What are Cookies

In the modern digital world, it is impossible not to know about the existence of the so-called 'cookies.' Every website you visit asks you if it can store cookies on your device. But what are cookies, and why does this website want to store them on your device? In this article, we will explore these delicious-sounding things, why websites keep telling us about them, and more.

In This Post:

• What Are Cookies?
• Types of Cookies
• Privacy Concerns

What are Cookies?

In the modern digital world, cookies are essential to the Internet. Simply put, Internet cookies (or just "cookies") allow websites to remember you or your browser more specifically. For example, whenever you click the "Remember me" tickbox on a login screen, your username and password are saved in a cookie. The same goes for when a browser remembers what is in your shopping cart, even though it might have been some time since you opened it last.

Cookies store all sorts of personal data to make your browsing experience more streamlined and personalized. But what exactly are they? In fact, a cookie is an actual text file that is stored on your device. When you visit a website and agree to store cookies on your device, it sends you a file. All it has in it is simple text. You can literally go and look at the file itself if you would like. Here are the locations for the most popular browsers.

• Google Chrome - C:\Users\Your_User_Name\AppData\Local\Google\Chrome\User Data\Default\Network
• Mozilla Firefox - C:\Users\Your_User_Name\AppData\Roaming\Mozilla\Firefox\Profiles
• Microsoft Edge - C:\Users\Your_User_Name\AppData\Local\Microsoft\Edge\User Data\Default\Network
• Opera - C:\Users\Your_User_Name\AppData\Roaming\Opera Software\Opera Stable\Network

Find the "Cookies" file and open it with your preferred text editor. When you go to the website subsequently, the browser will provide it with the file, and, for example, your login details will automatically fill in. In order to ensure the data in the cookie is for your device, and that the website knows what personalized information to serve, each cookie is labelled with a unique ID.

Now that we know what cookies are, let's examine the types of cookies that exist online.

Types of Cookies

In general, cookies are separated into four overarching categories: lifespan, origin, function, and scope. It is important to note that these types of cookies are not mutually exclusive. A single cookie can fall into more than one of these categories. This type of overlap ensures that cookies can serve multiple purposes while adhering to specific security or privacy standards. Here is a breakdown of all the various types of cookies that exist.

1. Cookies by Lifespan - Two types of cookies reside within this category: session and persistent cookies:
   • Session Cookies - Used to maintain session states–remembering items in a shopping cart or keeping you logged in–these cookies are temporary and automatically deleted when you close your browser;
   • Persistent Cookies - These cookies are used for long-term tracking and personalization. They handle remembering login credentials or language preferences. While they do have an expiration period, it is typically in the span of days or even years;
2. Cookies by Origin - These are cookies that are created either by the website you are visiting or by a third-party domain other than the one you are visiting:
   • First-party Cookies - Essential for the website's functionality, first-party cookies are typically used for user authentication, saving preferences, and analyzing user behavior on the website that created them;
   • Third-party Cookies - Typically created by embedded ads or social media widgets, these cookies are used by third-party domains to those you visit for advertising, cross-site tracking, and analytics. These cookies are controversial in the online world because of their role in keeping track of users across multiple websites and targeted advertising;
3. Cookies by Function - Cookies falling in this category are used to enable or enhance the functionality of a website:
   • Essential Cookies - Essential cookies enable basic operations, such as navigation, login processes, or access to secure parts of the website. An example of an essential cookie is an authentication token. Without these cookies, the website would not be able to function properly;
   • Functional Cookies - These enhance the functionality of the website. They can improve user experience by remembering language, region, or theme preferences;
   • Performance Cookies - The purpose of these cookies is to collect anonymous data to measure and improve the website's performance. For example, website owners can use these cookies to keep track of their most popular pages. Google Analytics uses such cookies;
   • Targeting Cookies - This type of cookie is meant to build a user profile based on browsing history and user activity in general. Its purpose is to use that profile then to deliver personalized ads and content;
4. Cookies by Scope - Finally, these two cookies are more concerned with website security and enhancing it:
   • Secure Cookies - While cookies themselves do not have encryption by default, developers can require that they are transmitted only when there is a secure connection present. That typically involves an HTTPS connection. That protects cookies from being easily readable by malicious parties if they are intercepted;
   • HttpOnly Cookies - Finally, this type of cookie carries the HttpOnly flag, which instructs the server not to reveal cookie information to embedded scripts. In other words, scripts within or outside the website will not be able to see the sensitive information contained within the cookie. The flag also prevents the information within the cookie from being carried beyond the server. This is an important security measure to prevent third parties from intercepting said information.

Categorizing cookies this way makes it easy to understand not only their roles but also enhances their functionality and user convenience by selecting the correct one for the occasion.

Privacy Concerns

As you have undoubtedly noticed by now, cookies can be beneficial. They can enhance a user's browsing experience by eliminating the need to constantly log in or by remembering their website settings. However, there are a few privacy concerns when it comes to third-party cookies, and we want to outline them in this part of our article.

The main issue arises from the fact that third-party cookies are typically present on multiple websites and can create detailed—and frighteningly so–profiles about visitors. Depending on the information users provide to the website and whether they have accepted the usage of third-party cookies, the network or domain issuing these cookies will collate a large amount of data about said users.

Since there are countless types of websites online, users will likely provide different kinds of information, from a simple email address to perhaps location data and maybe even medical history. When aggregated through these third-party cookies, this data can be used for targeted advertising or–even worse–infer private aspects of the users' lives. Since cookies are actual data and files transmitted online, they can be the target of malicious parties if they are not adequately secure.

Fortunately, it is not all doom and gloom. There are laws online that govern the use of cookies to protect users' privacy and ensure transparency in how data is collected, stored, and shared. Two of these laws are GDPR and the ePrivacy Directive, which complements it. They require websites to obtain informed, explicit, and specific consent before storing or accessing cookies. Strictly necessary cookies are exempt from this law.

Additionally, websites are required to provide clear and comprehensive information about the cookies they use. You might be familiar with this in a more practical manner: the pop-up asking you to accept cookies when visiting a website for the first time. This is what it looks like on our website.

Finally, users have tools to prevent third-party cookies from collecting information about them. Most modern browsers have the innate ability to block third-party cookies without needing an extension or add-on.

• Google Chrome - Click the vertical dots in the top right corner and then go to Settings. Then, click on Privacy and Security and then on Third-party Cookies;
• Mozilla Firefox - Firefox provides a more granular approach to blocking third-party cookies. Click on the three dashes at the top right, then go to Settings. From there, in the Privacy and Security section, you will see the Browser Privacy settings. By default, Firefox will block cross-site cookies, but you can select Custom if you want a more flexible approach;
• Microsoft Edge - Like Chrome, click the dots in the top right corner and then Settings. In the Privacy and Security section, you will see Third-party Cookies where you can choose the browser to block them;
• Opera - Open the full browser settings by clicking on the dashes in the top right corner. Then, in Privacy and Security, you will find the Third-party Cookies section.

Additionally, in the sections we described above, you can delete the cookies stored on your device.

Finally, developers also have a say in whether cookies are secured and encrypted. All it takes is for them to use the Secure or HttpOnly flags for their cookies. Of course, they must also comply with regulations, ensuring user safety.

To conclude, cookies are a great tool to have on your website. They improve the user experience by more or less remembering users and saving them time from having to log in or perform any other actions they have previously done. Most cookies are harmless, as they are essential for the proper functioning of the website, and, as you can see, there are ways to mitigate the unwanted ones.

Related articles

• What are IP and TCP?
• Why Purchasing an Email List is a Bad Idea
• What is a CMS?
• Layers of the Internet
• What is FTP?