What are cookies?

Cookies are bits of code that websites save to your internet browser. They can remember all sorts of information, making it easy to log in to a site you frequent or ensuring your favorite news site knows what regional news to offer. First party cookies concern few people. These are the cookies used on the sites where they are collected, and they usually ask first. Third party cookies are another story.

Third party cookies are often referred to as tracking cookies because they track your web browsing. The companies that do this then target ads to you, making money off the placement. This kind has been the subject of privacy concerns. State and national governments have begun making laws about appropriate notice and ways to opt out of third party cookie collection. The organizations who place these cookies want to generate marketing dollars somehow, so are looking into other means.

What trackers replace cookies?

The next trackers of concern are still considered commercial surveillance. Commercial surveillance is any way a third party may track a user’s online activities, then sell the information for marketing and advertising. It includes third party cookies but extends far beyond. Leaky forms, email collection, and pixel tracking are increasing in use.

• • • Leaky forms. Organizations using leaky forms can see the information you type into a web form without you ever submitting it. Leaky forms are a way to collect data such as email addresses without consent. When used by hackers, this technology might be called a keylogger. Some organizations that use this technology do not even know about it; they just know they use third party marketing and that it works really well.
    • Email collection. Some third-party marketers grab a hashed version of a user’s email address for their customers. This helps them identify the user across a variety of websites without ever using a cookie identifier. A big problem privacy experts have with email tracking is that you can never clear it like you would a cookie. The tracking is constant and unique.
    • Pixel tracking. Pixel tracking is a service sold by (guess who?) third party marketers that embeds a tiny image onto a web page, email, or other medium. The product is called pixel because it is a tiny image—often just 1 pixel in area. Whenever that pixel loads, the marketers get a notice. The marketing services in turn let their customer know that User XYZ (often identified by the hashed email addresses above) stopped by that page, opened that email, etc. No cookies necessary.

How can I find out more?

Get more details on the US’s concerns with commercial surveillance from Security Week’s original post. Get more details on leaky forms and pixel tracking from Wired’s original post.