Mozilla’s Firefox web browser continues to add new features. A recent patch submitted by Jonathan Mayer proposes an interesting change to the way the browser handles third party cookies. The patch is suggested to be rolled into Firefox 22, and should it be approved, the open source browser would adopt Safari-like behavior by blocking third party cookies by default. Specifically, the patch would change the default behavior to block third party cookies by default unless the user has visited the website themselves at some point. Users will also be able to tweak the setting via a UI menu item and choose whether to always block third party cookies, only allow cookies from previously visited sites, or allow all third party cookies (for comparison, Google Chrome goes with this option as its default).
This is a positive move for consumer privacy, but it is also a disruptive strike at online advertisers. So called third party cookies are tidbits of code that sites can utilize to identify and track users on other sites. The uses of cookies can range from a shopping site using cookies for shopping carts or coupons to ad networks that track you across the internet to deliver targeted advertising and gather information about users. Safari has managed to get away with blocking third party cookies by default so far, but Firefox has a great deal more market share. Should Firefox move to a block-by-default model, advertisers are not likely to be pleased considering they think that Do Not Track is bad enough (heh). I think it may need to be relaxed somewhat, but the proposed patch’s behavior is closer to a fair balance between privacy and tracking than the current arrangement.
Currently, you can choose to accept all or block all (with accept all being the default). The new patch would add a new option to the GUI menu to only allow cookies from previously visited sites.
Interestingly, this is not the first time that changes to Firefox’s cookie handling behavior has been proposed. A few years ago, developers considered a similar patch but found that it caused too many problems with websites. It is worth noting that Jonathan Mayer's patch is not as strict in what it blocks as that previous patch attempt, so it is more likely to be approved–and break fewer sites out of the box. Then again, the more browsers that adopt a block-by-default policy for third party cookies, the more websites will be pressured into finding workarounds such as poxy-ing the third party ad cookies from their own domain (making the cookies first party as far as the browser is concerned). In the end, the battle between consumers and advertisers will rage on with websites/publishers caught in the middle tryng to find an acceptable balance.
It will be interesting to see whether this patch goes through and what the fallout (if any) will be.
What do you think about the proposed change to the default cookie handling setting? Are you already using a third party browser plugin with a white list to block them by default anyway?
Also Read: Firefox 19 Includes Built-In PDF Viewer @ PC Perspective.