With its Cookie Factory, UNESCO proposes to “hack” cookie algorithms

0
With its Cookie Factory, UNESCO proposes to “hack” cookie algorithms

A new extension has appeared on the Chrome Web Store: Cookie Factory, on the initiative of UNESCO. The organization wants to raise awareness in a playful way of the challenges of respecting privacy online. To do this, all you need to do is to create a fictitious virtual identity chosen from among the 36 profiles offered by the extension, which will simulate the browsing of the selected profile in accelerated mode, collecting numerous cookies and thus highlighting the collection of personal data.

If UNESCO is modestly proposing that Internet users become “hackers”, it is also because laws on the ethics of artificial intelligence are struggling to be put in place. Yet the first attempts to regulate artificial intelligence appeared in the 1990s in France, when its use began to become widespread… On 27 April 2016, the GDPR recognised that “the protection of individuals with regard to the processing of personal data is a fundamental right” but it did not come into force in all Member States until 25 May 2018.

During the month of November last year, announcements regarding AI ethics accelerated: a recommendation on the protection of individuals with regard to the processing of personal data from the EU Council of Ministers at the beginning of the month, the second PMIA-GPAI summit on the 11th and 12th, and finally, on the 25th of November, the UNESCO recommendation establishing ethical rules for artificial intelligence.

At the beginning of 2020, the CNIL recommended the presence of a “refuse all” button next to the traditional “accept all”. However, not all sites have followed this advice, far from it, the accepted cookies are collected and used to offer targeted advertisements according to the navigation and the centers of interest.

While cookies are intended to generate advertising, they can also record where you are when it appears on your screen and whether you choose to click on it or not. They can be dangerous used for other purposes as demonstrated by the revelations of Cambridge Analytica employees that caused a scandal in 2018 leading to the closure of the company. Working for Donald Trump, the company had recovered the data of millions of Facebook users to mount targeted election campaigns according to their psychological profile. Another leak in 2020 revealed its concrete activities and its ramifications in more than 60 countries, including Iran and Brazil.

On this, Ala Krinickyte, a data protection lawyer at Noyb, a Vienna-based digital rights nonprofit, said:

“The most frightening thing about these revelations is the extent of Cambridge Analytica’s operations around the world. The privacy of millions of users, including in Europe, has been put at risk and the consequences may continue to result in the years to come.”

Yet it is possible to configure the computer to automatically delete cookies at the end of the session or to use a VPN, but few Internet users do so. With Cookie Factory, UNESCO hopes to raise awareness of the impact of cookies.

The Cookie Factory extension

Developed over two years by the communications agency DDB Paris and the studio Make Me Pulse, the extension offers to choose a fictitious identity or create one yourself to fool the tracking algorithms by temporarily replacing the cookies of your browser with those of the chosen profile. An AI will navigate at full speed from page to page (about a hundred) while clicking on keywords corresponding to the profile.

Once the data is collected, the user can return to his favorite sites and realize the degree of personalization of the advertisements, based on these very artificially designed cookies. All he has to do is deactivate the extension to return to his real identity.

Translated from Avec sa Cookie Factory, l’UNESCO propose de « hacker » les algorithmes des cookies