What Are Cookies And Should I Keep Them Or Not?
In this blog post, I explore the concept of online cookies, their functions, and their implications for privacy. I explain the difference between first-party and third-party cookies, noting how the latter can track users across sites.
This includes how cookies enhance convenience, but they can pose privacy risks when used to store sensitive information like passwords (yeah, please don't do that).
This post also highlights laws like GDPR and CCPA, which require transparency and user consent for cookie usage. Finally, I encourage users to be mindful of accepting cookies and to customize browser settings for better privacy control using a browser extension such as Consent-O-Matic.
Paid subscribers have access to an AI-generated audio overview of a more detailed version of this blog post. Please support my work for $5 per month!
15% discount (one-time) for Patreon supporters!
If you support me on Patreon, you'll get 15% (one-time) off my drop-off or Remote Support services.
Click Image To View Larger Version
As they are known, cookies are small plain-text files that websites use to collect specific details about you and your computer to track when you visit those websites and conveniently fill in login forms. Mostly, they are harmless and integral to how the web works when used responsibly.
However, in the years since the internet became widely used, websites are now using them to track your activity across the web. Thus, they have become more intrusive when used to store sensitive data.
Click Image To View Larger Version
When you scan with any anti-malware program, they’ll often flag cookies as bad, partly because they’re taking up space on your hard drive or solid-state drive, when the amount of space they take up is utterly insignificant.
Many follow their program's recommendation to remove the cookies, which only leads to responding to annoying, repeated acceptance banners on various websites, ultimately forfeiting the convenience those cookies might have created.
They might seem bad, but they're often just tracking cookies that don't store anything you need to worry about. They're not viruses or malware, or any other type of infection.
These programs often just want to show you SOMETHING to somehow prove they work.
Click Image To View Larger Version
Cookies honestly aren’t worth worrying about, but you should NEVER use them to store your login credentials because, as I mentioned, they are plain text.
Plain-text files are NOT encrypted or secure in ANY way. If your computer is infected with a virus or malware, it can quickly scan those cookie files and grab that data.
Click Image To View Larger Version
Instead, store login credentials using a secure Password Manager like 1Password or Bit Warden. They do a much better job and keep your login information in your secure cloud account on those services so that data won’t be removed when you clear up “junk” files on your PC. These password managers will never forget your login information and securely fill it in for you.
Cookie banners are so omnipresent on websites these days, though some browser plug-ins hide them. They serve no purpose, but the fact you clicked "I accept" or "okay" to dismiss them is, ironically, stored in a Cookie.
Many websites require the ability to use cookies on your computer for various reasons in the fundamental way websites work, as well as helping count ad impressions, among other non-intrusive and harmless information. This allows the website you enjoy to sustain itself and continue operating.
Click Image To View Larger Version
Of course, not all websites are as responsible, but that’s where adblockers come in, which also block the kinds of website tracking we don't want.
Certain websites will allow you to allow certain kinds of cookies, but not others.
For example, if you go to the Bloomberg website, they provide detailed opt-in options and descriptions for their cookies, as shown above. This isn't specific to Bloomberg, but they're undoubtedly transparent.
“Some of our partners process your personal information, including your IP address, hashed versions of your name, email, or phone number, and other digital identifiers based on legitimate interest for each purpose below. You can object to processing your personal information by exercising the choice below. Your choices will only apply to this digital property.”
These include personalized content, personalized ads, basic ads (not personalized), measuring ad performance, and content performance. None of these are harmful and make your browsing experience better. More importantly, none of these are infections and should not be flagged by anti-malware programs, yet they are.
You could go through the list of cookies and specifically delete the ones you don't want, but that's a pain, and few are likely to do this, myself included.
You might have an issue if information such as your IP address, name, email address, or phone number were being tracked.
Your IP address is necessary to surf the internet and can be used to determine your location, but not if you use a secure DNS service like NextDNS or a VPN service like ExpressVPN.
As for your email address, please be very intentional about whom you give it to, and make sure your email service has good spam filtering (like Gmail).
For your phone number, unless you're going to use it for two-factor authentication, it's OK to give them a fake number. I use 403-555-5555.
I don't mind personalized ads, which cookies allow for. I'd rather have ads for things I care about or might want to buy, though I'm unlikely to buy through an ad.
In short, leave the cookies alone and use a password manager to log into websites. Apply ad blockers where needed.
15% discount (one-time) for Patreon supporters!
If you support me on Patreon, you'll get 15% (one-time) off my drop-off or Remote Support services.
Thank you so much for reading and purchasing access to this premium blog post! You can keep up to date with my latest free posts on KevinTheTechGuy.ca, on Patreon, on BlueSky, via the RSS feed, and on Mastodon. Your support makes my work possible.