Introduction – what are cookies?
In simple terms a cookie is a packet of code and information which a website sends to your computer. Your computer stores this cookie within your web browser for future interaction with that same website. By future interaction we do mainly refer to the tracking of visits and activity on the website (more on that later). Cookies are generally harmless as they cannot transfer malware to your computer, obtain personal information from your computer, or affect how your computer runs. However, some viruses or malware can sometimes be disguised as cookies. There are many types of cookies, however for the purposes of this article here are the main types you’d typically encounter:
Session: Session cookies are the safest as they are deleted as soon as you close a browser and generally used for e-commerce shopping carts.
First-party: These too are quite safe as they’re directly created by the website you visit assuming the website is reputable. They are typically used as feedback for the website host and to make certain features work.
Persistent: These are stored on your device until they expire, or you delete them and are used for the various storage of personal information and login credentials as well as tracking data. These are the ones we’re focusing on today and they’re described in more detail further below.
Third-party: These are risky as they’re created by other websites usually from the ads found on the website you’re on. These will save to your browser irrespective of if you click on any ads and can track your browsing history across any sites with their ads. Popular browsers such as Firefox and Safari block these by default now, others such as Google Chrome have announced they will too circa 2023. The overwhelming majority of remaining browsers give you the ability to block third-party cookies through browser settings (however they are not blocked by default). Given they are on the decline and labelled as ‘dead’ by ad-tech insiders, we won’t focus on them here.
The advantages of cookies
Cookies are considered safe and necessary to our modern usage of the internet. One of the best examples is online shopping, the cookies allow for a shopping cart to exist. Without cookies, every time you click on a new link on the site your cart would reset to zero. Cookies also record your visit and login information, so you know you’ve visited a certain website in the past (and thus know you’re on the legitimate site, not a phishing link)
Websites (ours included) use cookie data to see what their audience is most interested in – with us it is which articles (and subsequently which subject areas) are of most interest and which are less interesting. This allows us to reflect and pivot when considering what subject we cover next, in what detail, and what level of urgency. This is a feedback mechanism to website creators to assess the various demand levels of what they are offering.
The disadvantages or privacy risks of cookies
Any prefilled form, ‘Stay Logged In’ or ‘Remember Me’ option exists thanks to (Persistent) cookies, it’s the remembering of usernames and passwords, prefilled name and addresses at checkout, preselected and stored credit card details, and so forth. If your browsing session is on an unencrypted connection (such as most free WiFi networks) cookies are sent on ordinary unencrypted HTTP protocols. When the connection is unencrypted, a bad actor can read the communication of other users on the network. This means they can intercept cookies to impersonate a user (such as stealing the login credentials for your bank).
Corporations can track cookies to collect information about buying habits and that data can be sold to bidding corporations or data brokers. Advertising companies use third party cookies to track users across multiple sites where they advertise allowing them to target advertisements based on informed preferences. This is what happens when you search “games for puppies” on Google for example and find ads for dog toys on other Google ad-powered pages you visit later.
What you can do to manage your cookies
Banning all browser cookies can make some websites difficult to navigate or quite annoying to use. However, setting your browser to limit third-party cookies (as mentioned earlier some browsers have this automatically set now) and block tracking cookies (‘Do Not Track’ option) is advised to protect your privacy whilst still allowing for normal browsing. Setting your desired cookie preferences can be found using the table below depending on the browser you use. Generally, in the same area you can also delete/clear all currently stored cookies and clear your cache which is also worth doing as you set your new settings and subsequently on a regular basis (weekly is fine). Don’t forget your other devices such as tablet and mobile phone browsers.
Other tips include:
1. Ensure your operating system, web browser, plugins, and antimalware software are up to date. Many modern antimalware programs flag spyware or adware making them a good ‘set & forget’ option for cookie management
2. Browser extensions such as Privacy Badger, Click&Clean, or Adblock Plus are good options to fight cookie tracking. HTTPS Everywhere is also a great browser extension to tighten up the security when it comes to your browser’s interaction with websites. The extensions available to you are determined by your browser of choice as not all extensions, such as those listed above, are available on every browser
3. Avoid questionable websites when warned by your browser, browser extension or any security software you use. This is when you go to visit a website and before it loads a security warning pops up asking you to accept the risks in visiting (or reject visiting) the website
4. Use ‘Private’ or ‘Incognito’ mode where possible as the browser basically starts as a clean slate in this form. Sites will work normally as cookies are still accepted, however, they are not stored permanently. In this mode existing persistent cookies will not be used so no prefilled or ‘Remember Me’ functions will work (this is the point of course).
5. There are tools available for you to search websites to identify which tracking technologies are employed by that site. One such tool is The Markup’s Blacklight scanner just type the URL of the site you want to check in the search bar.
Suffice to say as per our 101 series we didn’t dive into the technical details of the various types of cookies and how they work, instead focusing on explaining the basics and how your privacy can be impacted. Overall, it’s also worth noting the overwhelming majority of cookie use is harmless so this isn’t one to lose sleep over. Critics will point out that the big data hoarding companies (think Amazon, Google, Facebook etc) have enormous amounts of personal identifiable data about you, data which if compromised, could lead you to be doxed (such as data about your medical condition or sexual preferences being outed). This is a fair point (though somewhat of a concession) and it’s important to keep things in perspective, however when it comes to managing privacy and security online, we hang on to one core belief. That, as our regular readers know, is all about taking every precaution, no matter how simple or small, to ensure you’re not the low hanging fruit. We’re thinking about risk reduction and minimising how much of your data is out there and cookie management is just one of those precautions.
This article is written in line with our Terms & Conditions and Disclaimer. As such all content is of a general nature only and is not intended as legal, financial, social or professional advice of any sort. Actions, decisions, investments or changes to device settings or personal behaviour as a result of this content is at the users own risk. Privacy Rightfully makes no guarantees of the accuracy, results or outcomes of the content and does not represent the content to be a full and complete solution to any issue discussed. Privacy Rightfully will not be held liable for any actions taken by a user/s as a result of this content. Please consider your own circumstances, conduct further research, assess all risks and engage professional advice where possible.