What Do Cookies Do?

Overhead view of a person’s hands booting up a laptop, with a cup of coffee to the side.

When you visit a website, the site may leave some information on your device to remember you and your activity during the visit. Next time you visit the website, it may show the items you left in the online shopping cart, or help advertisers display personalized ads based on your preferences and activities. 

A cookie may not affect your device but may impede your privacy by creating a place card the website you visit uses to recognize you. The website can then provide a more personalized online experience. But there are changes coming — Google, in January of 2020, followed Apple’s steps to end third-party cookies, potentially changing the way you navigate the web.  What does this all mean for you?

What Are Cookies?

A cookie is a file that a website sends to your device’s browser. Your browser stores the cookie, which is basically a small amount of code, so the website can recognize you the next time you visit the site. The website and your device browser communicate back and forth, sharing information. Some of the information a website can get from a cookie includes logins to keep a user logged in for the next visit, game scores, and shopping cart information.

Are Cookies Safe? 

There are two types of cookies. The one mentioned so far is the first-party cookie that tracks your data when you visit a website to make your next experience easier or more customized. The cookie may create a profile about your web surfing habits and the device you use. It doesn’t transfer malware that can damage or corrupt your hard drive, nor does it affect the way your device or computer runs. It may cause some small privacy concerns, but first-party cookies help you pick up where you left off when you go back to the website. If you use your device to work remotely, you may wish to adjust cookie settings to avoid having personal browsing history get conflated with your work-related habits, but this is more of a personal preference than a security issue.

Then there’s the third-party cookie that Apple and Google have chosen to stop supporting. Websites using first-party cookies can only access the cookies they created, but third-party cookies can do cross-site tracking to identify what you watch, what you do, and where you go online. The third-party cookie is more invasive to your privacy because it will follow you around from one page to another (and report back to the advertiser) positioning ads everywhere you go.

Cookie Disguises

Some viruses and malware can be disguised as cookies. They’re often called supercookies or zombie cookies. Cookies are easy to get rid of — all you need to do is clear your browsing data and they’re gone. Or you can use an ad-blocker to avoid them in the first place. But supercookies don’t go away so easily. You can’t delete them from your browser because they’re not stored there. 

The most widely-known supercookie was created by the phone and internet service provider (ISP), Verizon. Verizon was tracking all the web surfing habits of its customers without notifying them or giving them the choice to opt-out. Supercookies such as Verizon’s can insert information that uniquely identifies any device into the HTTP header (website address) to track all the websites a user visits. Placing the supercookie in the header means it’s not really on the device or the server the user is connecting to, making it impossible to delete off your devices or to stop it using ad-blocking software.

Although stopping zombie cookies may be difficult, using software tools such as automated security monitoring can provide a layer of protection against a malware attack or a virus. Anything you can do to protect the integrity of your data before it’s compromised can help. Regularly backing up your data is also important in the event of a virus. You may need to factory reset your device to get rid of the damage. Having a backup makes it possible to restore your device to before it was infected, but it’s crucial your hard drive or data is in good condition before you run a backup. If your backup was damaged, you might need to send your device away to a hard drive recovery service.

How to Enable or Delete Cookies

While first-party cookies don’t cause serious harm, it’s always a good idea to safeguard your personal and business privacy, as well as that of your family’s. If you don’t have ad blockers and malware protection, you should install security software on your devices as a layer of protection. 

It’s advisable to occasionally clear the cookies from your browser to protect your privacy from third-party cookies. Doing so will remove all cookies and change the way you navigate and log in to your frequently-visited websites. A good workaround to minimize the inconvenience caused when the websites you visit most no longer recognize you were logged in, is by using a password manager app. The app will automatically recognize when you’re visiting a page it has a password stored for and will ask you if it should log you in.

Here is how to manage device cookies to adjust and protect your browsing privacy online: