One of the strengths of Indiana is that we bring together a variety of perspectives from the plethora of areas that touch the field of cyber, especially through the colleges, universities, and other institutions of higher education throughout our state. Hence the name "Perspectives From the Campus Series”, we invite experts -- immersed in the pursuit of educating their students -- to offer their knowledge for finding solutions in cybersecurity that benefit all Hoosiers.

In the latest installment of this series, David Dungan, who serves as the Executive Director at the Center for Security Services and Cyber Defense at Anderson University, discusses the importance of protecting your personal information when it comes to websites that use cookies and what it means when data brokers collect information from you.

By David Dungan

“This website uses cookies”

How many times a day do you see a website that says something along those lines? Unfortunately, they are not referring to macadamia or chocolate chip.

Data brokers use web cookies (a small piece of code that attaches to your browser) to track what kinds of websites you visit and what you do on them. Data brokers also use these cookies to build detailed profiles of your interests and your personal identifying information (PII), including your gender, sexual orientation, and race, as well as major life events, and more.

These brokers then anonymize the information and put it into targeted interest groups to sell to advertisers. It’s a big business. It is estimated that the industry is worth $200 billion per year, with up to 4,000 data brokering companies worldwide.

How do they do it? In a matter of speaking, we provide it to them. By that, they use a few simple steps to obtain information, including:

• Your web browsing history - every time you use a search engine, social media app, or fill out an online quiz, you’re leaving an electronic trail.
• Public sources - This includes everything from birth certificates and marriage licenses to court records and census data.
• Commercial sources - In other words, your purchase history, what you’ve bought, when you bought it, how much you paid for it, and whether you used a loyalty card or coupon.
• Your consent - When you sign up for things like a rewards program, you may have given your consent for your data to be shared without necessarily realizing it (that is, unless you read the fine print).

Fortunately, just as we try to avoid giving into the temptation of eating our way through an entire box of Girl Scout cookies, let’s just say, too quickly, there are six best practices you can follow to better protect your privacy and security when using browser cookies. Among the steps you can take, includes:

• Clear cookies regularly.
• Adjust your privacy settings.
• Be careful when downloading apps or software.

Next time you see a popup asking you to agree to web cookies, it's a good idea to take a moment to carefully consider what that means and remember that it’s OK to deny any cookies you believe are unnecessary to prevent others from exploiting your personally identifiable information.