Cookies in a browser are something that most people are not very concerned about. Because of its friendly name, how can someone be? But there have been many recent cases of misuse of users' personal data and other information by many tech giants. Also, with the implementation of laws like GDPR and ePrivacy Directive (the EU Cookie Law), people have started to wonder what are cookies and how they can be a threat to their privacy. Let's find out in this article.
What are cookies?
Cookies are small text files that are used by a website to store information. They are passed between the server of a website and the users' web browser. When you visit a site, it will send a cookie from its server to the browser you are using. The browser then stores the cookie on your device in a cookie file.
A cookie generally contains a name, value, and attribute.
A website or a third-party server identifies a cookie using its name. Value is a random alphanumeric character, and it stores data like a unique identifier to identify the user and other information. An attribute consists of characteristics, such as the expiration date, domain, path, and flags.
Classification of cookies
Cookies can be classified in several different ways, depending on their attributes, such as the source, duration, and purpose.
Depending on the source, they are classified as first-party and third-party cookies.
First-party: These are installed by the website that the users are currently on. For example, the cookies used by a website to determine whether a user is logged in.
Third-party: These are installed by other websites or third-party servers that are not being viewed by the users. Third-party advertisers use these cookies to track the users and learn about the effectiveness of the advertisements on websites.
Depending on the duration, they can be classified as session or persistent cookies.
Session: These are stored temporarily in the browser. They usually expire when users’ session ends or when they close the browser.
Persistent: These stay in the users' browser for a longer period. Once installed, they are only removed from the browser when they reach their expiration period or when the users clear them from the web browser.
Depending on the purpose, they can be classified as necessary and non-necessary cookies.
Necessary: These are absolutely necessary for the functioning of the website.
Non-necessary: These are are not absolutely necessary for the functioning of the website. Cookies that are used to track the users' behavior on a browser can be considered as non-necessary.
What do cookies do?
They are used for tracking the users' behavior on a website or a web browser. This can be used by the site or a third-party service to give the users personalized content.
The cookie can also be used to identify the unique and returning visitors to a website. When a user visits a website, the site may create a cookie that stores some data that helps the site to identify the user. If the user leaves the website and visits again, the website will be able to identify the user as a returning user with the help of the cookie.
They also monitor data like which pages are most engaging to users and which pages are not and which pages do not draw as much traffic. Thus, they can help you access a site faster and more efficiently.
Cookies are also used for remembering the login session of the users. Websites use them to know the login session of its users. These are authentication cookies.
Another example is an e-commerce website that remembers the products the users added to the cart by the users while they keep on shopping. Even if the user leaves the site without completing the purchase, the products added to the cart will remain there the next time the user visits the website.
Are cookies harmful?
Generally, cookies do not contain any malware or viruses in it that can potentially harm your computer. Also, they cannot access any other personal information from the users' computer, nor do they contain any executable code. Therefore, their only job is to help the website collect information about each user's visits.
When there are security concerns about the usage of cookies, the first thing to understand is that they do not look for personal data when they are installed on a browser. They do not scan for the data on the website or the users' computer for any personal information. Cookies only contain the data that users have voluntarily submitted through website forms.
Also, a cookie stores data in such a way that only the server that installs it can read the data. No third parties can access this information unless they have access. For the most part, cookies only need to identify the users' browsers. Any other personal data stored in the cookie are given by the users at any point in time while using the website.
Most of the security or privacy concerns come from the usage of third-party cookies. When a website uses advertisements added using some third-party services, they can add cookies through that website. They allow the advertising that is targeted to these users to provide ads that are more relevant to the users. They also help in limiting the number of ads displayed to users and improve their effectiveness by tracking the browsing history and remembering the pages that the users have visited. These cookies also allow the websites to determine how effective the ads are on a particular page, and if they are generating the required or expected outcomes.
However, these activities by third-party cookies can be considered as an invasion of the privacy of a user online. These data track what a user does on a website and can be used by third parties for user profiling.
How to check cookies used by a website?
Most of the popular web browsers provide a way to find out cookies used by a website from its developer tools. For example, if you use Google Chrome, right-click on the site and view the browsers developer console. From the developer console, on the Application tab, expand the cookies view where you can find the cookies that are installed by the website.
To know more about how to identify the cookies used by a website, read this article.
How to delete or block cookies?
Most of the modern browsers have settings that will let you remove or block cookies. It would be better to block only third-party cookies, since blocking necessary cookies may affect your browsing experience. Learn how to block or delete them in different browsers here. Most of the browsers also offer the “Do Not Track” (DNT) feature that will signal websites to stop tracking the users. However, not all of the websites would respect the DNT signal. Read how to enable it in different browsers here.
People protected under GDPR rules can relax with regards to the cookies and collecting personal data without their knowledge. With the implementation of such laws, websites will not be able to install cookies that are not necessary for the website to function properly without the users' consent. It includes those that track the user's online behavior for delivering targeted advertisements and personalized content.