Cookies, not the ones Granny used to make
The Tip
What are Browser Cookies? Should I allow them? Are they important? Should I worry about them? Are there privacy concerns? In a nutshell, yes to all the above.
The Detail
Cookies, more properly called HTTP Cookies, are small bits of data stored in text files on your computer. Websites then use these small bits of data for keeping track of you and interacting with you. They enable core functionality in most modern websites. They are a necessary part of how the modern internet works, as well as a serious source of privacy and security concerns. Because they are just bits of text and not applications or executables, most anti-virus software does not report them as threats, although some may give you warnings. That doesn’t mean they are not a concern for your privacy.
Type of cookies and useful things they can do
- Session cookies. These cookies might remember things like your logged-in status, or what’s in your shopping cart, or filtered lists and presentation preferences and short-term things like that. They expire when your browser closes.
- Persistent cookies. These cookies store details for a longer time, perhaps when you have chosen ‘remember me’ logging into Facebook and other sites, set preferences at a news or blogging site, what ads you’ve clicked on, what terms you’ve searched for, and so on. Because these cookies stick around for long periods of time and theoretically can store information across multiple websites, they can present a bigger privacy risk.
- First-party cookies. These are cookies set by the site you are currently visiting and might include things like logged-in status and any preferences you may have set for the site, shopping cart contents, and so on.
- Third-party cookies. These are cookies set by domains other than the domain you are currently visiting. These might be tracking what sorts of ads and links you have clicked on, what sorts of searches you have done, what sorts of things you have added to a shopping cart. Although a necessary part of the modern web, these can also pose a real risk of the invasion of privacy and other security concerns. You’ve probably already noticed how you can search for something at your favourite search engine, and then ads for those things seem to start showing up on every other non-related site you visit. That’s because of 3rd-party cookies.
Cookies and the law
- The landscape is changing around this regularly, but it is currently law in the EU that websites need to get informed consent from you about their use of cookies, before sending them to you. Similar regulations are in the works in the US, and Canada will likely not be far behind. That’s why you are beginning to see more and more websites that pop-up a banner or alert of some sort, requiring you to click ‘yes’ to cookies before proceeding, or at least acknowledging that you understand they are there. There is often a link to a page with more details about what cookies and trackers are being used and why.
Privacy, security, and tools for managing cookies
Although it’s beyond the scope of this article, there are several tools and strategies for managing cookie use in all modern browsers.
- At the simplest, all modern browsers offer a private or incognito mode. Using your browser this way ensures that in addition to your browser history being purged when the session is over, any session cookies will be deleted, and no long-term cookies will be stored.
- All modern browsers also have built-in tools that allow you to specify what types of cookies will be accepted, and also allow you to see what cookies you have stored and allow you to delete them selectively or en-masse.
- Some AV/Malware tools will recognize some forms of potentially dangerous cookies and warn you.
- Most ad-blocking browser extensions also give you control over what 3rd-party cookies/trackers to allow and what to block. It’s very illuminating to install something like Ghostery, and then see what sorts of cookies/trackers are following your browsing footsteps.
There’s a lot of information to be found on this topic on the internet. Here are a few good articles on the subject, but there are many more if you are interested.
- HTTP cookie – wikipedia
- Browser Cookies: What Are They & Why Should You Care?
- What Is a Browser Cookie? At How-To Geek
- An example of a detailed cookie information page – this one is interesting in that it shows how many cookies can be found on a fairly average website, that isn’t even doing any advertising. You could probably nearly double these on a major shopping or news or social media site.
If you have more questions about these topics, please contact UTS, and we’d be happy to offer what guidance we can. There is also a wealth of information to be found using your favourite search engine.