Anatomy of a Click

When clicking through websites, we are giving away more information about ourselves than we think. What's really happening in the personal data economy?

The typical click on a website has far more consequences today than it did 10 years
ago, when relatively little happened behind the scenes. Today, our online interactions share our location, browsing history, and other preferences with an entire ecosystem of third parties. Many of us are unaware of the mechanics at work during these few-second intervals, and that lack of knowledge leads to a lack of control over the use (and potential misuse) of our personal data.

What’s Visible

Most days, we approach the Internet with a set of expectations about how it all works based on our routine behaviors. We know, for instance, that if we want to upload a picture to Photobucket.com or look up a word on Dictionary.com, that by following the instructions on-screen and entering the right information we will see our picture on a website or learn what “aphorism” means. We take an action, we get a response, and we form an understanding of the digital universe. We trust that if we perform the same tasks again, we will get the same results. In doing so, we feel comfortable interacting with websites providing information, services, and feedback to us. These are some of the basic, subtle ways that trust is established online. Philosopher Daniel Dennett calls this “intentional stance” and claims this theory demonstrates that trust can be established between people and technologies.

What’s Invisible

In the absence of “intentional stance,” we are willing to trade security for convenience. But what we don’t know can hurt us: Today’s technologies make our personal data public through the use of cookies, which send a packet of data about the information state of our computers back to a website that requests it. While interviewing people about their personal data perceptions, beliefs, and behaviors, we found that all of our participants were familiar with the technological term “cookie” but not its form or function. Nevertheless, they continued to allow a wide range of company websites to collect personal data if the process seemed familiar and easy. Only when pressed did the participants admit a degree of vulnerability because of their lack of understanding.

EXPLAINING A “COOKIE”

Cookies made the modern-day shopping cart possible. They were originally invented as a means for keeping items in your cart. Before the cookie, websites had limited memory and couldn’t recall what you selected for purchase while you were shopping. But this isn’t the case anymore. Today, cookies come in three flavors: Tracking Cookies Relatively benign site data that a server can comprehend and decode to determine where it came from.

Tracking Beacons

Any one of a number of techniques used to track who is reading a Web page or email when and on what computer.

Flash Objects

A kind of cookie that can bypass the browser security rules that a user may set and report key strokes, clicks, and other data.

Ben McAllister is an associate strategy director at frog. He is a regular contributor to design mind and theAtlantic.com, where he writes about the science of design research and personal data.