We May Need to Pay for Internet – For Our Own Good

Sarah Abraham, TIR, 2 September 2014: The Internet – can we live without it! A vast, cross-referenced galaxy of information, boredom busters and procrastination enablers, which is also free – that is what the Internet has turned into. Everybody with Internet access has a voice, everybody with a computer can make their opinions known and everybody can find out just about anything they want. Ever heard the saying ‘There’s no such thing as a free lunch’? Have you never wondered what the catch is?

We do pay

We’re not talking about what you pay your broadband service, or let’s be more realistic – for the cup of coffee you spend four hours sipping because you get free WiFi. We’re talking about information, which is now money and power.

Making money from the Internet, rather than from a service sold on the Internet, is not easy and it’s one of the most puzzling questions that media houses are trying to answer. Traditional media get their money from advertisements, with subscriptions mostly being fairly nominal. With the Internet, barely anybody pays for subscriptions, and banner ads and the like are fairly useless. Really, how many times have you ever clicked on an ad? You probably use an ad blocking software anyway. So how do you run your website?

The answer is in information. Browsers give you more control over what kind of information you’re giving up, and people behind websites find new ways of getting information. So what kind of information do we generally give up?

Third-party cookies:

Just placing an ad on a website and getting paid per click doesn’t help too much. So websites let these third-party websites – the ones who pay for a presence on the website, but ones you, the user, are not interested in at all – place cookies on your browser as well. These are usually tracking cookies: they will report back to the website what your ip address is and the browsing pattern of that ip address.

First-party cookies make sense for you as a user: it can make sure that when you go back to a website, you get more of the kind of content you browsed earlier, it can make sure that your username is remembered, and you might get advertisements that are more tailored for you, which might even mean sales and offers that you might really be interested in. If you frequent a website, it’s like your browser has a relationship with it: it knows you, and it will be better at giving you what you want. This can simply make your online life easier, especially if you trust that particular website.

But third-party cookies don’t send all that valuable info over to the website you frequent – they send it all over to the advertiser that you don’t want to frequent, or want in your life at all. Using third-party cookies, they might be creating your online profile. Here’s how it works: most such advertisers have a presence across multiple websites within the same sector. Let’s take sports sites, for instance. Quite a few sports sites will have cookies from the same advertiser. Every time you visit one of these sites, the cookie sends this information on.

So if you visit six sports sites, you will be packaged into the lump group of ‘sport junkies’ (we assume) and the lump group can be information sold for targeted advertising: It’s like saying ‘here’s a bunch of people very definitely interested in sports, go on and advertise specifically for them!’ This effectively means that your browsing habits are being packaged ready for selling, and you have no control over who gets it. If you don’t erase your cookies after every browsing session, you will be categorised as ‘the chappie who came here 89 times in the last six days and the other sports site 78 times in the last six days, he’s here again, does he have nothing else to do’.

Tracking cookies also go on to track, apart from how often you go where, exactly what you do on that particular site, how long you stay on it, where you click – basically, all your online habits, with your unique signature.

Zombie cookies and Evercookies:

So now that you know what third-party cookies can do, you can simply make sure that you disable third-party cookies on your browser, which might mean that a few websites will not load – they won’t load unless you pay with your information – but you’ll know what you’re getting into. Right?

Sorry to crumble your cookie, but here’s when you need to know about zombie cookies and Evercookies. These are basically cookies that will get their claws into you even if you disable third-party cookies. Zombie cookies help connect the data previously collected by a third-party cookie from your browser with the new data, even if in the interval, you wiped your browser clean (or so you thought) of all cookies. Using a different browser will not help, either, because zombie cookies are stored in a folder common to all browsers. Basically, if you visit them once, you can try to delete the cookies as much as you want, but they’ll just keep coming back from beyond – hence the name.

Evercookies are probably even stranger – they can track you even if you use a secure browser like Tor (which we highly recommend). Here’s the explanation from the project itself:

Evercookie is a javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they’ve removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others.

Evercookie accomplishes this by storing the cookie data in several types of storage mechanisms that are available on the local browser. Additionally, if Evercookie has found the user has removed any of the types of cookies in question, it recreates them using each mechanism available.

To put simply, this means that the cookie just will not go away. It replicates itself in different locations on your system, which means that it’s nearly impossible for the average user to find and delete them all. This means that all activity from that particular computer can always be linked to make a cohesive and very complete internet profile of the usage from that particular computer, because everywhere you go, you will be sending your computer’s signature, and every website that can read that signature will immediately recognise it, adding that particular tidbit to your Internet profile. You cannot just erase them like regular third-party cookies.

But we really cannot blame the Internet for this: if we refuse to pay these websites for their content, they will find people who will pay them for our information, because these websites do need a source of revenue to continue existing. In the long run, subscription or money might be a much cheaper price to pay than this: being profiled and sold to whoever can pay for our information.