Cookies on the internet: What are they used for?
8 min read
Cookies can speed up web browser performance and improve your internet experience. While some are harmless, others can infringe on privacy. Learn what exactly internet cookies are, what they do, and how you can manage them.
Contents
Internet cookies are tiny pieces of data that your computer or web browser stores when you visit a website. They track your engagement and behavior within a website and help web pages remember your preferences.
Developed in 1994, cookies were supposed to make commercial transactions on the web more convenient for users. The name “cookie” was borrowed from the programming term “magic cookie,” which refers to tokens that transfer data between devices and programs.
Since then, cookies have been seamlessly incorporated into various online operations. For instance, if you put an item in your basket on an e-commerce site, that item will stay in the basket as you move from page to page. This is possible because the site can recognize the cookies stored on your browser and it can tell that you are the same person who put those items in your basket. However, cookies can sometimes follow you from site to site, allowing your activity to be tracked even after you leave the website that gave you the cookie in the first place.
The idea behind cookies is that they transfer small pieces of specific data between the device and a website. Whenever you visit a website, it sends a cookie to your web browser containing unique information about your visit. Your web browser is responsible for storing that cookie in your computer’s hard drive and managing it so that it remains associated with the website that sent it. The cookie typically contains your session ID, preferences, authentication, and tracking information.
Whenever you return to the website, your web browser sends the cookie back to the website’s server. The server then reads the cookie to learn if it should keep you logged in after your last visit to the site, what content you’d likely want to see, or what ads are best tailored to your taste.
Wherever you roam online, you can decide which cookies to allow and which to decline. While some cookies bring a smoother user experience, others are invasive and open ways for advertisers and other third parties to track your online activity. It’s important to make an informed decision and choose the right cookies to stay safe and private online. That’s why we prepared a short guide to tracking cookies, which you can find below.
Session cookies
Session cookies, also known as temporary or transient cookies, are only active when a user engages with the website that generated those cookies. When the user leaves the website, the session cookies expire. Among the functions that session cookies serve are authentication, log security, user preference and settings maintenance, online load balancing, and e-commerce functionality.
Persistent cookies
Persistent cookies, also called permanent or store cookies, are saved onto the user’s browser and remain active after the session ends. Any cookie that continues to gather data and perform tracking functions across websites once the user has ended their original session is a persistent cookie.
First-party cookies
First-party cookies allow websites to recognize returning visitors and remember basic information about users as they move around the site. A web server places them on your browser when you connect to it, but the cookies are only active when you are on one specific website. Once you leave the site that generated the cookies, they lie dormant.
Third-party cookies
Third-party cookies are meant to stay active even after you leave whatever web page planted them. These are the cookies internet users are probably less comfortable with because they allow for cross-site tracking and invade privacy. Consequently, many browsers are now removing third-party cookie functionality.
Find out more about the differences between first-party and third-party cookies by following the link.
Flash cookies
Flash cookies, otherwise known as Local Shared Objects (LSOs), are used to improve interactions between websites and browsers when a video is being played. If you’re returning to a webpage after watching half of a video hosted there via a Flash player, Flash cookies planted on your browser can inform the website where you stopped, so you don’t have to search for the right place. Flash cookies can also contain other information, like how many ads you’ve already been shown with the video and your preferences regarding playback quality or languages.
Zombie cookies
Zombie cookies, also called evercookies or super cookies, are designed to resurrect themselves after you delete them. They create backup versions of themselves, saved in different areas of your browser and device. When you clear your cookies, the copies can leap into action. These particularly insidious cookies are often difficult to remove completely.
