Cookies store small files upto 4KB that store small amount of information about a certain website.  The main purpose of cookies is to identify users and possibly prepare customized web pages for them. You can delete and block the cookies from your browser. Marketing companies love them because they uniquely identify visitors. If you have willingly enabled the cookies, then this sort of information tracking is useful for you as they help the advertisers to show advertisements according to your interests. The industry has estimated that nearly 80% of online display ads are based on tracking data.

But wait you will be surprised to here this, a few website are using a new kind of cookies to collect your data and you cannot delete them from your computer as they store the cookies in some alternate storage area. These cookies are known as “Super Cookies”. These supercookies are capable of re-creating users’ profiles after people deleted regular cookies. Additionally, supercookies not only track users’ activities without their knowledge, they are also notoriously hard to remove. While the traditional cookie file restricts itself to a particular website, supercookies can track and record user behaviour across multiple websites. Not only is this bad news for users who thought simply un-checking an option in their browser settings (or deleting the files altogether) could keep them safe from privacy-gobbling cookies, it also provides another way for criminals to commit identity theft.  Supercookies can store up to 25 times more data then a regular cookie.

Who Found SuperCookies

Stanford researcher Jonathan Mayer, a Stanford Ph.D. candidate, identified what is known as a “history stealing” tracking service on Flixster.com, a social-networking service for movie fans.

Mr. Mayer determined that the history stealing on those two sites was being done by Epic Media Group, a New York digital-marketing company. Charter and Flixster said they didn’t have a direct relationship with Epic, but as is common in online advertising, Epic’s tracking service was installed by advertisers.

Stance on SuperCookies

Websites like MSN.com, Flixster.com and Hulu.com are using these cookies to track the activities of users online. Here is what Microsoft has to say on this

Microsoft:

Mike Hintze, associate general counsel at MSN parent company Microsoft Corp., said

“was brought to our attention, we were alarmed. It was inconsistent with our intent and our policy.”

Hulu:

Hulu posted a statement online saying it

“acted immediately to investigate and address”

It declined to comment further.

Flixster:

Flixster was also using unauthorised tracking to look into the web history of its customers – including matching their history against more than 1,500 websites. This information was being used to enhance the type of advertising presented to the user upon his or her visit. Like Microsoft, Flixster denied having knowledge of this and blamed a digital marketing company whose technology was being used by the website.

Epic Media Group:

Epic Media Group is a New York digital-marketing company. As per the research of  Jonathan Mayer Epic Media is stealing the history from the website like MSN and Hulu. Here is what Epic Media representative have to say on this

“Company was inadvertently using the technology and no longer uses it. He said the information was used only to verify the accuracy of data that it had bought from other vendors”

Security experts:

Security experts say there is little to fear since the cookies are marketing focused and don’t collect details of your accounts, your passwords or other specifics about your finances. Raj Dandage, security engineer and CTO of mobile application development firm Appguppy Mobile says

“Supercookies cannot harm your computer or steal data from your hard drive,”

Michael A. Davis, CEO of the IT consulting firm Savid Technologies says

“These cookies do not provide any authentication or proof to the bank… (that) you are who you say you are.  They merely are used to help track you and provide better advertising while you browse.”

Privacy Groups:

Amber Yoo, spokeswoman for the advocacy group Privacy Rights ClearingHouse says

 “The bottom line with supercookies is that companies need to respect the wishes of consumers . If a consumer effectively ‘opts out’ of being tracked by deleting cookies, companies should respect that opt-out and not re-spawn previously deleted cookies. When will companies learn that the best way to gain customer loyalty is to be transparent and let users make decisions about how their data is collected and shared?”

Congressmen Seek Answers to Supercookies

The co-chairs of the Congressional Bi-Partisan Privacy Caucus, Reps. Edward Markey (D-Mass.) and Joe Barton (R-TK), sent a letter Tuesday to the Federal Trade Commission seeking answers about the “supercookies”. Here is what they have to say

“We believe this new business practice raises serious privacy concerns and is unacceptable,”

How to Get Rid of SuperCookies

With a little time and effort you can manually wipe these supercookies from your computer, but clearing out all the supplementary bits of code that transform a regular cookie into a supercookie is a time-consuming process. For example, to prevent Flash cookies you’ll need to visit the Adobe Website Storage Settings panel and click “Delete All Sites” to clear out any data stored in Flash on your computer, then hop over to the Global Storage Settings panel and disable third-party Flash content from storing data on your computer in the future.

Unfortunately, doing so also ruins the experience of visiting many restaurants, retailers and really any organization that relies heavily on Flash content. If you’re willing to download some free software, it’s easier to clean out any supercookies hiding in your computer with utilities like SlimCleaner and CCleaner. SlimCleaner is an especially smart choice if you are worried about supercookies, as it incorporates an IntelliCookie feature that allows you to save cookies from trusted sites like your bank while deleting everything else. Mac-compatible versions of both utilities are available, though OS X users can also download the free Flash cookie removal app Flush.

The final step in safeguarding your privacy online is installing third-party software that blocks supercookies from infesting your browser in the first place. Firefox extensions like BetterPrivacy and NoScript make it easy to selectively filter what web scripts are allowed to run on your computer, ensuring that online marketers will have a difficult time tracking you without your permission. You can find out exactly how trackable you are by pointing your browser at the Electronic Frontier Foundation’s Panopticlick website and taking their free browser fingerprinttest, which rates how easy it is to uniquely identify you based on what information your browser is sharing and saving. Prepare for the test with these simple precautions, and I think you’ll be pleasantly surprised with the results.

A few website’s also say that there is not need to do any thing as the information that super cookies are saving is not harmful.

 

So, what do you think after reading all this ?

References:

http://www.dawn.com/2011/11/17/one-hard-cookie.html

http://online.wsj.com/article/SB10001424053111903480904576508382675931492.html

http://blogs.wsj.com/digits/2011/09/27/congressmen-seek-answers-to-supercookies/

http://blogs.reuters.com/reuters-money/2011/10/03/how-to-protect-your-computer-from-supercookies/

http://www.pcworld.com/businesscenter/article/238895/how_to_protect_yourself_from_supercookies.html