Priv3: A Third Party Cookie Policy

In today’s World Wide Web, there exists significant economic pressure to track user activity, a development users may find objectionable. Safari’s third-party cookie policy works well to block tracking from advertisers and other pure third-party content, but is insufficient to block the multi-function tracking present in Third-party widgets such as “Like” buttons and other “social plugins” offered by the likes of Facebook, Google, and Twitter. These elements provide desired user functionality, but also expose the user to the possibility of cookie/referrer-based tracking by those third-party sites. Naïve approaches that completely disable third-party interactions prevent such tracking, but at the same time break desired tasks, such as “liking” a page, or engaging in a discussion forum. In order to enable a middle ground, we present Priv3, a web browser extension which uses conditional suppression of third-party cookies and selective reloading of elements on a web page to provide a generic mechanism to protect user privacy from these trackers without compromising usability, creating an “allow with user intent” third-party cookie policy. We have made Priv3 available as Firefox extension that has been downloaded 97,000 times to date, featuring an average user base of 17,000 users daily.