What Is a Cookie?
When you use your internet browser (such as Chrome, Firefox, or Safari) to view a webpage, you can be certain a cookie has been created.
A cookie is simply a small text file stored on your device's browser.
Cookies contain a tiny amount of information, most of the time just the URL of the website that created the cookie. All cookies come equipped with a unique string of characters called a cookie ID; websites are able to recognize the cookie ID and associate it with your browser.
What Do Cookies Do?
Cookies give websites the ability to recognize and remember your browser when you return to their site, or click through their pages.
Cookies are generally used to accomplish three things: improve user experience, understand user behavior, and improve advertising efforts.
1) Improve User Experience
The primary reason websites create cookies is to improve the visitor's experience, for both the current site session as well as any future interactions. Frankly, cookies make life online a whole lot easier by completing the following:
- Storing login credentials and passwords
- Accessing secure areas of a website
- Storing other previously entered information such as your name, email, site searches, shopping cart items, credit/debit card number, etc.
- Resuming where a past session left off (good for a long form, lengthy application, or checkout process)
- Remembering custom site settings or preferences, such as preferred language
- Providing customized or smart content
2) Understand User Behavior
Cookies don't only benefit the site visitor, the information they provide can also be very valuable to the site administrator. Those managing a website are able to use information obtained by cookies to gather valuable user data insights, such as tracking the number of unique visitors their website receives. These metrics are key performance indicators (KPIs) when evaluating a website's success.
3) Advertising/Marketing Purposes
Should I Accept Cookies?
The short answer, yes. Cookies create a much more delightful experience for you as you browse the wild and wonderful worldwide web-- not to mention some cookies are essential for websites to function properly and securely.
Some websites will give you access to manage your cookie preferences, granting you the power to choose which specific types cookies you'd like to allow or deny. Cookies can generally be grouped into three categories: session cookies, persistent cookies, and third-party cookies.
Types of Cookies
Session Cookies: Track user data only through the user's session, and expire when the browser is closed.
Persistent Cookies: Store information until they are deleted or expired. Persistent cookies can last anywhere from 30 minutes to 2 years, and are the most common type of cookie used.
Third-Party Cookies: Any cookies set by a website other than the website you're currently viewing. These are typical for user-tracking, data collection, and advertising purposes.
Why the Sudden Cookie Consent Craze?
In the United States, there has been a recent focus on online privacy laws as well as the responsible collection and storage of personal data. This is due to the slew of data breaches and identity thefts becoming almost commonplace within the last few years. A notable example is Facebook's 2018 data breach, where an attack on Facebook's computer network had exposed the personal information of nearly 50 million users. 2019 has been no different, as we've already seen multiple data breaches affecting even the largest companies around the world, including US banking giant, Capital One.
Yet surprisingly enough for US-based companies, it has been the European Union's battle cry for personal data reform and breakthrough data legislation that has fueled the recent cookie consent craze.
The EU's GDPR & ePrivacy Directive
However, you may not have heard about the EU's ePrivacy Directive, scheduled to go into effect early 2019, which some have coincidentally dubbed the 'cookie-law'.
While the General Data Protection Regulation (GDPR) requires you to document each instance of consent to store and process data, the ePrivacy Directive requires consent of your website users prior to the storing and processing of data.
For now, only websites owned in the EU or targeted towards EU citizens are expected to comply with these laws (and penalties for non-compliance can be expensive).
Nonetheless, it is still highly recommended that US-based website administrators proactively comply with EU regulations. Similar personal data and privacy laws are bound to be implemented in the US soon, and most importantly, we all must do our part to ensure responsible business practices when it comes to the storing and processing of personal data.