EPIC logo

April 7, 1997



Organizations Respond to Attack on Privacy Standard by Some Online Marketing Groups

Debate Focuses on Use of "Cookies"

WASHINGTON - Many of the nation's leading consumer, civil liberties, and children's advocacy organizations have urged an Internet standards organization to fix a problem with web browser software that allows companies and government agencies operating web sites to track the activities of Internet users.

The groups say that there is a problem with the so-called "cookies" technology. Cookies make it possible to read information on users' computers and find out where they go on the Internet. Some companies in the on-line advertising industry use cookies data to collect personal information for advertising and marketing.

The Internet Engineering Task Force, a loose coalition of technical experts responsible for the development of standards for the Internet is meeting this week in Memphis to consider a wide range of technical issues concerning the Internet, including a proposal to limit the ability of companies to use cookies.

The proposed safeguard has come under attack by several companies engaged in interactive advertising and marketing. According to a March 31, 1997 article in Ad Age, these groups are now drafting a "counter-proposal" to head-off the IETF recommendation.

Marc Rotenberg, director of the Electronic Privacy Information Center, said "We want the IETF to know that there are a lot of people who object to the current use of cookies and would like to see the problem fixed."

James Love, director of the Ralph Nader's Consumer Project on Technology said "There should never be a case where private firms and government agencies are writing and reading information on a consumer's hard disk, without explicit authorization. These transactions must be more transparent, and the users must have the practical ability to say no."

Jeff Chester, director of the Center for Media Education, said "We have to keep on-line marketers out of the 'cookie jar.' Such `Orwellian' practices to stealthily track every move made on-line, and share that information with other companies, should be prohibited.

More information about cookies is available at the EPIC Cookies Page.

Organizations endorsing the letter include the Center for Media Education, Computer Professionals for Social Responsibility, Consumer Federation of American Consumer Project on Technology, Electronic Frontier Foundation, Electronic Privacy Information Center, National Association of Elementary School Principals, NetAction and Privacy International.

To: Internet Engineering Task Force
Date: April 7, 1997
Re: RFC 2109

We write to express support for RFC 2109, the proposal for an HTTP State Management Mechanism, to address privacy concerns associated with "cookies." The proposal will allow users to exercise greater control over the creation and collection of personal information resulting from transactions between web clients and web servers.

The proposal was published by the IETF on February 18 and is already in use on the Web. Netscape has indicated that Navigator 4.0 will incorporate part of the specification.

We believe that "transparency" -- the ability of users to see and exercise control over the disclosure of personally identifiable information -- is a critical guideline for the development of sensible privacy practices on the Internet. The alternative would be the surreptitious collection of data without the ability to exercise any control.

We support adoption of RFC 2109. We believe it is important step forward in the protection of privacy on the Internet


Center for Media Education
Computer Professionals for Social Responsibility
Consumer Federation of American Consumer Project on Technology
Electronic Frontier Foundation
Electronic Privacy Information Center
National Association of Elementary School Principals
Privacy International
United States Privacy Council

and more than 100 Internet users


Mr. Bill Gates, President, Microsoft
Mr. Jim Barksdale, President, Netscape
Mr. Nathan Mhyrvold, Chief Technical Officer, Microsoft
Mr. Marc Andreesen, Chief Technical Officer, Netscape

Mr. Ira Magaziner, the White House
Commissioner Christine Varney, Federal Trade Commission

EPIC Cookies Page | EPIC Internet Privacy Page | EPIC Privacy Page | EPIC Home Page