What are Cookies, What Do They Do, & Why Are They Needed?
A cookie is a tool that can give organizations helpful insight into their users’ activity on their site and help provide the best user experience. Typically stored in text files, cookies are just pieces of data websites place these pieces of data on users’ computers to store a variety of information that is specific to the device they are accessing the site from, such as the browser or mobile phone.
Web pages have no memory and cannot easily send information between each other because they are ‘stateless.’ This is where cookies come in, acting as a memory for the web pages. Cookies allow you to stay logged into a page while moving around to different pages. They enhance user-experiences by allowing you to set preferences for the display of a page, which will be remembered the next time you visit the page. Cookies can also be used to keep track of the pages you visit between sites. Advertisers use this as a means of understanding your interests and tailor their ads to you. This is called ‘behavioral advertising.’
Cookies are used so widely now that almost all websites use them in one way or another, so for every page that you visit, the site writes cookies on your computer and receives them back as well. Without cookies, you wouldn’t get the same experience that users are so used to with modern sites, including rich interactive functionality and significant levels of personalization.
Cookies have such a wide range of uses that naturally, the benefits are diverse, with some benefitting the user or the site owner, but sometimes they benefit someone else entirely – potentially a third-party business or organization that you’ve never come into contact with! This is why it is so important that websites maintain transparency with their cookie uses.
For more information on how OneTrust can help with cookie compliance, check out the OneTrust Pro Cookie Consent Tool.
Cookies Come in Different Flavors
Cookies come in a wide range of varieties, and we’re not talking chocolate chip here! They are classified based on different criteria, including their purpose, the source, and the duration of their activity. Let’s take a look at what different cookies can offer:
Source-Based Cookies: What are First and Third-Party Cookies?
First-party cookies are set by the website host, as they are only set or retrieved by the website while you are visiting it, so they cannot normally be used to track activity or pass data from one site to another. Typically, these are the cookies used to maintain login sessions and user preferences.
Third-party cookies, on the other hand, are placed on the user’s device by someone other than the website host, for example, an advertiser. You can spot a third-party cookie if the host domain name for the cookie is different than that of the website you’re visiting. Advertisers commonly use third-party cookies, but you will also frequently see them used to add functionality like sharing a page to a social media network.
Duration Based Cookies: What are Session and Persistent Cookies?
Session cookies, as the name implies, are only stored temporarily in the browser’s memory and are destroyed when it is closed. If you’re required to login to a site every time you open your browser and navigate to the site, then it uses a session cookie. Session cookies are typically used for essential site functions.
Persistent cookies will be saved on your computer even when you close it down. They are created with an expiry date, so when that date is reached, your computer will destroy the cookie. If you login to a website, then shut down your computer, start it up again, and go back to the website and are still logged in, then it is using a persistent cookie.
Web analytics typically rely on persistent cookies to understand user behavior and report back on what people do and don’t like about a site. Analytics cookies are probably the most common form of persistent cookies in use today.
What are Purpose Based Cookies?
Strictly necessary cookies are those that are essential for using a website. An example would be the cookies that enable you to hold items in a ‘cart’ while shopping online. Typically, these are first-party session cookies, so they are set by the website host and only remain in place while you are on the site. Consent is not required for these cookies, but it is good practice to explain their use to the user.
Preference or functionality cookies enable a website to remember your past preferences. This could include your favored language, location, or login details.
Marketing cookies, on the other hand, use your online activity to assist advertisers in presenting more relevant ads. These are typically persistent, third-party cookies.
Statistics cookies collect information about how you use a website, including areas you visited and links you clicked. The purpose of this information is to improve website functionality, so the information is aggregated and, therefore, anonymized.
What are other flavors of Cookies?
Other types of cookies include secure cookies and HTTPOnly cookies. Secure cookies are solely transmitted via HTTPS, typically found in the checkout pages of online shopping sites. This ensures that any data in the cookie will be encrypted as it passes between the website and the browser.
To find out more about cookies, make sure to visit OneTrust’s Cookiepedia.
What a Smart Cookie: Cookie Benefits
The main benefit of cookies is that they allow a greater degree of personalization than would ever be possible without them. Cookies keep track of a user’s behavior on a site and use that information to build an even better experience next time. The more that you use a website, the more it gets to know your interests, just like having a conversation, so the site can offer a more personal experience.
Cookies have become so deeply ingrained in users’ web surfing experience that we now come to expect this increased level of personalization. But with this comes a degree of responsibility, website owners owe it to their users to be transparent and clear about which cookies they use and what they do, but also to maintain users’ autonomy, allowing them the appropriate choices over which cookies are used. Stay tuned for the next installment, looking at the requirements for compliant cookie consent.