حقوق فناوریهای نوین (Mar 2025)
Cookies and the ability to invade privacy in cyberspace
Abstract
Today, protecting privacy in cyberspace is a major concern for the people of the world. The lack of a single organization that can manage the online space with its restrictive and strict rules has caused some websites to use small text files called cookies to collect data from users and use them for marketing in advertising networks and use third-party websites with the help of different technologies... Although it can be argued that this is a kind of marketing strategy and in most cases, it is not dangerous. However, this can lead to security concerns and privacy violations because most websites do not ask permission to use cookies and set them in the user's browser. The main question in this article is how and to what extent cookies can violate users' privacy. In response, we will say that although cookies play an essential role in enhancing the user experience and facilitating personalized interactions on the web in the broad digital technology landscape, they also come with risks that users should be aware of them. In general, there are two main risks; the first risk is a violation of users' privacy and the second risk is a security vulnerability. 1. Introduction In cyberspace, privacy is the most important concern. Everyone who is online likes to keep their privacy safe. One of the things that can violate this privacy is internet cookies, which are designed to exchange information between the user's browser and the website Cookies contain all kinds of information needed to navigate the desired website. For this reason, they are very important for e-commerce companies and advertising agencies. Almost in most web browsing, we are given a notification that "This website uses cookies to improve your experience. Do you agree with that? or a phrase like this. We usually click " yes" without thinking because we want to see the content. but should we accept cookies? Accepting cookies can create serious security risks; since cookies are stored on the hard disk as text files, any intruder can easily open these files and view the information. Additionally, all sites that collect information from cookies are not legitimate. Some of them can use cookies for hacking purposes. However, in this article, we are looking for an answer to the question of whether the use of cookies can violate our privacy. And how? 2. Methodology The present research has been done using the descriptive-analytical method and by studying various documents and sources. Data collection was through library research, legal research centers, and access to books, articles, theses, journals, and websites. 3. Results and Discussion Nowadays, cyberspace has made it easier than ever to violate privacy, which is closely related to the personality of people; In such a way that criminals attack human life in all parts of the world, regardless of geographical boundaries, away from the controlling eyes and gaze of others and free from the inspection and surveillance of others. With the advent of computer technology, it is possible to plan and violate privacy and steal private and confidential information of individuals more than in the past with very high accuracy and clarity. (Qanad and Alighli, 2020, 306) Cookies play an essential role in enhancing user experience and facilitating personalized interactions on the web. However, behind their harmless appearance, there is a domain full of possible dangers and harms that may endanger the user's privacy and security. Although cookies can be blocked as said earlier some websites become not as effective when we don’t accept them. Some of us simply use the websites and to get the full functionality accept the cookies unwillingly and are concerned about our privacy and tracking. (Jegatheesan, 2013, p. 2) Cookies are set by the websites we visit or even sometimes by the third-party websites that involve in marketing, ad serving. There are even chances that we get cookies from websites we have never heard of or never visited but those websites are associated with the websites we visit. These websites do various activities like advertising, help in marketing the brand or product, increase revenue or even track the users. These websites may set cookies that can track the movement of users from one website to another website and can consolidate the personal data and sometimes making it available for anyone with commercial interest. And this is where we have to worry about the invasion of privacy, because the information collection cookies are not nearly as obvious, and the websites don’t simply stop at tracking, they start showing adverts, campaigns are done around you to force you to buy or look at something for the fact that you had once of frequently interested in something. This eliminates the ability for us to look for new things, in simple ways we are restricted from being shown something new and we are always shown the same things, given preferences of something we did already. (Ibid, 2013, p. 3) Tracking cookies can actually be a threat to user privacy. Because tracking cookies collect data about people's behavior on the Internet, it is absolutely essential for website owners to allow their users control over which cookies they accept. According to the General Data Protection Regulation (GDPR), every web user must have the option to accept or reject cookies when browsing the Internet. And if any website does not provide this option to its users, it violates the general data protection regulations. Also, according to the general data protection regulations, users have rights in relation to their personal data, such as the right to access, modify, limit, withdraw consent, protest, portability, and erasure. In addition, they have the right to object to automatic decision-making profiling, and processing of their personal data for direct marketing. (Article 15-22) Another concern with cookies is security issues with cookies. When they are manipulated by malicious entities, they also pose a significant threat. Attackers can use various techniques such as session hijacking, cross-site scripting, cross-site request forgery, etc. to abuse cookies in malicious activities. (Layeeq, 2024, p. 3) The current uses of cookies tell us why users should be concerned about their privacy being violated. When a user enters the Internet and registers his name or fills out a form online, he actually makes a profile of his personal information available to various companies. Many companies also use cookies to collect personal information of users and make profiles. In fact, companies do not use personal information only to provide products or services, they also use this information in various political and social cases. Awsat et al., (2020, 1354) "The author of “Four Ethical Issues of the Information Age,” talks about how profiling violates privacy when he states: “You or I may have contributed information about us freely to each of the separate databases but that by itself does not amount to giving consent to someone to merge the data. (Mason, 1986, pp. 5 - 12) Websites and companies that conduct online marketing through cookies must have clear policies and provide clear options to individuals on how to store, use, or transfer personal information. This increases the informed choice of users regarding their consent for any activity, correct and free use of the Internet space. Providing clear opt-outs allows people to exercise control when using online web services. Some people may want to visit a website without any record of their online behavior being kept. So it's a good idea to provide a simple tool to opt out of ad targeting using behavioral data. It's a legal requirement under privacy and electronic communications laws to tell a person when information is going to be stored on their device, For example, in the form of a regular cookie, or a flash cookie, and give him the opportunity to refuse this. It is also a good idea to give users relevant advice on how to use their web browser settings or the choices provided on the website itself to allow the user to maintain their online anonymity. For example, by ensuring that their identifying information is deleted at the end of a session or any other similar solution. 4. Conclusion In the broad landscape of digital technology, cookies play an essential role in enhancing the user experience and facilitating personalized interactions on the web. However, behind their harmless appearance, there is a large volume of potential risks and harms such as tracking and profiling, challenges related to cookie management, and security risks that can endanger the privacy and security of users. As discussed so far, there are two main risks from cookies that affect all other risks; One risk is invasion of privacy and the second risk is security vulnerability. Cookies can track our online activities on different websites over time and create a profile of our interests and preferences. This information can be used by advertisers to target us with personalized ads, or the data can be sold to third parties without our consent. Personal data and its processing are not permitted without obtaining the express consent of the person, and if permission is obtained, it can be used only for the purpose of the person's consent. Regarding security vulnerabilities, it should be said that in some cases user data and communications may be used by governments for the benefit of national security or any other similar concern. But there are other ways that our data may be misused and stolen. Where cybercriminals and hackers can exploit cookies to access our account information or steal sensitive data through a process called cross-site scripting. Additionally, hackers execute or inject malicious scripts into a trusted program or file, such as a cookie, to do their nasty work. However, when viewing cookies, users always have a concern and a feeling of insecurity about violating their privacy and stealing their information. In general, it seems that there is a possibility of violating privacy and compromising personal data with cookies on a small scale.
Keywords
