EMBARGOED FOR RELEASE

Monday, November 27, 2000

Kathy Daly-Jennings, Persona, 303.410.4679

got cookies?

WASHINGTON, DC—The holiday shopping season is upon us.  Malls and stores are filled with shoppers, colorful displays, and merchandise.  In addition to in-store shopping, millions of consumers are expected to go online to make an estimated $10 billion in holiday purchases.  Indeed, online merchants have been busily preparing for the unprecedented numbers of holiday customers who are anticipated to visit their websites and make purchases.[1]

“As more and more people venture online to make holiday purchases, consumers need to learn how to protect themselves.  This is particularly true with regard to Internet cookies,” says Jean Ann Fox, Director of Consumer Protection for the Consumer Federation of America (CFA).

Regrettably, a recent Pew & American Life public opinion poll revealed that a whopping 57% of Americans don’t even know what an Internet cookie is.[2]

“Though the name is synonymous with the tasty baked goods many of us enjoy during the holidays, Internet cookies are small pieces of computer code that are being stored on your computer by websites you visit,” explains Kathy Daly-Jennings, Vice President of Marketing for Persona.  “These are then used to track your online activities, provide personalized content, and deliver targeted advertising.” 

Most cookies collect anonymous click-stream data; other cookies store the personally identifiable information that consumers divulge when they order merchandise, request materials, or register to gain access to websites.  While cookies provide an effective way for websites to personalize your online experience, too much of a good thing may be hazardous to your privacy. 

“To protect themselves,” says Susan Grant, Director of the National Consumer League’s (NCL) National Fraud Information Center, “most consumers need to exercise control over the cookies that have been or will be stored on their computers during the holidays and throughout the year.”

Today, CFA, NCL, and Persona released cookie control recipes for consumers to use to identify cookies that have been placed on their computers, delete cookies of questionable or unknown origin, keep cookies from trusted companies (like merchants, airlines, banks, & other companies with which they do business), be prompted when cookies are being placed, or disable the placement of cookies altogether.

While most consumers need to exercise greater cookie control, the groups warned that:

• Some websites insist that users accept cookies and may not work properly or may deny access if cookies are disabled;

• Having your computer warn you every time a cookie is about to be sent to your hard drive can be annoying and may make your online experience more cumbersome;

• If you delete cookies, personalized websites you have registered with will no longer be able to recognize you and you will need to re-enter your original user ID and password to gain access; and

• Deleting or eating cookies periodically still permits sites to track what you are doing online for short periods of time (i.e., the time between different cookie file deletions) but thwarts attempts to discern and record your actions over a long period of time.

*     *     *

The Consumer Federation of America is a non-profit association of some 260 pro-consumer groups that was founded in 1968 to advance the consumer interest through advocacy and education.

The National Consumers League, founded in 1899, is America's pioneer consumer organization.  NCL’s mission is to identify, protect, represent, and advance the economic and social interests of consumers and workers.  NCL is a private, nonprofit membership organization.

Persona, a Colorado-based company dedicated to enabling consumer control of personal information online, believes that shopping on the Internet does not need to be an intimidating or personally revealing process.
 

COOKIE CONTROL RECIPES

Since the ingredients vary if you are using a Windows or a Macintosh computer, two different recipes are provided.  Similarly, different actions may need to be taken if you are using Netscape or Internet Explorer web browsers.

FOR WINDOWS COMPUTER USERS

Step 1:  “Got Cookies?”

Click the “Start” button, using the pop-up menu, go to “Find” or “Search” and then click on “Files or Folders.”  When the “Find All Files” or “Search For Files & Folders” window pops up, in the blank under “Name & Location” or “Search For Files & Folders Named,” type “Cookies.”  Make sure the search is being conducted on your “local hard drive” (usually the C-drive) and then click “Find Now” or “Search Now.”  Open the cookies text document by double clicking on it.  You should see an “Index” or “DAT” file as well as individual listings for the various cookies that have been placed on your machine.

Step 2:  Delete Cookies

In Netscape, you can delete a cookie by clicking on it and hitting the delete key.  Be sure to save your edited cookie file.

In Internet Explorer, you can delete a cookie by clicking on it and hitting the delete key.  If you wish to delete all cookies, highlight the “Index” file, click on “Edit” at the top, and select “Invert Selection.”  This should de-select the index file and highlight all of the other cookie files.  If you hit “Delete” or “X”, these files will be removed.

Step 3:  Disable Or Prompt For Cookies

In Netscape, select the “Edit” pull-down menu, and select “Preferences.”  In the white “Category” column, select “Advanced.”  In the “Cookies” section, Netscape gives you four choices – to accept all cookies, to accept only the cookies that get sent back to the originating server (and thus do not stay on your hard drive), to disable all cookies, or to warn you every time you are being asked to accept a cookie.  Select your desired option and click “OK.”  Close and then re-start Netscape to begin browsing with your selected level of protection.

In Internet Explorer, pull-down the “Tools” menu and select “Internet Options.”  Select the top “Security” tab, then select the “Internet” icon (a globe), and click on the “Custom Level” button.  Scroll down through the options until you encounter “Cookies.”  Internet Explorer breaks up its options for cookies into two categories:  (1) allow cookies that are stored on your computer, and (2) allow per session cookies (not stored).  Select “Disable” to block all stored cookies, “Enable” to allow stored cookies, or “Prompt” if you wish to be warned each time your computer is asked to receive a cookie.  You can make similar selections regarding per session cookies.

FOR MACINTOSH COMPUTER USERS

Step 1:  “Got Cookies?”

In Netscape, go to your systems fold and select “preferences.” In the folder, there is a text file called “MagicCookies” which lists all of the cookies on your hard drive. This file is for viewing only and cannot be edited.

Step 2:  Delete Cookies

In Netscape, to edit your cookie file, you will need to download a free piece of software called “Cookie Cutter” at http://www.macdownload.com/ that allows you to edit your cookie file selectively.

Step 3:  Disable Or Prompt For Cookies

In Netscape, pull down the “Edit” menu and select “Preferences,” then “Advanced.”  Select one of the four levels of protection you desire, and then click “OK.”  Re-start your browser to put your choice into effect.

In Internet Explorer, pull down the “Edit” menu, select “Preferences.”  Scroll down the menu and double-click on “Cookies.”  All of the cookies on your computer will be listed along with choices from “never ask” (or accept all cookies) to “never accept.”

FOR ALL COMPUTER USERS

Consumers might also consider using “cookie management” software that selectively blocks cookies or “cookie eater” applications that run periodically to delete cookies from their computers.  Examples include:  IDcide, Cookie Cruncher, CookieCutter, and PersonaValet.  For more information, consumers should go to www.cookiecentral.com.