Accept cookies? Most users just click on the little accept button, but have no idea as to what they have just agreed to! I mean, all they are after is just to get on to that website.

I am sure it's a familiar scenario in every internet users daily life, you visit a website and before the site is fully loaded you are forced to accept cookies! Accept and then you can enter the site! Stand and deliver! But, do you understand why sites are forced to announce that they have cookies? It's a deep, deep rabbit hole and the cookie jar is way worst then just the cookies inside it!

Most people think a cookie is to identify a recurring user or to get better analytics. A cookie can also be used to keep you logged on to a website or, as with Amazon and other shopping sites, to remember what you have in your basket. These kinda cookies seem reasonable but they can also be used to create an online profile of you. And worst yet, to sell these profiles to advertisers and other third parties.

Re-targeting ads!

Let's say that you're looking for a new cellphone on some website and a little while later you visit another website and boom! there are cellphone ads all over it! Or you researched on "is my girlfriend pregnant?" and shortly afterwards you get baby clothes or even pregnancy tests as ads! Those cookies were crumbled and the 3rd parties went to work and they are so good then when you did eventually get your shiny new iPhone 11 Pro online, that all of a sudden you stop seeing iPhone ads anymore, but instead are bombarded with ads for covers for a new iPhone 11 Pro.

Now let's assume your girlfriend is pregnant and you purchased a book online about parenthood, those cookies got handed round and now you'll now also get ads for toys and starter kits for new babies. You are a targeted person! Amusingly, your cellphone will offer you an opt-out from targeted ads, that does not mean you have opted-out, but the offer sounds great, haha!

Analytics and the entity that is the King Monster here, Google, work in the same way. Your data is harvested, sold on and goes to feed the monster. Some might think "isn't it great that my computer knows exactly what I want?" And you could be right, it is convenient to see targeted ads for products you actually (think you may) need. And it's sure great for Amazon, which utilizes AI to figure out what you want, before you know you want it! The system driving the service...and such an invasion of your privacy and frankly we don't have much of that left, so it's well worth fighting for.

I've covered Facebook and the creation of shadow profiles previously, these are basically Facebook accounts for people who don't have Facebook accounts! But Facebook is not the only one with pseudo-profiles. Most people have such profiles, and with multiple companies, which in turn are shared and sync'ed, knowing that you believe you've protected yourself perfectly online.

A VPN or Tor won't help you much if you can be traced by behavior or cookies. In the end, they know that you are using a VPN or Tor. I still recommend that you use the Tor browser, but be smart about it! Have 2 browsers maybe even 3, one for banking, one for online accounts and Tor for everything else, because if you log in to Facebook or any other service with your Tor browser, you just updated your profile.. A slip in an email or anything that gives away that you are on Tor and all you have achieved is telling the profilers that you use Tor as well.

Google, Facebook, Xandr or Liveramp, and many others are profiling you, then trading or selling your data. Even when not logged in these companies will also attack your Facebook account and know exactly who you are, who your friends are, what your dog's favorite food is and what underwear you got your wife for Christmas. They knew that before you did, because they targeted that underwear at your browser. They basically pictured your wife in that underwear before you did. Some websites even share your email address and attach it to the 3rd parties or your Facebook account, even if you didn't actually use that email on Facebook. Yeah/ Exactly! That is how your friends show up in your feeds! But they can also target you with Facebook ads and even spam mails this way. Data is king and its' misuse is monstrous!

Real Time Bidding!

Your user profiles are sold in real time or even auctioned in real time to advertising agencies, this bidding takes mere milliseconds and can be performed whilst the site is loading. Hundreds of companies get an alert and bid in real time. This is not just to bid and buy but to then sync their existing data on you and produce an even more up to date and accurate profile on you to assist them to target the next bid for your advertising spot. They also check, in real time, your browsing history for the last few weeks, months or even years to know if it might be time for another holiday or they know that because you just checked on a website about your favorite hotel.

Most of these auctions happen over Doubleclick (owned by Google). Hundreds of companies are bidding in real time and the winner paying a few cents and you seeing their ad...all the time making Google richer and richer.

What can you do?

Try to read your favorite site via RSS, find sites what are not forcing you to accept cookies, perhaps more responsible sites which don't use Google Analytics. Plausible or GoAccess, for example, can do the same for a site owner as Google Analytics does, but without invading privacy or worse, selling on your data.

For more on this whole area, check out my recent chapter from the Privacy Cookbook:

Privacy Cookbook - Chapter 9.0 - Analytics
As a regular reader of the decentralize.today you’ll know that I’m not a fan of anything that invades your privacy, sells your data and tracks your every move. Sadly, most websites take the easy way out when it comes to stats and choose Google ANAL-ytics! But you know you can actually run analytics…

If you come to a website that has 'cookie settings' on it, use them! This feature directs you to another page where you can select what you accept. the beauty here is that it is not allowed to have 'accept' pre-selected, so a simple save of this setting will suffice. A cookie then makes sure that your browser remembers this setting next time you visit that page/site.

I, personally, recommend never accepting cookies (from strangers), if that option is available. However, if they won't let you enter a site until you actually accept one then maybe just find a better website! Privacy is a fundamental human right and privacy on the internet starts with not being forced to leave tracks. A VPN won't help you hide who you are, but a cookie-free world would surely help you be a little more private online.

Last but not least, when you have a 'cookie delete' add-on or a 'delete all cookies' option when you close your browser, that won't delete your profiling. It just lets you accept cookies you've already accepted again, making their database entry on you even more accurate.