Privacy Basics: Online Tracking | Privacy


Cookie Batch Bingo

Made by Stacy Martin, Senior Data Privacy Manager at Mozilla.

Learners will use bingo to learn definitions for different cookie types.

20 minutes

  • Preparation

    Read People Bingo instructions from About.com.

    To familiarize yourself with cookies, read Cookies Wikipedia Article

    Create bingo cards and and print out copies to distribute to participants along with pens.

    To create the cards, list terms related to online tracking technologies - so instead of numbers, you'll list one term in each square of the card. You'll need at least nine to create a bingo card. For example, you could start with these terms: cookie, party, 1st party cookie, 3rd party cookie, flash cookie, super cookie, zombie cookie, authentication cookie, session cookie, transient cookie, persistent cookie, magic cookie. If you'd like to add another row, consider: beacon, web bug, pixel tag. For more ideas, check out the related activities links or add the tracking terms from the Online Tracking Speed Dating activity

    Create a bingo card answer key or you can print this one. If the topic is unfamiliar to your learners, you may want to discuss these terms first.

    • Cookie: A small data file that websites and third parties place on your device to remember your preferences or to track your activity, sometimes across multiple sites.
    • Party: The owner of the domain specified in the cookie. All cookies have an owner. This tells you who the cookie belongs to.
    • First Party Cookie: In first party cookies, the website you are visiting and the domain of the cookie match. First party cookies are necessary in order for you to be recognised as an individual.
    • Third Party Cookie: In third party cookies, the website you are visiting and the domain of the cookie are different. In other words, third party cookies do not belong to the website you are visiting. They are often used to track you across sites.
    • Flash Cookie: A type of super cookie that uses Locally Stored Objects (LSOs). These cookies are independent of the browser, designed to be permanently stored on your device (never expires), and usually written when you visit a site that uses Flash.
    • Super Cookie: A cookie that remains on your device even after you have removed all cookies from your browser. Super cookies are more difficult to detect and remove from your device because they arent' browser cookies and can't be deleted using browser tools.
    • Zombie Cookie: A cookie that is automatically recreated after being deleted.
    • Authentication Cookie: The most common method used by web servers to know whether the user is logged in or not, and which account they are logged in with.
    • Session Cookie: A cookie that is stored in temporary memory and is automatically removed when you close your browser. Also known as an In-Memory Cookie or a Transient Cookie. Commonly used for shopping cart software and online forms. The browser knows to treat them as a session cookie because they don't have an expiration date on them.
    • Persistent Cookie: A file that is stored on your hard drive until its expiration date. Also known as a Stored Cookie. Sometimes called a Tracking Cookie, but they can also be used for functions like authentication and language selection.
    • Secure Cookie: A secure cookie can only be transmitted over an encrypted connection (HTTPS) so that it is less prone to attacks. These cookies are stored on your hard drive. Also known as an httpOnly cookie.
    • Magic Cookie: Thought to be a possible origin of the term "cookie", it's a term used by programmers to describe a packet of data a program receives and sends back unchanged, while the contents remain unseen.

  • 5
    min

    Distribute cards and pens

    Explain the rules. Cookie Batch Bingo can either be played traditionally by calling out terms or as what's called "People Bingo", where participants meet others in the room to define terms and collect signatures. If you have at least nine people, each person can define one term and sign someone's Bingo card in only one spot.

    For example, your participant Susan Doe may sign the bottom left square with her first name and note that she knows a zombie cookie is automatically recreated after being deleted. If you have less participants, you can continue to repeat the process.

  • 20
    min

    Play the game

    Instruct participants to call out "Bingo!" when they have a vertical, horizontal, or diagonal line on the card. You can also challenge participants to fill the whole card.

    Award small prizes for the people who get the first type of each Bingo line, or fill the entire card. Great prizes include stickers or Webmaker gear.

  • 10
    min

    Discussion

    Faciliate a group discussion using the Bingo card answer key. The answer key will help you prompt discussion and you can also use the discussion questions listed here.

    • What kinds of experiences have you had with online tracking?
    • Which types of cookies have the most privacy concerns and why?
    • How does where a cookie is stored impact privacy concerns?