Check the below overview of various tracking cookies for a thorough comparison:
| Type of cookie | Purpose | Privacy concerns |
|---|---|---|
| Session cookie | Capture session-specific data, for instance, user’s activity on the website, preferences, and login details. | Though considered safe, session cookies are susceptible to hijacking if not adequately secured. |
| Persistent cookie | Tracks users between websites, capturing their preferences, logins, and online habits. | Persistent cookies raise privacy concerns due to long-term and cross-site tracking. |
| First-party cookie | Records user-specific data relate to a specific website. | Focusing on a single webpage, first-party cookies are considered safe as long as the user is cautious with the information they share. |
| Third-party cookie | Follows cross-site activities and is used for advertising and analytics. | Third-party cookies are known for extensive tracking and infringing privacy. |
| Flash cookie | Captures flash-based data on particular websites. | Flash cookies concern only video files and are viewed as safe but outdated. |
| Zombie cookie | Tracks a substantial amount of private information, including browsing history, IP address, device information, and login credentials. | Zombie cookies are considered unethical because they breach privacy with their invasive tracking. |
A cookie policy is a document that describes how cookies are used on a website. You can usually find it within the terms of service of a site. You will also encounter a pop-up when you first load a webpage, prompting you to consent to using cookies during your session.
If you refuse to accept a cookie policy, you may not be able to access the website, or its functionalities may be limited. It’s because some systems simply won’t work properly if they can’t track you from one page to the next within a website.
The GDPR and ePrivacy Directive (ePD) require companies in the EU to provide clear information on their websites about how cookies are being used and get user consent before storing cookies on their devices. Before agreeing to a cookie policy, you should always read what kind of cookies the site wants to use and why. If you have an option to set specific cookie preferences, use it to customize the policy to your needs (for example, choosing only essential cookies).
Depending on which cookies you allow to store on your device, you can either enjoy a smoother user experience or put your online privacy at risk. Typically, cookies serve many valuable functions, from keeping items in your online shopping cart to remembering how much of an online video you watched. Web pages are generally easier to navigate when you store session cookies because the website remembers your preferences and settings as you move from page to page. Though cookies are not essential, your internet experience would be slower and more cumbersome without them.
On the other hand, intrusive cookies can track your online activity as you switch websites and sell data related to your online behavior to third-party advertisers. Cookies are also a known entry point for hackers to steal sensitive data. To name just a few security incidents, in 2010, a worm called Koobface exploited cookies related to Facebook and stole users’ credentials to log into their accounts. A year later, hackers managed to infiltrate malware that searched for internet cookies and caches to steal user login data from multiple e-commerce websites.
You can enable, disable, and delete cookies on the internet by changing your web browser settings according to your needs. Below, find a short guide on how to make changes to cookies stored on your device.
How to enable or disable browser cookies
You can adjust your browser settings to enable or disable cookies by:
- Going to your browser’s “Settings” page.
- Choosing the “Privacy” tab.
- Looking for the box to “allow cookies” or “allow local data.” If you wish to enable cookies, simply check the box. If you want to disable them – uncheck the box.
How to clear browser cookies
If you wish to clear your browser cookies, you should:
- Go to your browser’s ”Settings.”
- Choose the “Privacy” section. Sometimes, tools to clear cookies can be placed under the “Tools,” “Internet options,” or Advanced” tabs.
- After you find an option to clear cookies, follow the prompts to manage cookies stored on your device. You can find detailed information on how to clear cookies on each browser by following the provided link.
However, you should consider that deleting or disabling cookies will likely affect your browsing experience because websites won’t remember you ever visiting them.
Instead of manually disabling and clearing cookies on your device, you can use alternative ways to make them less invasive and limit their tracking.
- Use VPN security features. A virtual private network (VPN) from a reputable service provider usually includes a handful of security features. Tools to block tracking cookies, intrusive ads, and other unwanted online elements are just a few.
- Use privacy-focused browsers. These were specifically created to collect as little user data as possible and to restrict online tracking. Privacy-focused browsers, such as DuckDuckGo or Brave, are known to block intrusive ads and trackers by default.
- Use private or safe browsing modes. Whenever you use an incognito or private browsing mode, the cookies accumulated on your hard drive are deleted once you leave an incognito session. Meanwhile, safe browsing mode was created to protect online users from malicious websites containing malware and other security threats.
- Use privacy-focused search engines. By using DuckDuckGo, Startpage, Brave, or other search engines focused on privacy, you’ll be more immune to tracking based on your searches and your personal data collection through persistent cookies. These search engines were designed in a way that users’ online queries and browsing history wouldn’t be used for advertising.
