Government Overreach? 9 in 10 Official Websites Use Tracking Cookies Without Consent

Is the government going too far? A new study has discovered that “Big Brother” may be more widespread than anyone thinks. Among the countries that make up the G20, researchers found the vast majority of government websites add third-party tracking cookies without their users’ consent.

The G20 is an international forum which includes 19 countries and the European Union. The forum focuses on solving issues connected to the global economy, climate change mitigation, and the development of sustainable technology. The members include Argentina, Australia, Brazil, Canada, China, France, Germany, India, Indonesia, Italy, Japan, Mexico, Russia, Saudi Arabia, South Africa, South Korea, Turkey, the United Kingdom, and the United States.

The international team notes that, in some of these countries, nine in 10 official sites add third-party tracker cookies — even if they have strict user privacy laws. To uncover the scale of this problem, the researchers examined 5,500 websites tied to international organizations, governments, and official COVID-19 information sites during the pandemic.

Their study comes at a time when citizens across the globe are providing information through government websites at an unprecedented rate.

“Our results indicate that official governmental, international organizations’ websites and other sites that serve public health information related to COVID-19 are not held to higher standards regarding respecting user privacy than the rest of the web, which is an oxymoron given the push of many of those governments for enforcing GDPR,” notes Nikolaos Laoutaris, a research professor at IMDEA Networks, in a media release.

What kinds of cookies are lurking on government sites?

“There are first-party cookies, which are those created by the visited website itself, while third-party cookies are those commonly created by external agents through content embedded in the website. In addition, there is the cookie ghostwriting, in which an external entity creates the cookie on behalf of another party and therefore its origin is unknown,” says Srdjan Matic, a research assistant professor at IMDEA Software.

The team also separated their findings based on the duration of these cookies — analyzing cookies active only during someone’s visit to a webpage and those which persist over the short, medium, and long term.

Nearly every COVID website is adding unwanted cookies

Results show most of the G20 nations install at least one cookie on a website without a user’s consent. Overall, Japan comes in with the lowest percentage of websites containing cookies — but that number still sits at a staggering 77.2 percent. Meanwhile, the team found Saudi Arabia and Indonesia top the list with cookies on 100 percent of their official sites. The majority of the G20 nations fall between 87 and 97 percent, with the U.S. adding unwanted cookies to 93.5 percent of the 1,239 webpages examined in this study.


CREDIT: Matthias Götze (TU Berlin), Srdjan Matic (IMDEA Software), Costas Iordanou (Universidad de Chipre de Tecnología), Georgios Smaragdakis (TU Delft), and Nikolaos Laoutaris (IMDEA Networks)

Of these cookies, a large portion are either third-party cookies (TP) or third-party tracking cookies (TPT). Additionally, over 50 percent of the TP and TPT cookies in 16 of 19 countries take more than one full day to expire. Website users in France will find the largest number of cookies which take more than a year to expire.

When it comes to official websites which specifically deal with the coronavirus pandemic, results show over 99 percent add at least one cookie without anyone’s consent.

“There are no special measures to neutralize third-party cookies on these websites since 52% of the websites of international organizations set at least one cookie associated with a tracker (TPT),” Matic adds.

Laoutaris hopes the team’s findings “put more pressure on governments to clean up their own house first and, by doing so, set an example and be more convincing about the importance of implementing the GDPR in practice.”

The team presented their findings at the Web Science Conference.

**By Chris Melore


2 Replies to “Government Overreach? 9 in 10 Official Websites Use Tracking Cookies Without Consent”

  1. harrrrrie

    I agree with Linda. The governments know the power of people and their voices, and when they march, protest and demonstrate there is nothing the government can do short of using the military and violence to end the people’s right to power and demands. But it won’t work because the military will realize they will not want to hurt their families and friends.
    I don’t know who knows this but when the US Constitution was written giving the citizenry the right to bear arms, it wasn’t to start riots or go hunting or protect their families and homes from bears and wolves. It was to give the citizenry the right to protect themselves from the governments, Federal, State and local. The people who signed that constitution knew how governments could do illegal things and could even turn into dictatorships. It happened in Germany. Germany was a democracy and Hitler created a nazi dictatorship without the people really realizing they were lied to and manipulated.
    Our federal government is so corrupt that when the citizenry finally figures it out, our government will face anger and violence, and the representatives will have to hide if they are still alive.
    We need to send lots of love, step aside and observe, and send more love.

  2. Linda Rosa

    Isn’t it ironic how the very entities that bring such harm to human beings on Creator God’s Earth are so fearful of us? They have to spy on us, observe every little thing we do, try to keep each of us in a closed-in box so they can predict our future moves, etc.? Really? And it’s they who cannot be trusted. So odd.