GCHQ and NSA 'track Google cookies'

The latest Snowden leak suggests US and UK cyberspies are taking advantage of Google's proprietary cookie technology in an effort to track suspects.

Google chairman Eric Schmidt has been critical of the NSA and GCHQ's activities

Documents published by the Washington Postrefer to the NSA and GCHQ's use of "GooglePrefIDs" - files containing a numeric code placed on computers to help the search firm remember users.

The paper said the US and UK spy agencies piggybacked the files to "home in" on targets already under suspicion.

Google has not commented.

However, the news may add to existing tensions between the firm and the authorities.

Google's chairman Eric Schmidt said last week that the company had considered moving its servers outside of the US following the publication of earlier leaks, before deciding it was impractical.

"Google's position is we are outraged on this," he said in reference to claims that the NSA and GCHQ had taken data from communication links used by his firm.

"It's government overreach, is the best way to explain it."

The cookie surveillance technique is the latest in a series of alleged spy agency activities described by papers released to journalists by the whistleblower Edward Snowden, a former NSA contractor now living in Russia.

Ad trackers

Google says it uses "preferences" cookies to enhance people's use of the internet.

"These cookies allow our websites to remember information that changes the way the site behaves or looks, such as your preferred language or the region you are in," it explains on its site.

"The Pref cookie may store your preferences and other information, in particular your preferred language (eg English), how many search results you wish to have shown per page (eg 10 or 20), and whether or not you wish to have Google's SafeSearch filter turned on."

Continue reading the main story

Cookie flavours

Cookies are small files that allow a website to recognise and track users. The Information Commissioner's Office divides them into three overlapping groups:

Session cookies

Files that allow a site to link the actions of a visitor during a single browser session. These might be used by an internet bank or webmail service. They are not stored long-term and are considered "less privacy intrusive" than persistent cookies.

Persistent cookies

These remain on the user's device between sessions and allow one or several sites to remember details about the visitor. They may be used by marketers to target advertising or to avoid the user having to provide a password during each visit.

First- and third-party cookies

A cookie is classed as being first-party if it is set by the site being visited. It might be used to study how people navigate a site.

It is classed as third-party if it is issued by a different server from that of the domain being visited. It could be used to trigger a banner advert based on the visitor's viewing habits.

The file - which contains a randomly-generated numeric code, rather than the name of the user - is also used by the firm to personalise the adverts shown to people who are not signed into its service.

Since many other firms make use of Google's technologies to place ads, a user may have PrefIDs on their computer even if they have never visited the search firm's own services.

There are tools on the internet with which users can reset the cookie's numeric code to make themselves anonymous. One expert said the company would be concerned if the leaks encouraged more people to use them.

"The last thing that Google wants is for people to tamper with or otherwise mess with its tools, disabling its ability to track them," said Chris Green, a tech analyst at the consultancy Davies Murphy Group.

"Cookies are a very valuable part of its business."

A document published by the Washington Post suggests the spy agencies also track other types of cookies, but does not specify which.

It is not clear how the authorities would have obtained the information, although the paper notes that it is among the data the NSA can demand through a Foreign Intelligence Surveillance Act (Fisa) court order.

A spokesman for GCHQ said he could neither confirm nor deny the agency's involvement in the alleged activity.

"All GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that its activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Intelligence and Security Committee," he said.

The NSA added that it was "within its lawful mission to collect foreign intelligence to protect the United States, use intelligence tools to understand the intent of foreign adversaries and prevent them from bringing harm to innocent Americans".