Online Cookies; the 21 Century Trojan Horse, Beware!
Introduction
In the wake of the Covid-19 pandemic which has facilitated greater online activities and the rise
of big data corporations, tech companies, start-ups, the internet of things, the internet of bodies,
and web 3 (metaverse) development, data, particularly personal data, now constitutes the
significant assets of many of these establishments. Sometimes, this information is obtained
lawfully; other times, they’re mined or harvested from individuals who interface with their
product. Against this backdrop, this post will consider how and why cookies are used by
organizations to process personal data. The privacy concerns associated with its use and how
individuals can ensure their online privacy.
What are Cookies?
Cookies are not baked biscuits. At least, not in this sense. Online cookies are small bits of text
kept on a web browser to collect user data and enable user-specific features such as
personalization and tracking. In other words, they are simple text files created by websites and
dropped on your computer in other to identify your computer when you visit websites. Cookies,
once allowed, aid websites in storing data regarding your activity so that you can get a more
personalized experience. For instance, if you enroll in an online course, cookies help the
platform remember you and store your latest progress, so you can continue from where you
stopped. Therefore, cookies are essential in improving user online experience, however, they
chip away at online privacy. Also, cookies can not infect computers with viruses or other
malware. However, some cyberattacks can hijack cookies and enable access to your browsing
sessions.1
What are other ways cookies can be used?
The example in the previous paragraph portrays one-way cookies are used; session
management. Cookies are used to save online sessions, so you don’t need to start all over
again when you return. Cookies are also used for tracking and online personalization. Online
personalization is achieved by tracking website users’ online activities to ascertain their
preferences and ultimately send them well-tailored adverts.
Yes, you read correctly; tracking. Cookies can also be deployed as online trackers that follow
you around the internet, monitoring your online activities and sometimes profiling you. Based on
the vulnerabilities that the use of cookies brings, the ePrivacy Directive of the EU has provided
that the use of cookies on websites must be conditioned upon the prior consent of users. That
is, users must first be given clear and comprehensive information about the purposes of
processing data (as well as information about storage, retention and access) to be able to give
their consent, and they must also be provided with an easy way to refuse.2 This information is
given through a cookie policy displayed on a cookie banner that is visible on the website and
easily accessible. For example,
Types of Cookies
There are five major types of cookies. First-party cookies, third-party cookies, persistent cookies, secure cookies and zombie cookies. This post will briefly explain just the first two.
First-party cookies are placed by the site visited to improve the user experience and browsing efficiency by tracking items such as; preferences, shopping cart items, or identification information. Third-party cookies, on the other hand, are placed by sites other than the ones visited. E.g. partnering analytics or advertising companies of the host company site. So, if you visit a site with 6 ads, these ad companies may drop 6 cookies on users, even if users never click on those ads. Third-party cookies let advertisers or analytics companies track a user’s browsing history across the web on any sites that contain their ads. This type of cookies are, therefore, more intrusive.
How to Protect Yourself Against Cookies
Cookies are not harmful in and of themselves. Just like the Greek Trojan horse was a great gift, but was also used as a tactic to defeat the people of Troy, cookies, while carrying out legitimate functions, can expose users’ privacy which may have dire consequences. Hence, the need to protect one’s self from its excesses.
- The easiest way to protect against cookies is not to accept any in the first place and delete cookies stored in the browser cache. The disadvantage is that it may reduce the website’s features necessary to ensure optimal functioning.
- read the cookie policy of every website and app you use and accept only what is necessary. Most websites have various classes of cookies, strictly necessary, functional, analytical and marketing cookies. We recommend selecting just strictly necessary cookies.
- File reports against companies that violate relevant privacy laws, notably the ePrivacy Directive.
In conclusion, while cookies enhance users’ online experience and optimizes website efficiency, they can quickly become a trojan horse. Therefore, users beware.
[1] Kaspersky, Cookies <https://www.kaspersky.com/resource-center/definitions/cookies> accessed 17 September 2022[1] Cookiebots;The EU cookie law, in Short (21 December, 2021<https://www.cookiebot.com/en/cookie-law/#:~:text=The%20EU%20cookie%20law%20(ePrivacy%20Directive)%20states%20that%20the%20use,be%20able%20to%20give%20their> accessed on 18 September 2022.