Cookie Monster

In 1994, a Netscape engineer named Lou Montulli invented the HTTP cookie. He needed a way for a website to remember whether you'd already visited. That's it. The entire use case was: “has this person been here before?” It was a shopping cart feature. It was meant to remember your cart.

Within three years, advertising companies realized they could use the same mechanism to follow you across the entire internet. The shopping cart feature became the backbone of surveillance capitalism. Lou Montulli invented a sticky note and the ad industry turned it into a GPS ankle bracelet.

The EU's response was the ePrivacy Directive, which required websites to ask permission before setting cookies. This resulted in approximately 11.8 billion cookie consent popups being deployed across the internet, each requiring more cognitive effort than the actual content behind them. Studies show the average person spends 2.5 hours per year clicking “Accept All” on cookie banners. This is more time than the average person spends reading privacy policies (0 hours per year).

The banners are designed to make you accept. The “Accept All” button is large, green, and welcoming. The “Manage Preferences” button is small, grey, and leads to a 47-toggle interface that requires a PhD in information architecture to navigate. This is called a “dark pattern” and it is legal everywhere because the law says you need to offer a choice, not that the choice needs to be fair.

Even we don't know what our cookie does. It was in the Next.js template. We were afraid to remove it. It's probably just Zuck eating up everyone's data so he can show you more ads for things you already bought. You searched for a toaster once, in 2019, and the internet has not forgotten. The internet will never forget. The toaster ads will follow you to your grave.