Tool can resurrect deleted cookies

Out-Law News | 18 Apr 2005 | 1:11 pm | 2 min. read

A marketing company has developed a product to restore the cookies set by web sites, ad networks and advertisers when users try to delete them. New York-based United Virtualities says that too many users are deleting cookies.

The product is based on what the company calls a Persistent Identification Element, or PIE, which is "tagged to the user's browser, providing each with a unique ID just like traditional cookie coding," according to United Virtualities.

The company boasts that PIEs "cannot be deleted by any commercially available anti-spyware, mal-ware, or adware removal program" and that they "even function at the default security setting for Internet Explorer."

Mookie Tenembaum, founder of the US company, said: "All advertisers, web sites and networks use cookies for targeted advertising, but cookies are under attack."

Jupiter Media reported last month that as many as 39% of on-line users may be deleting cookies from their primary computer monthly.

Tenembaum continued: "From simple frequency capping to the more sophisticated behavioural targeting, cookies are an essential part of any on-line ad campaign. PIE will give publishers and third-party providers a persistent backup to cookies effectively rendering them unassailable."

It offers two types of PIE: AccuCounter PIE, a cookie replacement that counts unique users accurately; and Backup PIE, a PIE that not only counts unique users but also recognises the visitor and restores any erased cookies.

"The erasing of cookies threatens many cookie-dependent server-side applications from registration to targeting to traffic counting," said Mr Tenembaum. "PIEs are a cookie support product that ensures persistent identification of the users.

"Implementation of the PIE technology is instantaneous and requires the insertion of just a line of code, according to the company. According to an article about the product by Information Week, the system relies on a feature of Macromedia Flash MX called Shared Objects.

The tag placed by the PIE technology is a Shared Object that contains a unique ID similar to the text found in a cookie. Information Week notes that, while consumers have learned to delete cookies, most are unaware of Shared Objects and don't know how to disable them.United Virtualities plans to sell its PIE technology to publishers and networks who are worried about cookies being deleted.Clearly the tool, which appears to withdraw control from the individual, will raise privacy concerns. But in the UK, the serving of cookies is controlled by law.

The Privacy and Electronic Communications (EC Directive) Regulations of 2003 say that, when storing a cookie or any other information on a visitor's computer, the visitor must be "given the opportunity to refuse the storage of or access to that information.

"In effect, these UK Regulations require that web sites give users information about their use of cookies, and the ability to delete cookies that have been sent to a user's machine.

OUT-LAW was unable to reach anyone at United Virtualities for comment at the time of writing. But on the face of it, the PIE technology appears to interfere with a person's decision to refuse cookies. And if the PIE technology stores any information on a user's hard drive, either as a cookie or by any other means, the user should be given "clear and comprehensive information about the purposes of the storage of, or access to, that information" – otherwise the Regulations are breached.