Cookies, a guide to these often mysterious objects

Cookies, a guide to these often mysterious objects


More and more often we hear people talking about cookies, how to block them, how to use them… But what are they? Chocolate biscuits? Sweets?

Well, they are much less sweet and a bit more complicated than that!

The term cookie was first used back in 1994, by the computer programmer Lou Montulli. He named it after the term “Magic Cookie” which is a packet of data that programs exchange which in turn was coined from the “Fortune Cookie” – the real edible cookie carrying a secret message!

The reason behind the birth of cookies as we know them now was the need for Netscape Communications (the company Montulli was working for at the time) to store some transactions on users computers instead of on their servers. Montulli came up with the solution of a “virtual shopping cart” that would recognised returning users to Netscape’s website.

In 1995 Internet Explorer integrated cookies in its browser, but the public only became aware of the technology one year later, when the Financial Times wrote an article on the topic.

Nowadays cookies are widely used and collect a large amount of user’s data. In fact they are a small file of letters and numbers contained in an internet browser (Mozilla, Firefox, Chrome, Internet Explorer…) which are automatically downloaded to your computer, tablet or smartphone when you open a webpage. Once the cookie is downloaded onto your device, it collects information such as your preferences, what you click on and what actions you take on a webpage.

Among all the information cookies store, they also remember your login details for certain websites; this is how you can automatically login to a webpage you’ve already visited or how you can autofill information on a web-form.

There are different types of cookies: session, persistent and flash-based cookies – also known as “Local Shared Objects” (LSO).

Session cookies get deleted once you close the browser. These enable the website you’re visiting to track your actions on different pages and provide you with a smooth and quick experience without asking you twice for the same information, for example login details or items in you basket. They are based on the supposition that webpages themselves have no memory and therefore need some “help” to remember a user’s actions while on a specific website.

Without them you would have to re-enter all your information when moving from one page to another of a website and your online shopping experience would be almost impossible as the website wouldn’t be able to remember what you’ve put in your basket when you proceed to checkout.

Because they’re automatically deleted at the end of a “browsing session”, session cookies exist only within the browser and do not get downloaded onto your device.

Persistent cookies are very different from session cookies, in fact, as their name suggests, they stay in your browser’s subfolders and only get deleted if you do it manually or after their expiration date (every cookie has a different expiration date, which is assigned when the cookie is created).

Persistent cookies help websites to remember your information when you visit the website in the future (unlike session cookies, which only remember your information for the time you are actively on the website, and delete them once you leave it).

A persistent cookie will therefore remember your language preferences for a website, the theme you select, your favourites items or pages, in fact when you first visit a website this presents itself in default mode and starts changing based on you actions to better adapt to your preferences. For example, when you shop online and put some items in your “wish list/favourite list”, permanent cookies help the website remember these actions when you go back and visit the next day, week or month.

Unlike session and persistent cookies which are categorised as browser cookies, our third type of cookie, the flash-based cookie, is not stored on your browser – for this reason, flash-based cookies are much harder to find and delete.

These cookies are mostly used by financial websites and banks, being harder to find and delete they can help better authentication of the user and prevent fraudsters from accessing someone else’s account (a fraudster may have access to password and user login but not to the registered device), in this case flash-cookies are one more level of authentication.

In the UK, all rules concerning cookies are included in the Privacy and Electronic Communications Regulations, which came into force in 2003 and got revised in 2011 to reflect the changing and increasing use of cookies. The Regulation requests organisations to provide clear information about the use of cookies to their website users, giving them the choice to either allow or deny them.

Do Cookies compromise your privacy and security?

Cookies’ one and only purpose is collecting information, there is therefore major concern about safeguarding users’ privacy.

The data collected by Cookies has in recent years been widely used by marketers to create “users profiles” to better target website visitors with advertisements and information that could be of interest for them. This obviously creates privacy concerns inasmuch as these profiles (even though completely anonymous and only associated to a serial number) contain all kinds of information based on the websites you visit, what you like, what you click on. Your user profile can in fact store information such as political and religious affiliations, marital status, medical information and more.

Even though Cookies are a fundamental part of how the web works and necessary for the smooth running of websites they can, as mentioned before, track users’ web activity and collect data on their actions. Of course this detailed knowledge of users’ preferences and activities on the web creates concerns.

It is important to remember that cookies can only collect data you enter and the information that you share, it is therefore advisable to always think twice about what you share – if you want to keep something private the web is certainly the last place you should be putting it!

If you wish to control cookies on your browser, you can take one of the following actions:

  • Allow all cookies
  • Delete all cookies
  • Block all cookies
  • Only block third party cookies
  • Clear/delete the cookies when you close the browser
  • Use incognito windows (CTRL+SHIFT+N) these are private browsing windows that do not allow cookies.

Whether you decide to allow or block cookies, always remember: you don’t know who’s’ watching when you are on the web. Always be careful with what you share as, once it is on the internet, it will probably be there forever.