Group opposes cookie changes

A trade organization is urging the Internet Engineering Task Force (IETF) not to tinker with Web browser cookies.

The Association of Online Professionals (AOP) today sent a letter asking the group charged with developing Internet standards to abandon a proposal that would modify the cookies technology in browsers from Netscape Communications and Microsoft.

The AOP--which has nearly 1,000 members on five continents including ISPs, BBS system operators, Webmasters, online services, and IS managers--also sent the letter to executives at Microsoft and Netscape and to Christine Varney, head of the Federal Trade Commission. Among the ranks of AOP's members are Bell Atlantic, Earthlink, and Hayes Microcomputer Products.

Cookies are used to store information on users' computers as they travel around a Web site. A Web site sends a cookie to users' computer, where it serves as a digital tag that notifies the site each time the user enters. The information can be used, for example, to automatically supply a password for a subscription-only site or to collect information about an online shopper's preferences so that electronic marketers can target their offerings to that individual.

But cookies have raised the hackles of privacy advocates, who fear that the technology may cause users to unwittingly give out information about their preferences to Web marketers and publishers. Earlier this month, a coalition of ten privacy groups threw its weight behind the IETF proposal to control use of cookies.

The privacy groups included the Center for Media Education, Computer Professionals for Social Responsibility, the Consumer Project on Technology , the Electronic Frontier Foundation, and the Electronic Privacy Information Center.

But the AOP argues that the IETF proposal would create havoc for electronic commerce sites and online services, such as Microsoft Network, that make extensive use of cookies. The AOP claims such sites would waste "hundreds of thousands" of man hours reprogramming their sites to accommodate the new cookie technology.

"If there were a valid threat to privacy, or a single documented case of the technology being abused to the detriment of consumers, we might feel differently," said Dave McClure, executive director of the AOP, in a statement. "But we can't allow vague fears to dictate the technology, the structure or the growth of the online industry."

The IETF proposal would alter the protocol used by cookies so that browsers would give users more control over which kinds of cookies they want to let track their movements and which ones they want to block altogether.

Microsoft and Netscape browsers have a feature that warns users before they receive a cookie, but privacy advocates say this warning does not go far enough.

Still, the AOP maintains that privacy fears about cookies are misguided.

"Abandoning a widely used and largely effective technology just because it might possibly be abused is not a rational response to privacy concerns," the AOP's McClure said. "Given that Web browsers already are easily controlled by the user, and that no abuse of cookies has been recorded to date, adoption of the proposal would be inappropriate."