This series on internet cookies is for people who seek clarification about them. Why they exist, where they came from, what they are used for, the different types of cookies and how cookies relate to the EU GDPR (European Union General Data Protection Regulation).
In part 1 of this seriest on internet cookies we will explore the history of internet cookies.
In Part 2 we will look at the types of cookies and similar technologies.
In Part 3 we will look at the legal side of internet cookies i.e. the so-called “Cookie-Law”.
In part 4 we will share the process of deleting cookies.
Internet Cookies: Types of cookies (Part 2 of 4)
Cookies can be divided into two major groups: session cookies and persistent cookies.
Session (aka transient) cookies are deleted when you close your browser. They do not collect personal identifiable information. The most common example of a session cookie is a shopping cart. You can jump from page to page on a website and it will remember what you put into the shopping cart.
A persistent (aka permanent) cookie is one that will commonly expire after about one or two years or until you delete them. I have found cookies that are set to expire after 20 years.
They are used to remember your login details, menu preferences, the theme you select, language preferences, the contrast of a website and more.
Apart from session and persistent cookies, cookies can also be categorised in the following ways:
First party & third party cookies:
First party cookies are stored in your browser by the website you visit. Third party cookies are set by a different website or company. If you visit www.example.com and www.elpmaxe.com sets a cookie on your browser, then the cookie from www.elpmaxe.com is a third party cookie. Third party cookies are generally marketing or analytics cookies.
Marketing, Advertising, Targeting or Profiling cookies make a profile about your browsing habits. They collect information such as your gender, political and religious orientations or affiliations, marital status, age and personal interests.
If you visit an online shoe shop, you will often find yourself seeing adverts for shoes on other websites. This is the work of a marketing cookie. They also try and prevent you from seeing too many of the same adverts and can measure what the conversion rate is (how often an advert is clicked on, or how often a sale was made because of that ad).
Strictly necessary cookies or just necessary cookies are required for the website to function properly. A website does not have to ask you for your consent to set these cookies. It is assumed that by visiting the website you accept these cookies to be able to use their service.
An example: a cookie is used to remember if you have accepted all, some, or none of the cookies a website wants to store in your browser. If you accept a website’s statistics cookie but not their marketing cookie, then this information will be saved in a cookie, a strictly necessary cookie.
These cookies help improve the website. They can record which pages people visit most often, they can record an error message on a website and send this information back to the website owner to be fixed. Performance cookies are not programmed to collect personal information or to create a profile of a person.
This type of cookie is as the name suggests, it remembers your preferences. They include selecting your favourite sports team so that you see their news first, your clothing size on your favourite online clothing store or your preferred language.
These cookies are used to authenticate a person. These cookies make sure that when you log into a website, the website knows that it is you, without having to sign in again. A cookie can also be used to automatically log you out of your account if you are inactive on a website for a certain period (there are also other ways of doing this).
Statistics or Analytics cookies generally don’t collect personal information. They will record how much time is spent on a website, on a webpage, which links are clicked on and so on. The data is aggregated and is normally anonymised, so it is generally not considered personal data. Google Analytics or Crazy Egg are examples of such cookies.
Cookies also exist for mobile devices (cell phone or tablet) but it is much harder for the cookie to track your internet habits on a mobile device. When you use a PC/Mac you normally use one browser and cookies can record your behaviour. On a cell phone or tablet, this is harder for cookies to do this, because apps are more common, and cookies do not communicate from app to app (unless maybe they are from the same company or there is a partnership). Cookies exist for mobile devices, but they are not as powerful or useful for the business setting them as they are on a PC/Mac.
There are other types of cookies not mentioned here, but the above mentioned are the more common among the cookie types used today.
What happens when you deactivate or opt-out of cookies?
In most cases the cookie is not deleted. There is a so-called “script” that prevents the cookie from sending information back to the website that set the cookie. The cookie essentially becomes inert or inactive. If you want to delete the cookies saved in your browser then you have to manually do this in your browser.
Similar technologies i.e. Web Beacons, LSO (Local Shared Objects) and HTML5 Local Storage.
HTML5 Local Storage: HTML5 is relatively new (since 2014) and thus, this specific feature is also new. This allows pieces of information to be stored in a browser beyond the browsing session i.e. they are still there when the browser is re-opened again. Cookies can and often do have this power. HTML5 Local Storage (LS) stores information, but it does not send information back to the website (or web server if we are being technically correct), cookies do. You can however explicitly send HTML5 LS to the website (web server). For lack of a better way of explaining it: you copy it out of local storage and append it to an AJAX request. HTML5 LS can only be read by the domain (www.example.com is a domain) that set the data (For more info).
Web Beacons: a web beacon, web tag, clear GIF, tracking bug, tracking pixel, pixel tag, pixel, is a piece of code that is inside a pixel (it really is a tiny clear picture). This pixel is part of an email, an advert or a website page. It can tell the person sending the email if you opened the email, it can collect statistics on how many people have visited the webpage and what was clicked on etc. This technology (web beacons) is primarily used for marketing. They make sure that if you see adverts for things that you have recently been looking at online. Web beacons cannot be turned off like how you can turn off like cookies. If you change your browser settings so that you do not accept any cookies, then web beacons will also be turned off.
Adobe Technologies similar to cookies:
Embedded Scripts: The embedded scripts that Adobe use tell them what a person clicks i.e. which links. In general, how a person uses the website.
LSO (Local Shared Objects) or “Flash cookie” have a very similar functionality to normal cookies, they are just used for websites that use adobe Flash. If you have ever had to activate the “Flash Player” to watch a video, stream music or play a flash game then you are accepting a flash cookie (or a Local Shared Object).
In a nutshell it is the same as a cookie by uses different software provider. The technologies mentioned here are the more common ones used on the internet but there are technologies not mentioned here used for similar purposes.
Disclaimer: The views shared in this blog post are solely those of the author. The author is not a lawyer, and thus, this inforamtion is not legal advice. If you need legal advice on this topic, then please contact a lawyer in the country in which you reside, or do business in.