Half Baked: The Opportunity to Secure Cookie-Based Identifiers from Passive Surveillance

Hilts, Andrew; Parsons, Christopher A.

doi:10.2139/ssrn.2640610

Download This Paper

Open PDF in Browser

Add Paper to My Library

Half Baked: The Opportunity to Secure Cookie-Based Identifiers from Passive Surveillance

9 Pages Posted: 7 Aug 2015

See all articles by Andrew Hilts

Andrew Hilts

University of Toronto, Munk School of Global Affairs, Citizen Lab

Christopher A. Parsons

University of Toronto, Munk School of Global Affairs, Citizen Lab

Date Written: August 6, 2015

Abstract

Documents released by Edward Snowden have revealed that the National Security Agency, and its Australian, British, Canadian, and New Zealand equivalents, routinely monitor the Internet for the identifiers that are contained in advertising and tracking cookies. Once collected, the identifiers are stored in government databases and used to develop patterns of life, or the chains of activities that individuals engage in when they use Internet-capable devices. This paper investigates the extent to which contemporary advertising and analytics identifiers that are used in establishing such patterns continue to be transmitted in plaintext following Snowden’s revelations. We look at variations in the secure transmission of cookie-based identifiers across different website categories, and identify practical steps for both website operators and ad tracking companies to take to better secure their audiences and readers from passive surveillance.

Keywords: snowden, encryption, cookies, advertising, signals intelligence, security, ssl, tls, surveillance, privacy

Suggested Citation: Suggested Citation

Hilts, Andrew and Parsons, Christopher A., Half Baked: The Opportunity to Secure Cookie-Based Identifiers from Passive Surveillance (August 6, 2015). Available at SSRN: https://ssrn.com/abstract=2640610 or http://dx.doi.org/10.2139/ssrn.2640610