Further Reading: Chapter 12 — Browser Cookies, Tracking Pixels, and the Third-Party Data Ecosystem

1. Acar, Gunes, et al. "The Web Never Forgets: Persistent Tracking Mechanisms in the Wild." Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security."

The foundational academic study that documented canvas fingerprinting and other persistent tracking mechanisms at scale, including the AddThis discovery. This is the primary source for one of the chapter's most significant empirical claims. Technically dense in places but readable with effort. Freely available through the ACM Digital Library and the authors' institutional websites.

2. Englehardt, Steven, and Arvind Narayanan. "Online Tracking: A 1-Million-Site Measurement and Analysis." Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security."

The Princeton OpenWPM study that provided the most comprehensive analysis of tracking infrastructure across the top 1 million websites. Documents the prevalence of Google's tracking infrastructure, the distribution of tracking companies, and the scale of third-party cookie deployment. The OpenWPM measurement framework has been widely adopted in subsequent research. Essential empirical grounding for Chapter 12's claims about the ecosystem's scale.

3. Forbrukerrådet (Norwegian Consumer Council). Deceived by Design: How Tech Companies Use Dark Patterns to Discourage Privacy-Protecting Choices. June 2018.

The landmark report that systematically documented dark patterns in the consent interfaces of Google, Facebook, and Windows 10. Methodically documented, visually illustrated, and readable for non-specialist audiences. Essential primary source for the dark patterns section. Available free at forbrukerrad.no.

4. Roesner, Franziska, Tadayoshi Kohno, and David Wetherall. "Detecting and Defending Against Third-Party Tracking on the Web." Proceedings of the 9th USENIX Symposium on Networked Systems Design and Implementation. 2012.

An important earlier study of third-party tracking mechanisms that established many of the measurement methodologies used in subsequent research. Provides a clear technical framework for understanding how different tracking techniques interact and compound. Useful for readers who want more technical depth on the mechanism layer.

5. Matte, Célestin, Nataliia Bielova, and Cristiana Santos. "Do Cookie Banners Respect My Choice? Measuring Legal Compliance of Banners from IAB Europe's Transparency and Consent Framework." Proceedings of the 2020 IEEE Symposium on Security and Privacy."

An empirical study of GDPR compliance in IAB TCF-compliant cookie banners, finding systematic non-compliance with consent requirements. Provides quantitative foundation for the "theater of consent" analysis. Methodologically rigorous; readable by careful undergraduate readers.

6. Kristol, David M., and Lou Montulli. "HTTP State Management Mechanism." RFC 2109, Internet Engineering Task Force, 1997.

The original IETF specification for the cookie mechanism, authored by Montulli and colleague David Kristol. A historical primary source that documents what cookies were designed to do, what privacy protections were considered, and how the original specification conceptualized cross-site cookie use. Technically written but important for understanding the gap between original intent and subsequent use.

7. Singer, Natasha. "You for Sale: Mapping, and Sharing, the Consumer Genome." The New York Times, June 16, 2012.

A landmark piece of explanatory journalism that introduced many general readers to the intersection of cookies, data brokers, and behavioral targeting. Focuses on Acxiom, DoubleClick, and the ecosystem linking them. While dated in some specifics, the fundamental description of the ecosystem remains accurate. Freely available from NYT's archives.

8. Article 29 Working Party. "Opinion 04/2012 on Cookie Consent Exemption." EU Data Protection Working Party, 2012.

The legal interpretation from the EU's data protection authorities on when cookie consent is required under the e-Privacy Directive. An important primary legal source for understanding the regulatory framework that GDPR subsequently updated. Useful for students interested in regulatory analysis.

9. Laperdrix, Pierre, et al. "Browser Fingerprinting: A Survey." ACM Transactions on the Web 14, no. 2 (2020).

A comprehensive academic survey of browser fingerprinting techniques, evolution, defenses, and their effectiveness. Covers canvas, audio, WebGL, behavioral, and network fingerprinting techniques. The most complete single reference for the fingerprinting material in this chapter. Technically demanding but organized to support selective reading.

10. Electronic Frontier Foundation. "Cover Your Tracks." coveryourtracks.eff.org.

The EFF's live browser fingerprinting testing tool, available online. Users can test their browser's fingerprint uniqueness and see how tracking protection extensions affect results. An essential hands-on companion to the theoretical material in Section 12.5. Updated regularly as fingerprinting techniques evolve.

Further Reading | Chapter 12 | Part 3: Commercial Surveillance