Following the path of digitalization in Slovenia and Europe: How tasty are computer cookies, and why do we need them at all?

Computer cookies are an integral technology supporting the modern online day-to-day browsing experience. However, many may still not fully understand what cookies are and how they work in the background to aid in our everyday online experience. For example, do you know the link between cookies and your browsing activity and the associated implications for data privacy and security?

This article will explain what computer cookies are, how they work, who invented them and why, how they can help or harm us, and what traces we leave because of them. Did you know that there is a supercookie, for example?

What are computer cookies, and how do they work?

First, let’s look at the basics; computer cookies may also be called HTTP cookies, web cookies, internet cookies, browser cookies or digital cookies. From now on, I will simply call them cookies. All cookies relate to the same thing: a way to track the activity on a particular website and are an essential part of daily internet browsing.

Cookies are small packets of data or small files that often include unique identifiers that web servers send to browsers. These cookies can then be sent back to the server each time your browser requests a new page. This is how a site remembers you, your preferences, and your online habits.

Brief explanation: A web server is software and hardware that uses HTTP (Hypertext Transfer Protocol) and other protocols to respond to client requests made over the World Wide Web (WWW). The main task of the webserver is to display the site’s content. A web browser, or simply a “browser,” is an application used to access and view websites. Common web browsers include Google Chrome, Microsoft Edge, Internet Explorer, Mozilla Firefox and Apple Safari.

Cookies are small packets of data or small files that often include unique identifiers that web servers send to browsers. Photo: plavidnetwork.com.
Cookies are small packets of data or small files that often include unique identifiers that web servers send to browsers.
Photo: plavidnetwork.com.

Cookies were invented by internet pioneer Lou Montulli in 1994 when he worked for the then-brand-new company Netscape, which was trying to help websites become viable commercial enterprises. Montulli developed cookies with the intention that websites, like traditional stores in ‘real’ life, could identify regular customers, suspicious characters, locals or tourists and so on. In short, he invented cookies so that websites would not be ‘blind and deaf.’

Pros and cons of cookies

While cookies sometimes get a bad rap, they’re not necessarily bad, according to the software and computer services manufacturer hp.com website. In fact, they help tailor a website experience for you and track your browsing habits as you navigate the website. They also recognise your computer and enhance a website’s usability.

For example, if a website stores cookies about your location, it will show you geographically relevant information. At the same time, cookies have both positive and negative properties. For example, if you visit a shopping site that has a “related searches” feature, you will see results based on your cookies that are cross-referenced with other users who have similar shopping habits and preferences.

In addition, cookies store valuable information such as your location and currency preference, so you don’t have to select these options every time you enter the website or start a session. If you’ve ever had to fill out information multiple times on an online form, you know how annoying it is to retype your entire mailing and billing address repeatedly. Cookies can store this information so that it is filled out automatically the next time you visit the same website.

For example, a potential disadvantage of cookies is storage drain, as cookies are packets of information stored on your computer’s hard drive, they can take up much space over time. It is good to delete cookies from time to time to free up space on your hard drive.

In addition, most browsers simply accept cookies as their default setting, so your IP address and browsing history become public information, which raises privacy concerns. However, the biggest drawback of cookies is unauthorised data collection when websites sell the information they collect about you from cookies to third parties.

We know several types of ‘regular’ cookies and even a supercookie

Cookies can be classified into several different groups, and further on, we will look at the four most common types. Session cookies are temporary and stored in your browser’s memory only when the browser is opened. When you close it, the cookie is removed from your browser history, so they pose less of a security risk. For example, these cookies are often used for online shopping carts or other short-term storage methods.

Persistent cookies are used over a much more extended period; there is an expiration date tagged to them by the issuer, according to the website HTML.com. This means that the cookie will be stored on it even when your browser is closed. And each time you return to the website that created this cookie or go to a website that has a resource produced by the cookie’s issuer (e.g., an ad), this data is returned to the issuer.

For example, Facebook and Google use persistent cookies to create a user activity log across various websites. So, when you click “Remember Me” (or something similar) after logging in to your online account, you create a persistent cookie, which will store your login details on your browser. Because persistent cookies are present for a more extended period than session cookies and can track what you are doing on more than one website, they pose a greater security risk.

First-party cookies generated by the website you are visiting help a website carry out a series of purposes, such as allowing you to add more than one item to your online order. If you disabled first-party cookies, each time you added an item to your shopping cart, it would be treated as a new order, as you would not be able to purchase more than one item per transaction.

Third-party cookies generated by a website that you are not currently visiting are most commonly used to track the user who has clicked on an ad, associating them with the domain that has referred them. For example, if you’re on a website and you click on an ad, a third-party cookie is generated that links your traffic to the website where the advertisement was shown.

A supercookie is a “super” type of tracking cookie that is not stored at the browser level but at the network level. Supercookies can travel across browsers and are permanent. The most significant risk of supercookies is that they can access information such as your browsing habits, login credentials and image caches, even after you delete your cookies. The best way to defend yourself and your data against supercookies are by using an encrypted connection or a virtual private network (VPN).

How can I manage my cookies?

Although cookies play a vital role in our web browsing activities, they pose several threats, especially regarding the invasion of privacy and security of the websites that use them. We will look at an example of how you can find and manage your cookies for the most widespread browser in the world – Google Chrome, which has had a market share of more than 62% since February 2022.

How to manage cookies? Photo: pcmag.com.
How to manage cookies?
Photo: pcmag.com.

First, open Google Chrome your computer> click the Chrome menu> select Settings> select Advanced Settings> select Privacy and Security> select Content Settings> select Cookies. Then choose from several options to enable or disable the use of cookies.

However, you do not have to preventively block all cookies, as in some cases, cookies are helpful, as we have already explained. For example, it is useful to keep cookies with your login information for sites such as Facebook or your email platform to quickly login without entering your username and password.

Choose a setting that controls the amounts and types of cookies so that your online experience is safe but functional. For example, you may want to disable all third-party cookies but allow first-party cookies and session cookies.

Author: Rok Žontar

Keywords: cookies, session cookies, persistent cookies, first-party cookies, third-party cookies, supercookies.

Disclaimer:

This article is part of joint project of the Wilfried Martens Centre for European Studies and the Anton Korošec Institute (INAK) Following the path of digitalization in Slovenia and Europe. This project receives funding from the European Parliament. 

The information and views set out in this article are those of the author and do not necessarily reflect the official opinion of the European Union institutions/Wilfried Martens Centre for European Studies/ Anton Korošec Institute. Organizations mentioned above assume no responsibility for facts or opinions expressed in this article or any subsequent use of the information contained therein.