOUT KNOWING WHO THEY ARE. At Engage we believe that it is possible to use the Web as an effective marketing vehicle without violating an individual's privacy. RECOMMENDATION: I would like to suggest that we provide a mechanism, similar to a Certificate Authority, that would allow for a "unverifiable transaction" to be verified against a list of valid site certificates. These certificates could be assigned levels, perhaps using the E-TRUST trustmarks, and users could select their privacy level according to those trustmarks. The default behavior could be for the cookies to be rejected from all non-verifiable transactions except for ETrust Level 3 (i.e., anonymous) site certificates. This is an attempt to find a solution that protects privacy and anonymity. >---------- >From: M. Hedlund[SMTP:hedlund@best.com] >Sent: Friday, March 14, 1997 5:40 PM >To: Yaron Goland >Cc: 'dmerriman@doubleclick.net'; http-wg@cuckoo.hpl.hp.com >Subject: RE: Unverifiable Transactions / Cookie draft > > >On Fri, 14 Mar 1997, Yaron Goland wrote: >> Rather my point is that I do not believe that you have helped protect >> user privacy [...] > >Okay, well we disagree on this. Besides, if you are right and there is no privacy protection, then why make any changes? Doubleclick can simply >use something other than cookies! If we afford no privacy protection in this >draft, then we do no harm to Doubleclick (and any other similar >businesses). > >> [...] but I do believe that you have hurt a lot of smaller web >> sites who are trying to make a living on the web and thus contributed to >> the reduction of diversity on the web. I believe that the outcome is >> undesirable. > >I suspect that the number of businesses who have based their whole revenue >model on cookie sharing is extremely low, and that no such outcome will >occur. > >M. hedlund <hedlund@best.com> > > >
Received on Friday, 14 March 1997 15:40:46 UTC