|
|
|
|
|
|
by gearhart
4106 days ago
|
|
|
This article is completely incompetent. Firstly - any number of cookies from a single domain are equivalent, you can always use whatever identifier is in the cookie's data to store and retrieve an arbitrary amount of data about the user. That there are lots of them implies either that the site is using a bunch of different front end libraries / components that don't talk to one another (which is irrelevant from a privacy perspective) or that more data is being stored/cached directly in the browser rather than being retrieved from a remote server which is the opposite of a privacy issue, since it's keeping your data in your browser. Secondly - cookies are one of: "session", "expiring", "perpetual". With the first set to expire when you close the browser, the second expiring at some period between now and when your browser/cache/computer/operating system gets wiped or replaced (i.e. ~<12 months) and the third expiring at any arbitrary date after that (i.e. anything with an expiration date of more than ~12 months is the same, who cares if it's two years or ten thousand). It's horrifying that this is a study paid for with public money and fed back to the public from a source purporting to be an expert. Edit: by saying "from a single domain" I'm expressly avoiding the differentiation between first and third-party cookies - it obviously makes a difference how many third parties you share data with, which defensibly has some relationship to the number of different domains that serve third party cookies on a site. |
|
|
The article is accurate and provides details of the methodology and results. Of particular note, if you look at the report, is that two thirds of cookies on UK sites are third-party ones. That's a significant number, and means the average site places 30 third-party cookies on a users machine.
Your proviso about being 'from a single domain' is pretty much irrelevant – that's not the issue at all!