Cookies
What Are Cookies?
Cookies are pieces of data that websites send to users’ devices (such as computers, smartphones, and tablets) when they visit them. Users’ web browsers then store cookies on these devices.
While cookies enhance the user experience by remembering preferences and user states, they have raised privacy concerns, especially third-party cookies used for tracking and advertising. This concern has led to stricter regulations in various parts of the world, requiring websites to obtain user consent for certain types of cookies.
To manage privacy concerns, most browsers offer settings that allow users to control how cookies are handled, like blocking third-party cookies or clearing all cookies when the browser is closed.
However, it’s important to be aware that restricting cookies might affect the functionality and user experience. Some websites will not work unless you enable cookies.
Third-party definition
Cookies are small text files stored in a website visitor’s browser by that website. These text files help websites remember information like the items a visitor added to their shopping cart, what their login information was, what websites they visited previously, and more. Cookies serve a variety of purposes and have a range of implications for consumers’ privacy. – Osano
Types of Cookies
There are different types of cookies, each with user privacy and functionality implications.
Common types of cookies include:
- Session cookies. Also known as transient cookies, these only last for the duration of your browsing session. They are deleted from your device when you close your web browser. Session cookies remember user actions as they navigate a website, ensuring a consistent and smooth browsing experience.
- Persistent cookies. These stay on your device for a predetermined period, ranging from a few days to several years, even after the browser is closed. Persistent cookies remember user preferences and actions across a site (or sometimes across different websites). They’re also used for targeted advertising and analytics.
- First-party cookies. Set by the site you’re visiting, these cookies let site owners collect and remember data that makes for a good user experience.
- Third-party cookies. These are set by a domain other than the one you are on. They are often used for online advertising purposes and social media integrations. For instance, a website might use a third-party advertising network that sets its own cookies to track user behavior across sites.
- Secure cookies. These are used exclusively over encrypted HTTPS connections. Secure cookies are more resistant to eavesdropping and ensure that the cookie’s data can’t be accessed via less secure connections.
- HttpOnly cookies. These cannot be accessed through client-side scripts; they are accessible only through HTTP requests. This restriction helps mitigate risks such as cross-site scripting attacks.
- Zombie cookies. These are automatically recreated after being deleted, using data stored outside the web browser. They are controversial due to this persistence and potential for use in invasive tracking.
- Supercookies. A type of tracking cookie with origins at the internet service provider (ISP) level. They can be used for user tracking in a more invasive way than regular cookies and are harder to detect and remove.
Cookie Privacy Concerns
Cookies can improve your web browsing experience but also have privacy concerns.
Specifically, third-party cookies, which track user behavior across different sites, lead to the creation of detailed user profiles. This raises privacy concerns, as individuals may not know the extent of tracking and profiling activities.
Can You Turn Off Cookies?
Technically, yes. In practice? Probably not.
Kaspersky ran an experiment on cookies and found that most sites require visitors to at least keep “necessary cookies.” This isn’t necessarily a bad thing, though – some cookies are related to site operations. Without them, you likely wouldn’t be able to use the site’s features.
More worryingly, not every site tells users about the cookies they will be sent. About half of the sites Kaspersky researchers visited stored cookies on their devices without telling them. To stop this from happening, Kaspersky recommends contacting the site admin or the marketing companies the site works with.
Are Cookies Disappearing?
Yes. A significant shift is underway regarding the use of cookies, particularly third-party cookies.
Major web browsers are moving away from supporting third-party cookies. For instance, Google plans to completely phase out third-party cookies for Chrome users in 2024, following similar moves by other browsers like Firefox and Safari, which block third-party cookies by default.
New technologies and methodologies are emerging as alternatives to cookies for tracking and personalization purposes. These include first-party data strategies, where data is collected directly from user interactions, and methods like fingerprinting, although these alternatives also raise privacy concerns.
Google is rolling out Privacy Sandbox, web technologies that allegedly protect people’s privacy online while ensuring that publishers and advertisers can still operate effectively. It aims to replace the functionality of third-party cookies with privacy-preserving alternatives. The Privacy Sandbox is supposed to only share topics users are interested in with advertisers rather than additional user information. However, it has received criticism from some privacy experts.
How to Control Cookies and Improve Your Privacy
Below are nine tips to help you control cookies:
- Educate yourself about cookies. Knowing about the different types of cookies, how they’re used, and for what reason can help you make more informed decisions about your privacy settings.
- Adjust browser cookie settings. Most browsers allow you to control cookies. You can block all cookies, only third-party cookies, or accept cookies but delete them when closing the browser. Blocking all cookies might impact your browsing experience negatively, as some websites rely on them for essential functionalities.
- Use Incognito or private browsing mode. In these modes, cookies are not saved once the browser window is closed. This is useful for sessions where you want increased privacy.
- Clear cookies regularly. Periodically clearing your cookies can prevent the buildup of a long-term record of your browsing history. You can do this through your browser’s privacy settings.
- Use privacy-focused browsers. Browsers like Mozilla Firefox, Brave, or Tor offer enhanced privacy features, including better cookie management and tracking protection. However, exercise caution here. While some extensions can improve privacy, others can compromise it. Only install extensions from reputable sources and check the permissions they require.
- Install ad-blockers and anti-tracking extensions. Extensions like uBlock Origin and Privacy Badger can block or limit trackers and ads that use cookies to track your online behavior.
- Read cookie consent notices and adjust settings. Take the time to read cookie consent notices on websites and adjust the settings to your comfort level.
- Enable Do Not Track (DNT). You can enable the DNT feature in your browser settings, which asks websites not to track your browsing. However, compliance with DNT is voluntary for websites.
- Opt out of non-essential cookies where possible. For example, when Kaspersky accepted all cookies, about 20-30 cookies were saved to their device. When they customized cookies (i.e., disabled cookies in settings), just 1-3 cookies were stored on their device.