Ready to Start Your Career?

Are Cookies On The Web A Privacy Concern

Shimon Brathwaite's profile image

By: Shimon Brathwaite

November 30, 2021

Whether you have realized it or not, almost all Internet users have come across a web cookie. Five to ten years ago, cookies existed primarily behind the scenes but became mandatory due to CCPA, GDPR, and HIPAA regulations. Companies are required to ensure that users are aware of any cookies stored on their websites, which is why users are seeing more pop-ups asking to agree to their usage in the last couple of years. Cookies allow websites to collect and use information about users' browsing experiences. Cookies enable the browser to remember a user's settings from previous web sessions, such as items in a shopping cart and so on. Cookies are essential for the convenience that we are accustomed to on the internet, affecting user privacy. Cookies only work because they collect information about users while they browse the Web; this means some information that users do not want to be shared can sometimes get in the hands of companies whose websites that person has visited.

What Is A Cookie?

At its core, a cookie is a text file that is stored on the user's computer. Anytime you visit a website that uses cookies, a new text file is created/updated and linked to that site. This allows your settings and other preferences to be used next time you visit. Several different types of web cookies are used for this:

Session Cookies: These cookies are used to maintain your online sessions; a common example is online shopping. These cookies are used to keep track of what is in your shopping cart if you accidentally close your web tab or when you visit other web pages to find new items to add to your shopping cart. Without these cookies, websites wouldn't be able to remember what you had in your shopping cart, and online shopping wouldn't be possible.

Persistent Cookies: While session cookies only last the length of a user's session with the website, persistent cookies are used to track a user's online preferences over time. This allows a website to remember the changes you make to your account preferences on the first day you make your account. A good example of this is how your computer can remember your login information, language selections, menu preferences, and more. These kind of cookies are stored on your computer's hard drive and can stay there a long time.

Third-Party Cookies: Rather than being linked to a single website, these cookies track your online browsing activity as a whole. When you visit a website, third-party cookies collect data around your browsing habits, such as what type of websites you visit. Either pass this information on to the company that installed the cookie or sell it to other companies interested in getting information about people's browsing habits. Many of these companies are called data brokers. Simply put, a data broker is a company that collects information on people and sells that information to other companies.

What Can You Do About Cookies?

When it comes to getting rid of cookies, you have two main options: you can either block them from ever getting created or delete them. When it comes to blocking cookies, you can manually do this by first not accepting cookies when browsing certain sites. Second, if you go to your browser setting many of them to give you the option to block certain websites or all websites from using cookies, this way, you don't need to go through the process for each web page that you visit. Lastly, you can invest some time in downloading web browsers that focus on privacy specifically built to protect users from having their online track monitored by companies or other people on the internet. Some examples of good privacy browsers are TOR, Brave, and Firefox/Waterfox. These browsers have a good reputation for prioritizing user privacy which is great if you are concerned about web cookies collecting information against your will.

Are Web Cookies A Privacy or Security Risk?

Based on most of the information, about 90% of cookies are not any serious security risks. While some web application attacks leverage web cookies to steal user sessions, it is not the cookie itself that is malicious; it is a person that has found a way to misuse a web cookie to do something malicious. Any reputable company is rarely found to have been using web cookies to hack into someone's computer.

When it comes to privacy, web cookies are a bit risky because they consistently store user information. Especially in the case of third-party cookies, they can collect and sell information about your online habits to companies, which is a privacy concern. Fortunately, modern browsers make it easy to work around this by configuring them for privacy. This way, you can avoid a lot of online tracking. Also, even if you use a more common browser like Google Chrome, it can be customized to delete many third-party cookies accumulated over time while browsing. Now, your only concern should be the information that Google itself is collecting on you.

Recap

Web cookies are text files that collect information on user behavior as they browse the Internet. These text files allow web pages to remember users and their preferences, essential for modern-day conveniences like online shopping. However, some cookies, such as third-party cookies, collect information about the users themselves and report that information back to the company that installed the cookie, who will use that information themselves or ultimately sell that information to another company interested in user behavior. These companies are known as data brokers, and they make a legal profit by collecting and selling user information to other businesses.

Schedule Demo
Build your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry