You’ve been mindlessly accepting cookies for this whole time, but now you’re asking yourself: “Wait, what does it mean? What am I accepting?”.
In this post, we explain what accepting cookies really means and why privacy laws stress the importance of consent so much.
So you might be wondering, what does accept cookies mean?
In general, when you “accept” cookies, you’re giving consent for the website to run cookie scripts and similar technologies. This isn’t always a bad thing as cookies can be quite useful for various things like playing videos, shopping cart software, showing personalized ads, analytics and more.
But before we get into the various purposes of cookies and the legal considerations, let’s first start with some definitions. Do you know what cookies are?
Cookies are scripts that websites install on your device, and they can be first-party or third-party.
👉 First-party cookies are those managed directly by the owner of a website or app;
👉 Third-party cookies are managed by third parties (for example, social media platforms or ad networks) and enable their services. Typically, third-parties install cookies when a site/app uses their services to incorporate images, social media plugins, or advertising.
Keep in mind that cookies can have different purposes.
Some of them give you a more enhanced experience of the website you’re visiting. For example, cookies can remember your username and password or the items you’ve added to your cart during online shopping. Others, instead, can track your online behavior to give you targeted advice or give website owners insight into their audience.
So basically, when you click on accept, you’re allowing websites to install cookie scripts on your device. These scripts are saved on your browser, and every time you go back to the same website, they’ll remember your preferences.
This article is a part of our series on cookies and cookie consent. Read also:
Now that you know what cookies are, you may be wondering: “Why don’t websites just run cookies without letting users know?”.
Well, that’s against the law.
For instance, in the EU, cookies are regulated by the ePrivacy Directive (also known as Cookie Law).
The Cookie Law requires that every website or app owner who uses cookies disclose it in a cookie policy and block them from running if users’ don’t consent. Even though it grants some exceptions to the consent requirement, users need to be informed that the website uses cookies through a cookie banner.
There still isn’t an all-encompassing privacy law in the US, but we can look at California as the state with the most comprehensive data privacy legislation. According to the California Privacy Rights Act (CPRA, CCPA amendment), websites owners can run cookies without consent (opt-in). Still, they must inform the users through a “Do Not Sell My Personal Information” notice. Users can opt-out (decline cookies) at any time.
It’s important to note that users have the right to withdraw their consent at any time, even though they consented to cookies in the first place.