recommended reading

NSA Uses Google's Tracking Cookies to Find Targets

Mark Lennihan/AP File Photo

The National Security Agency analyzes tracking cookies used by online advertisers in order to find and target surveillance subjects, according to The Washington Post and documents provided by Edward Snowden. Based on internal slide decks, "when companies follow consumers on the Internet to better serve them advertising, the technique opens the door for similar tracking by the government."

NSA and British GCHQ are using ad tracking cookies to identify unique online users, and are apparently particularly partial to a Google-specific cookie format known as a "PREF" cookie. A PREF cookie—short for 'preferences'—may contain information such as a user's region (useful for weather reports and the like) and other settings such as the number of search results to display, preferred language, and whether to keep SafeSearch filtering on. Additionally, it is unique for each user, in order to serve up personalized ads.

NSA likes the cookies because they allow them to "enable remote exploitation," although what they means exactly is unclear. These types of technical tricks are used not to sift through bulk data for suspicious activity, but to track and engage with specific targets.

Most browsers contain a Do Not Track function that limits third-party cookies when enabled and disables tracking users across websites. According to a website maintained by Stanford and Princeton researchers, of the eight large tech companies pushing for government surveillance reform, only one—Twitter—honors the Do Not Track policy.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.