Internet Safety: What is a cookie?

Mmm… cookies are delicious. When we see cookies on the internet, we should treat them like candy on the street. What I mean is that if you saw your friend, your mom, someone you know well, you would probably accept that candy without asking any questions. What if it was your next door neighbor, or the neighbor down the street? You would first want to consider how well you knew the person to make the appropriate determination, probably. Now, what if it is a complete stranger? The person who offers you candy is totally unknown to you, you may have never even seen them in passing. This is a little weird, all of a sudden.

A cookie is a type of spyware.

A normal cookie contains detail of what a visitor has done on a particular website, such as the pages they visited, the contents of their electronic carts and so on. A website that uses cookies will save it onto the visitor’s computer or device, and then retrieve it when the same visitor later returns, so that they can ‘recreate’ the previous experience the visitor had and provide a seamless experience.

Tracking cookies are a specialized type of cookie that can be shared by more than one website or service. They are commonly used for legitimate marketing and advertising purposes, but because they contain a history of the user’s actions on multiple sites, they may be exploited or misused to track the user’s behavior.

Why are they used?

When used for marketing, a website may share its tracking cookie with a third-party analytics service, which examines how visitors behave so they can improve the site’s designs or offerings.

It is also common for a third-party advertising service to offer advertising content and a tracking cookie that can be shared between sites, so that whenever a visitor moves from one site to another, they can be shown new advertising instead of the same content they had previously seen.

Advertising and marketing services typically anonymize and collate data from thousands or even millions of users, making it highly unlikely that any individual’s habits are closely examined. Many users however still express discomfort at the idea of their web browsing habits being tracked.

The FTC– Federal Trade Commission (US) issues the following guidance regarding the tracking cookies used on government sites:

Two general types

Single-Session cookies

help with navigation on the website
only record information temporarily and are erased when the user quits the session or closes the browser
are enabled by default in order to provide the smoothest navigation experience possible
are known as Tier 1 technologies under applicable government guidance

Persistent/Multi-Session cookies

remain on your computer and record information every time you visit some websites
are stored on the hard drive of your computer until you manually delete them from a browser folder, or until they expire, which can be months or years after they were placed on your computer
are used by the FTC solely to provide analysis of site use and to maintain access quality for users; capture only a unique, randomly assigned identifier for each user and do not send or receive information on non-FTC websites
are known as Tier 2 technologies under applicable government guidance

Most modern web browsers allow users to block websites from saving cookies onto their computers, or only allowing certain websites to do so. Alternatively, many privacy-conscious users just clear their browser cache after every session to remove any saved cookies, or use security software to do so.

Many websites do not function correctly if cookie use is disabled. For example, websites with password-protected areas and retail sites with shopping cart systems usually require cookies for certain features to work.