Data Privacy Hub

Cookies

Cookies are text files with small pieces of data — like a username and password — that are used to identify your computer as you use a computer network. Specific cookies, known as HTTP cookies, are used to identify specific users and improve your web browsing experience.

Data stored in a cookie is created by the server upon your connection. This data is labeled with an ID unique to you and your computer.

When the cookie is exchanged between your computer and the network server, the server reads the ID and knows what information to specifically serve to you.

What Are Cookies Used For?

Websites use HTTP cookies to streamline your web experiences. Without cookies, you’d have to login again after you leave a site or rebuild your shopping cart if you accidentally close the page. Making cookies an important a part of the internet experience.

Main uses of cookies:

  • Session management. For example, cookies let websites recognize users and recall their individual login information and preferences, such as sports news versus politics.
  • Personalization. Customized advertising is the main way cookies are used to personalize your sessions. You may view certain items or parts of a site, and cookies use this data to help build targeted ads that you might enjoy.
  • Tracking. Shopping sites use cookies to track items users previously viewed, allowing the sites to suggest other goods they might like and keep items in shopping carts while they continue shopping.

Is it safe to use cookies?

Although cookies are simple text files and do not contain any nefarious elements such as viruses or malware, they can become problematic if the data is compromised or accessed by a malicious third party.

In the worst cases, hackers can access a user’s browser history and their login information. This is one of the primary reasons web developers are obligated to inform their users what cookies are being downloaded during a browsing session and for what specific purposes.

The Information Commissioner’s Office maintains that web developers “must explain the way the cookies work and what [they] use them for, and the explanation must be clear and easily available.” Further, they must obtain the user’s consent before storing cookies on a device and should be able to demonstrate that consent has been “freely given, specific and informed.”

Meaning websites under data privacy regulation must use cookie consent management tools. 

Cookie Consent

Users should be reminded that, for the most part, accepting cookies from a website is entirely optional. The guidelines state that the user will give enough information to decide what cookies to allow, reject, or delete. (As a general rule, users should be wary of third-party cookies or cookies that do not originate from the website being visited.)

While many cookies are essential to the functionality of a website, this is not always the case, and it is otherwise typical for a user to value privacy over expediency when browsing the web ultimately.