Stanford joins Mozilla in war on cookies

Stanford Law School is launching a Cookie Clearinghouse -- a centralized repository for whitelist and blacklist data on web tracking

Concerns over Internet privacy have reached a fevered pitch of late in the wake of revelations about Prism and other government surveillance programs. Some organizations are using the opportunity to tout their privacy-friendly policies and technologies. And others have joined forces to call on the Feds to come clean about the scope of the programs -- and to investigate their constitutionality.

Now Stanford Law School has stepped into the maelstrom. Backed by Mozilla and Opera, the institution's Center for Internet and Society (CIS) is launching a Cookie Clearinghouse (CCH), which is a centralized repository for whitelist and blacklist data on web tracking. In theory, "the CCH will identify instances where tracking is being conducted without the user's consent, such as by third parties that the user never visited," according to the CCH site.

"Internet users are starting to understand that their online activities are closely monitored, often by companies they have never heard of before," said Aleecia McDonald, the director of privacy at CIS who is spearheading the effort. "But Internet users currently don't have the tools they need to make online privacy choices. The CCH will create, maintain, and publish objective information. Web browser companies will be able to choose to adopt the lists we publish to provide new privacy options to their users."

Specifically, the CCH would create and maintain both an allow list and block list, based on objective and predictable criteria that are still under development. The two lists are intended to create ways for users to call out if a site's classification of a cookie is not consistent with the established criteria. For example, it could be used to flag a website that plants third-party cookies on a user's machine without the user's permission.

The CCH is right up Mozilla's privacy alley. The company has been talking up a "third-party cookie patch" for Firefox for some time now -- and has met resistance from organizations that rely on cookies for gathering user data, delivering relevant ads, and so forth.

Mozilla has delayed rolling out its patch, and not because of pressure from the Interactive Advertising Bureau (IAB). Rather, Mozilla determined that the patch was delivering too many false positives and false negatives. The CCH would provide the list-based exception mechanism Mozilla's cookie-management patch needs, according to company CTO Brendan Eich.

"Today Mozilla is committing to work with Aleecia and the CCH Advisory Board, whose members include Opera Software, to develop the CCH so that browsers can use its lists to manage exceptions to a visited-based third-party cookie block," Eich wrote.

This story, "Stanford joins Mozilla in war on cookies," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies