Technical Concepts for Non-Developers, Part 2 – Cookies

You’re browsing the internet and a modal (like the one pictured above) pops up. Now you have to decide if you want to “learn more,” leave the website, or accept the cookies. The modal says cookies will “improve your browsing experience,” which sounds pretty great. Plus, clicking the “learn more” link and reading a bunch of details probably isn’t what you came to the internet for.

This blog post is for those of us who click that accept button and never look back. I’ll explain cookies (otherwise known as HTTP cookies), an important piece of everyone’s internet browsing experience.

What’s a Cookie?

A cookie is a little file that a website places on your computer; it records information about how you interact with the website’s content. When you return to a site you visited previously, the site reads the cookie and uses that information to personalize your experience.

Cookies allow you to stay logged in, have your currency pre-selected, re-populate the items you added to your shopping cart, and many other things. They may also keep track of how many times you’ve visited and remember which type of things you’re interested in. Cookies can make a user’s experience effortless, but they can also be a potential invasion of privacy.

Cookie Permission

Some sites place a cookie on your computer as soon as you arrive. But if you’re prompted to approve cookies, it’s likely the website is following European cookie laws.

Over the last few decades, internet users and governments have become much more aware of cookies’ potential harm. In 2018, the European Union established the General Data Protection Regulation (GDPR), which protects a user’s personal information. Among other things, it requires websites to get the user’s express permission before collecting any of their information.

The United States does not have similar protections in place, although some states have data protection laws. This means cookies can be placed without the user’s permission.

Types of Cookies

There are two major types of cookies: first-party cookies and third-party cookies. First-party cookies are exactly what we’ve been describing. They’re created by the website you’re visiting, and they store site-specific information. First-party cookies allow us to view websites just like we did in the past.

Third-party cookies are a little trickier. When you visit a website, it loads code that allows a third-party server to create a cookie on your computer. Why would websites allow third-party cookies? In general, they’re either connected to paid advertising or they allow users to take third-party actions on the content.

Let’s say you’re shopping for a new sleeping bag. You look at a couple and decide you’re not ready to make the splurge. Instead of continuing your search, you decide to browse your favorite news website… and somehow it’s plastered with sleeping bags ads! This cross-website advertising is the work of third-party cookies.

Unlike first-party cookies, these cookies can be accessed on any website that loads the third-party code. The site where you viewed sleeping bags was using the third-party cookie and took note of your new shopping interest. Then that same cookie was read on the news website to load targeted sleeping bag ads.

Third-party cookies are also behind the “share” buttons that allow us to post content to social media sites. They give the two domains a way to communicate your experience to each other seamlessly.

Additionally, third-party cookies are used for plugins like live chat windows and sometimes more malicious things like user tracking.

First-party cookies are widely allowed in browsers, and (for the most part) they’re safe to use. But third-party cookies are limited by some browsers.

What Now?

When you use the internet, cookies will be placed on your machine. This means sites will inevitably track your information. 

The best long-term thing you can do is understand and configure the cookie policy on your browser. Make sure you have the latest version of your browser, as cookie issues often happen due to out-of-date software.

Then investigate how your browser manages cookies (here’s information from Chrome, Firefox, and Safari). Your browser’s settings will allow you to set rules about cookie usage and clear out cookies and other browsing data. It may even give you the option to pick and choose which cookies to keep or delete.

Ultimately, it’s just good to be aware of how cookies can function. If you’ve made it this far, I hope you feel like you have a better understanding of HTTP cookies. Happy baking!