On May 2, six years to the day after Microsoft filed its application, the U.S. Patent and Trademark Office granted the company patent No. 7,039,699, “Tracking usage behaviour in computer systems.” Some wags dubbed the technology “super cookie.”
They call it that even though Microsoft limited the patent in some specific ways (probably to persuade the patent office to grant it). It flies in the face of IETF guidance on valid cookie use and provides information that is redundant with what Web companies can do already.
At first read, the patent does not offer much new, even if you take into account the 2000 filing date. You would learn much of what the patent describes in a Cookies 101 class.
To issue the patent, the USPTO had to have concluded the technology was new to a person skilled in the art of cookies in May 2000.
There is one puzzling restriction in the patent’s claims that might hold a clue as to why the USPTO reached that conclusion.
For example, the patent’s first claim is limited to the case in which there is a “first computer system having a first domain name and at least one other computer system having a second domain name that is different from said first domain name and wherein at least a portion of the first and second domain names are identical.” The other main claims have similar restrictions. Note the first claim does not say what part has to be identical; maybe it could be “.com,” in which case this would not be that much of a restriction.
The patent talks about all the marvy things that could be done with information from cookies, including targeted advertising, special display formats, special offers, unique services and creating a “psychographic profile” of the user. Just what I was missing — Microsoft creating a psychographic profile of me when I visit its Web site to get a patch for Word. The body of the patent talks about creating a “domain-level cookie” for MSN’s Web site that could be used by every MSN online service to record or find out what a user did on other MSN sites. The patent says, “Reading from the domain cookie would be equivalent to checking what the user did elsewhere on MSN.com.”
I can see how it would be useful for an MSN online travel service to know I just bought an expensive camera from an MSN online camera store so the travel site could point me to expensive resorts rather than Motel 6. But a use like this violates the spirit, if not the letter of RFC 2964, “Use of HTTP State Management,” the IETF’s statement of best practices for the use of cookies.
In the end, I don’t think this patent amounts to much, because I expect MSN’s online sites are exchanging far more information already about their users than their users expect and are doing so without using the technology in this patent.
Disclaimer: Harvard has no opinion about this patent: The above is just my own two cents’ worth.
QuickLink 068014