Cookies (also known as internet cookies, web cookies, browser cookies or HTTP cookies) are small pieces of information in the form of a text file, containing a string of letters and numbers. This file is sent from a website to the person’s browser where they get saved before going back to the same website.
Each cookie is unique in its own way and can’t pass viruses or capture personal information on your computer. It enables the websites to work more efficiently, recognizing and remembering certain information, such as login details. Cookies are very common, and you probably have thousands of them stored right now on your computer.
The “term” cookie was first created in 1994 by the Netscape team of developers who were trying to figure out how to solve the problem of online shopping. They were trying to find a way how certain websites could “remember” the customer’s personal data and items they want to buy. One tiny text file stored on a user’s computer could solve this problem.
The term itself is an allusion to the Fortune Cookie, a Unix application that produced different messages (or fortune) each time when they start. Since then, cookies have become an integral part of user’s web browsers.
Cookies are used to deliver different types of information from the user’s browser to the website he is visiting. That being said, there are many different reasons why a website is using cookies, such as:
Aa process of securely carrying your information through various sessions. For example, any website that allows you to log in may offer you to remember your information so you don’t need to enter your “username” and “password” each time you visit it.
Storing user data such as age, gender, location, interests, preferred theme, layout, font size or similar data.
Tracking all user activities and behavior on websites, search engines, or social media, to compile this data and create statistics about how people use their site. The main purpose is usually to be able to target audience groups according to the collected data. Google Adsense uses tracking cookies to display relevant ads
There are several types of cookies that may be created depending on their purpose and how they’ll be used.
These cookies are used to store temporary information. The information is acquired through a single session or the time between the opening and closing of your browser. Once you close your browser, they are automatically deleted. Their purpose is to remember the actions you have performed on the website, for example, the items you have placed in your online shopping cart.
In contrast to session cookies, permanent cookies are not deleted once you close your browser but they stored on your hard drive until the expiration date or until you delete them manually. They are used to remember, for example, login details (username and password), to avoid entering them every time you visit a particular site.
The term “first party” means getting cookies directly from the website’s domain you are on. For example, once you land on the website forbes.com, this website can automatically create a cookie which is saved on your computer.
These cookies are related to external domains as they are not issued by the website’s domain you are on. For example, if you visit the website nytimes.com, you may get a first-party cookie created by the website. However, the website may have advertisements displayed on one of the pages which issues a third-party cookie by the service serving those ads, such as Google Adsense.
Cookie files need to be stored somewhere to be able to remember what you did on the website or something else. As such, they’re stored directly on your hard drive by your browser. The next time you visit that website, your browser will send saved cookies to the website’s server, allowing the server to use the saved information.
Each cookie has its own attributes, meaning the name, value, and the expiration date. Internet browsers limit cookies to 4096 bytes (4KB) in size. A cookie containing your login details could look like this:
Recorded 2019-01-12 username=John hash=4c70884bd91727c931b91616c2d2b4d8 rememberme=yes
Session or temporary cookies are deleted automatically once you close your browser. However, other cookies have a specific time of expiry in the form of date and time along with their names and values. If the website doesn’t set the expiry date, the browser will delete the cookie once it’s closed. The average lifetime of a cookie is about 30 days, but cookies can also be set to last for over a year.
Only the domain name that saved the cookies on your hard drive can access and read them. They can’t be accessed or examined by other websites. So if you visit forbes.com, they won’t be able to access cookies set by nytimes.com
Tracking cookies are typically used for advertising and retargeting purposes and they are usually created by related third-party services. Two types of tracking cookies that may have some adverse effects on your privacy are:
These cookies are tied to top-level domains such as “.org” and “.com”. While most types of cookies are associated with specific domains such as forbes.com, supercookies have much more freedom to save and access your personal information. However, most of the browsers block supercookies due to potential privacy and security concerns.
These cookies are recreated using the Quantcast technology the moment after you delete them. They are much harder to find and track, and they can follow your activity across different browsers. To completely remove them from your hard drive, you need to delete the flash cookie that recreates these zombie cookies. Modern browsers have the option to delete flash/zombie cookies through privacy settings.
Cookies are created and used via HTTP(S) protocol. They aren’t malicious by nature and won’t invade your privacy. For example, remembering your login details is purely for the purpose of easily accessing your account. So if you clear the cookies, you’ll be logged out of all of your accounts online and will need to re-enter your login details. Most of the browsers contain privacy settings, allowing you to review and manage cookie files.
- EU Cookie Directive or the Directive on Privacy and Electronic Communications (codified in 2002) states that websites need to get the user’s permission before saving information in a cookie file and inform their users of the cookies usage.
- General Data Protection Regulation (or GDPR), issued in May 2018, covers personal data regulations. Any information that can be related to a real, identifiable person is protected and can’t be used without the person’s permission (information such as the cookie identifier, IP address, and the device’s ID).
As somewhat of a compromise, modern browsers (Internet Explorer, Chrome, Firefox, Microsoft Edge, Opera, Safari) allow you to manage cookies and set your preferred tolerance. Some of the options include:
- To accept (enable) or always block (disable) cookies
- To view them and selectively accept or delete them via cookie manager
- To delete all cookies
Most browsers are initially configured to accept cookies, so it’s up to you to change your internet browser settings. You can also choose to be notified each time when a new cookie is about to be stored on your hard drive. Different websites have their own cookie policies and reading them may provide additional information and help you decide whether or not to allow cookies or block cookies on your computer.