Cookies are little text files that a website places on a user’s browser when they visit the site. Many cookies, particularly marketing and analytics cookies, track user data. These take the name of tracking cookies.
Understanding tracking cookies is essential both for your online privacy and for compliance with privacy laws. In this article, we explain all you need to know about tracking cookies and how they work.
Tracking cookies are little text files that a website places on a user’s browser when they visit the site and track the user’s behavior.
In general, cookies collect information. The type of information collected includes internet habits, prior visits, search history, and so on. With this gathered information, cookies allow websites to remember users and their preferences, allowing sites to customize page content to the user.
Tracking scripts are used for a variety of reasons, such as:
The data tracked by cookies includes:
A cookie usually comprises of two pieces of information:
When a user visits a website, the server sends a cookie to the user’s browser. The browser stores the cookie on the
user’s device, either temporarily (session cookies) or for a longer period (persistent cookies). Tracking cookies are usually persistent cookies because they collect data over a longer period.
Each time the user visits the same website or a partner site, the browser sends the stored cookie back to the server. Thanks to the unique ID, the server can recognize the user and retrieve their stored data, such as pages visited, time spent on the site, interactions and more.
Tracking cookies are often third-party cookies placed by domains other than the one the user is visiting. These third-party cookies can create a profile for each user, to give them a customized online experience or show personalized ads. For example, an e-commerce website can recommend products similar to the ones you’ve already bought or saved in your cart.
Even though tracking scripts aren’t necessarily dangerous, they are often a cause of privacy concerns. In fact, the creation of a user profile can feel quite invasive of one’s privacy, as well as the sharing of data with third parties. Moreover, since the data is shared with third parties, you don’t always know how securely the data is stored and handled.
That’s why online privacy laws were amended to regulate the use of tracking cookies, to make the process more transparent for the users. Let’s take a look at some of the requirements:
In the EU, cookies are regulated by the ePrivacy Directive, also called Cookie Law.
The Cookie Law requires you to inform users of your use of cookies and obtain their consent before doing so. In practice, you’ll need to show a cookie banner on the user’s first visit, implement a cookie policy that provides further details about your use of cookies, block non-technical cookie scripts before consent, and indicate clearly to the site visitor which action signifies consent. Users can either accept or reject consent to cookies.
The General Data Protection Regulation (GDPR) complements the Cookie Law, requiring you to store proof of consent to cookies for every one of your users.
California’s law takes an opt-out approach, meaning that cookies can be placed without user consent, but users must be able to opt out of the sale and sharing of their personal information. This is usually done through a “Do Not Sell My Personal Information” link.
Brazil’s Lei Geral de Proteção de Dados Pessoais mirrors the EU’s GDPR in many ways. For example, the LGPD also requires consent to be “free, informed and unambiguous.” In addition, the Brazilian DPA has published its guidelines on cookies, which mention consent as a necessary condition for the installation of tracking cookies.
If you’re wondering whether you have cookies installed on your computer or browser, the answer is most likely yes. This is because almost every website today uses cookies for basic functionalities, such as remembering your username and password or your preferred language.
However, if you want to find what tracking scripts are on your computer, here’s how to do that in some popular browsers:
Many browsers have started blocking third-party cookies as a default setting.
For example, in June 2022, Mozilla Firefox introduced Total Cookie Protection and made it the default for all Firefox users. With this protection, tracking tools cannot “follow” the user from site to site, but are limited to recording behavior on a single website.
Safari also blocked third-party cookies by default in early 2020 with a feature called Intelligent Tracking Prevention (ITP), which limits access to user information.
However, you can also remove or block cookies manually from your browser’s settings. Here’s how:
When you delete all cookies, you also delete the data you had previously saved in your browser, such as login information and passwords. In this case, you may need to log in again and reconfigure settings on frequently visited sites.
Tracking cookies are used to collect data on a user’s browsing habits, preferences, and behavior. This information is often used for personalized advertising, analytics, and enhancing the user experience on a website.
Tracking cookies themselves are not illegal. However, their use is regulated under privacy laws such as the GDPR in the EU and CCPA in California. These laws require websites to obtain user consent before placing tracking cookies, to give them an easy way to opt-out, and to provide clear information about their use.
You can stop tracking cookies by adjusting your web browser settings to block third-party cookies, using privacy-focused browser extensions, or enabling Do Not Track (DNT) settings (in Google Chrome, Mozilla Firefox or Microsoft Edge). Regularly clearing your cookies and using private browsing modes can also help minimize tracking.
Many websites use tracking cookies for advertising, analytics, and personalization purposes. They are often placed by third-party advertisers and analytics services that partner with the websites you visit. Because these services are very popular, there are a large number of tracking cookies.
Yes, it is generally safe to remove tracking cookies. However, removing all cookies might log you out of websites and reset your site preferences, so you may need to log in again and reconfigure settings on frequently visited sites.
Think of cookies as the memory for your online activity. The websites you visit can remember your passwords, addresses, and invoice details, so you don’t have to enter all this information every time you visit or buy something from them. Tracking cookies are what makes the experience of a website more tailored to what you like.
Remember: if you have a website, you can’t just install cookies on users’ devices without their consent. You need to show a compliant cookie banner and respect their choice if they reject consent to cookies, or you’re exposing yourself to legal liabilities.
Our Privacy Controls and Cookie Solution is the solution to manage all aspects of cookie consent: create a cookie banner, add your cookie policy and store a proof of consent for every user.
Moreover, our solution was designed to perfectly balance your business needs with the rights of your users. So you’ll be on the right side of the law, without losing your ad revenue.
