English

The Case for a General and Interaction-based Third-party Cookie Policy

Cryptography and Security 2015-06-15 v1 Computers and Society

Abstract

The privacy implications of third-party tracking is a well-studied problem. Recent research has shown that besides data aggregators and behavioral advertisers, online social networks also act as trackers via social widgets. Existing cookie policies are not enough to solve these problems, pushing users to employ blacklist-based browser extensions to prevent such tracking. Unfortunately, such approaches require maintaining and distributing blacklists, which are often too general and adversely affect non-tracking services for advertisements and analytics. In this paper, we propose and advocate for a general third-party cookie policy that prevents third-party tracking with cookies and preserves the functionality of social widgets without requiring a blacklist and adversely affecting non-tracking services. We implemented a proof-of-concept of our policy as browser extensions for Mozilla Firefox and Google Chrome. To date, our extensions have been downloaded about 11.8K times and have over 2.8K daily users combined.

Keywords

Cite

@article{arxiv.1506.04107,
  title  = {The Case for a General and Interaction-based Third-party Cookie Policy},
  author = {Istemi Ekin Akkus and Nicholas Weaver},
  journal= {arXiv preprint arXiv:1506.04107},
  year   = {2015}
}

Comments

In Proceedings of the 9th Workshop on Web 2.0 Security and Privacy (W2SP) 2015

R2 v1 2026-06-22T09:52:46.317Z