Trilight Zone

[digital8]

In June 1997, the U. S. Federal Trade Commission's Bureau of Protection conducted a workshop on Consumer Information Privacy to help determine if federal legislation is necessary to protect privacy on the Internet or whether Internet business can be relied upon to satisfy privacy concerns [ 12 ]. Session 2 (June 11-12) was specifically dedicated to examining electronic privacy issues, and questions concerning data collection by registration and cookies inevitably arose. In Panel 1B, James Pitkow discussed the GVU User Surveys and reiterated that "80 percent of the people do not believe in persistent identifiers that can track users across sessions [and] 40 percent of the population doesn't even know that such identifiers exist." In the same panel, concerns over visitor registration were raised. Michael Kleeman, a vice president of The Boston Consulting Group, made observations on data taken from their own online survey. According to this survey, 42 percent of consumers did not provide registration information because of privacy concerns. However, Kleeman was also anxious to report that if Web sites were to meet the privacy concerns of citizens, users would no longer fear registration: "We believe that assurance of non-dissemination of personal information would have significant impact, increasing consumer willingness to participate in electronic commerce by a factor of 2 to 3. Disclosure would increase almost 50 percent alone ... ." Among other topics, the FTC hearings raised awareness of the importance of privacy concerns and seemed to culminate a period where online registration and cookies were perhaps more tolerated because of less awareness.
Perhaps as a result of the growing attention being given to cookies, both Netscape and Microsoft made an important change in the scheduled next-generation browsers. Netscape Communicator 4.0 and Internet Explorer 4.0 now include more than simply an optional security alert dialog box for the user who is concerned about receiving cookies: The new browsers contain the option that allows the user to refuse all cookies without having to click through the warnings. In addition, Netscape Communicator has an option for the user who wants to accept only the cookies that are going to be returned to the domain on which the user is logged. This option is aimed at stopping third-party cookies used by advertisers [ 13 ].

The combination of increased public awareness of cookie usage (seen in the proliferation of methods to surf more anonymously) with possible future government intervention to safeguard user privacy on the Internet suggests that the status quo will not be maintained. The consequences of these events, especially if the IETF approves the proposed cookie standard (RFC 2109) in its present form, would have a devastating effect on the use of cookies, rendering them "almost useless" [ 14 ] or contributing to the loss altogether of this protocol.

Summary of problem
No study exists demonstrating any increase or decrease in the number of sites that ask for visitor registration or enable cookies, and there is likewise no study on the use of privacy policies on the Web. Yet, as far as registration and cookies are concerned, the general consensus is that their use has been on the rise as Web sites have discovered their potential. There is a developing concern about site registration that asks for personal information and about persistent (and surreptitious) cookies; the concern about cookies is especially heated and appears to be placing the continued growth of this technology in peril. In what has become an issue revolving around Internet privacy and the lack of clearly stated privacy policies for Web sites, it is important to gauge if the Web will insist on committing to cookies in spite of their drawbacks or if a gradual return to the less problematic but still controversial visitor registration is foreseeable in the near future. In addition, it is necessary to look for any increase or decrease in the use of Web-site privacy policies - a practice that would help alleviate some of the privacy concerns of users.