Cookie

Not to be confused with the popular baked good, a web cookie is a small piece of data given to a web browser by a web server. The browser stores the data in a text file so it can be sent back to the server each time the browser requests a page from the server.

The name “cookie” was derived from UNIX objects called magic cookies. These are tokens that are attached to a user or program and change depending on the areas the user or program enters.

Cookies are also sometimes called Internet cookies, browser cookies, or HTTP cookies. They can be erased when a browser is closed, as in the case of session cookies, or they may be stored until a specified time, as in the case of persistent cookies.

Are cookies good or bad?

While the information contained in a cookie is not inherently good or bad, the potential for how that information is used is important for internet security. A cookie could store personally identifying information a user provides like name, home address, and phone number, or stateful information like preferred language, login credentials, and abandoned shopping cart items.

The benefit of accepting cookies comes in the form of an improved user experience; not only do cookies help web pages load more quickly, they can also tailor advertisements, create an effortless authentication process, and maintain site preferences for repeated visits. Sometimes this can create more work for users who want every experience visiting a site to be as if they were accessing it for the first time, but cookies are often unsung heroes of web browsing efficiency and personalization.

As with most internet security concerns, a major downside of the convenience that cookies offer is the vulnerability for cookie data to be tracked and used for malicious intentions. When the connection between a browser and server is targeted by an attacker, the cookies that are intercepted can be sold to third parties or “hijacked” and used to impersonate the user in other places of the Internet.

Cookies and GDPR

In addition to the security risks mentioned above, cookie use presents a number of concerns for internet privacy a somewhat related issue that was put under the spotlight in 2016 when the European Union (EU) passed the General Data Protection Regulation (GDPR).

This legislation addresses the policies and practices of data controllers and mandates that an individual’s data may only be collected under six circumstances: unambiguous consent from the individual, vital interest of the individual, legitimate interest of the controller, contractual necessity, public interest, or legal requirement. To that end, the GDPR also stipulates how much data can be collected, how the collected data can be stored, and how an individual can go about having their data erased.

What does this mean for cookies? Because cookies are some of the smallest, most ubiquitous pieces of personal data on the internet, GDPR compliance has major implications for a website’s cookie processing. The enforcement of GDPR standards has led most websites regardless of where their servers are based to institute overt, explicit cookie opt-in/opt-out practices as well as options for individuals to revoke cookie consent at any point. This means visitors to a website can dictate whether cookies are collected before they engage with a site’s content and have greater control over their data privacy.

Vangie Beal
Vangie Beal
Vangie Beal is a freelance business and technology writer covering Internet technologies and online business since the late '90s.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Virtual Private Network (VPN)

A virtual private network (VPN) encrypts a device's Internet access through a secure server. It is most frequently used for remote employees accessing a...

Gantt Chart

A Gantt chart is a type of bar chart that illustrates a project schedule and shows the dependency between tasks and the current schedule...

Input Sanitization

Input sanitization is a cybersecurity measure of checking, cleaning, and filtering data inputs from users, APIs, and web services of any unwanted characters and...

IT Asset Management Software

IT asset management software (ITAM software) is an application for organizing, recording, and tracking all of an organization s hardware and software assets throughout...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...