Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Firefox to auto-block third-party ad cookies by summer

Gregg Keizer | Feb. 26, 2013
Online advertising exec calls move 'nuclear first strike' against industry

Mozilla will automatically block third-party cookies starting with Firefox 22, which is slated to ship this summer, according to the Stanford University researcher who coded the change.

The move, which will make it more difficult for online ad networks to track users' activities, was only the latest skirmish in a war between advertisers and some browser makers.

In a blog post and on Twitter, Jonathan Mayer, a graduate student in computer science and law at Stanford University, and one of two researchers at the school who created the HTTP header implementation that signals a user's "No Dot Track" preference, announced the new Firefox cookie policy.

Mayer kick-started the change last December when he submitted code to the Bugzilla bug-tracking database operated by Mozilla. It was Mayer's first contribution to the open-source Firefox.

"The default Firefox cookie policy will, beginning with release 22, more closely reflect user privacy preferences," Mayer claimed in a post to his blog last week.

Mozilla has added the cookie change to Firefox's "Nightly" channel, the browser's roughest-edged version. Unless the modification is sidetracked or Mozilla changes its mind, the new policy will first appear in a final release of Firefox on June 25.

Cookies are used by online advertisers to track users' Web movements, then deliver targeted ads. The new Firefox policy will allow cookies presented from domains users actually visit -- dubbed a "first-party" site -- but will block those generated by a third-party domain unless the user had previously visited the cookie's site-of-origin.

Examples of first-party cookies are those placed in a user's browser by sites like to identify the customer on repeat visits, letting him or her skip the log-on sequence. Third-party cookies, however, are often placed in ads on first-party sites so that advertisers and online ad networks can track a browser's past activity.

When the new policy goes into effect, Firefox users will need to clear all cookies to start with a fresh slate. Doing so, however, requires a user to laboriously reenter usernames and passwords to again access websites.

Although Mozilla has not publicized the change, developers and company executives, including Brendan Eich, Mozilla's CTO, and Asa Dotzler, the Firefox desktop product manager, debated the new policy on a discussion thread for several weeks before approving the change.

"I'm in favor of moving forward on this, cautiously," Dotzler said Feb. 11 on the thread. "As long as we have confidence at each step of the way that we're not breaking significant numbers of users or sites, this is a good move."

Mozilla will be following in the footsteps of Apple's Safari, which also blocks third-party cookies by default. "The new Firefox policy is a slightly relaxed version of the Safari policy," said Mayer in an FAQ published on his personal blog.


1  2  Next Page 

Sign up for Computerworld eNewsletters.