Mathias Lecuyer

Cookie Monster devours third-party cookies to protect privacy, wins award at leading Systems conference

Third-party cookies are widely used to build online user histories and measure the impact of advertisements. However, they also enable pervasive tracking of users across the web, raising privacy concerns.

A team that includes Dr. Mathias Lécuyer of UBC Computer Science and researchers from Columbia University set out to preserve privacy while still enabling ad measurement in a world without third-party cookies.

Enter 'Cookie Monster,' a privacy-conscious solution that earned a Distinguished Artifact Honourable Mention Award at the 30th Symposium on Operating Systems Principles (SOSP), a prestigious conference that celebrates ground-breaking contributions to computer systems research.

The paper is entitled: Cookie Monster: Efficient On-device Budgeting for Differentially-Private Ad-Measurement Systems

Dr. Lécuyer explains third party cookies, “Many free services available on the internet such as search engines, map applications, email, chat services, news, and social media, are funded through advertising. Other services such as online stores pay those free-to-the-user-services to display their ads to potential customers. A key component of online advertising is ad-performance measurements. Since users see ads on websites that are not controlled by the advertiser, advertising platforms use third-party cookies to register ad impressions across the web and measure the ads effectiveness.”

Let’s suppose a user visits a news site and sees an ad for shoes. The ad-platform that bought the ad on behalf of the shoe company can store this fact with a user identifier in a third-party cookie. If the user later visits the shoes website, the ad-platform can learn if the ad led to a purchase by the user. In this way, ad-platforms can reconstruct the whole online history/user profile and understand which ads encouraged users to buy which products.

But while cookies help make advertising more effective, they also raise serious privacy issues for users. That’s where Cookie Monster comes in—to protect user privacy without sacrificing the ability to measure ad effectiveness.

Nom, nom, nom. 
Bye bye cookies, hello privacy.

Dr. Lécuyer says, “Cookie Monster explores a critical question: How can we preserve the effectiveness of ad measurements while ensuring user privacy?"

Cookie Monster builds on existing designs proposed by internet browser vendors and tech companies, and proposes new mechanisms and an end-to-end privacy formalization and analysis. 


In terms of what this will do for the internet, Lécuyer says, “The goal is to preserve measurements so that advertisers can learn which ads worked and resulted in new business, while keeping internet services free through their ads. Simultaneously, we want to reduce undesirable side effects, such as tracking all individual internet users across ALL of their online interactions, and remembering these interactions forever.”

The net gain

As a result, Lécuyer and team explained that users would gain stronger privacy protections against tracking, while not seeing functional or availability differences in what they can access online. They also suggest that website owners could still reap ad revenues to support their sites.

As for the desire for online privacy as users browse the internet, it appears to be a win-win.

Dr. Lécuyer, who is a member of the UBC group Systopia, is immensely proud of this result stemming from work he started while finishing his PhD years ago. “I was really happy that we got the Distinguished Artifact Honorable Mention. The Columbia students who drove the system implementation and artifact release performed some truly amazing work, and it was great to see this work recognized by a prestigious award. This success also bodes well for the future of systems research at UBC.”

In terms of future research on this subject. Dr. Lécuyer and collaborators are working on improvements alongside his research team to make the design more efficient and practical with future improvements poised to redefine the landscape of online privacy. This research is also gaining traction in the wider tech community, and supports work in the Worldwide Web Consortium (W3C)’s on standardizing privacy-focused ad measurement APIs for browsers, signaling a shift toward a cookie-free future.

Another UBC Computer Science researcher won an award with a team of researchers at SOSP:  Dr. Reto Achermann et al. They won the Distinguished Artifact Award for the paper: “Verus: A Practical Foundation for Systems Verification.” 

Read more about Mathias Lécuyer’s research.