Here’s a quick read.
Cookies are small text files websites set on your browser when you visit them. These files hold pieces of labeled data such as username and password.
Here’s an example of a cookie file.
When you close the website and revisit the site again, that site can read the cookie file it stored earlier and apply settings you set earlier.
Web browsers have an important security feature which prevents websites from reading cookies set by other websites. This means that a cookie set by instagram is not visible to youtube when you visit youtube. Youtube only sees the cookies it set.
Some common uses of cookies are,
- Save settings such as theme preferences.
- Save account login credentials.
- Analyze website usage behaviour.
- Track you across websites to target ads.
Last 2 points are important here. Websites do this by setting a cookie with
an identifier that can uniquely identify you. For example,
By reading this unique identifier, website knows that the user who liked a cooking
video yesterday is the same user who’s visiting the site now.
These small programs are called “pixels”, tracking pixels to be specific. They place cookies to identify users.
For example, think you visit
tutorialspoint.com and they used facebook pixel
to provide a facebook share button. Facebook pixel can’t see cookies set by
tutorialspoint.com but it can see the user identification cookie it set when
you visited facebook. So now facebook know you’ve visited
read a article about
Then facebook can serve you relavent ads.
I’m not a lawyer. I don’t know much, but I know about 3 regulations that affects usage of web cookies.
- General Data Protection Regulation (GDPR)
- ePrivacy Directive
- ePrivacy Regulation
That’s how annoying cookie pop-ups came in.
In this website you don’t see any cookie pop-ups. That’s because I don’t use any cookies. I don’t have any analytics or tracking here.
EU regulations did not solve the online tracking problem. It only littered web with annoying cookies. Thanking to those pop-ups, everyone now know something called web cookies exist.
P.S Websites don’t save passwords in cookies for authentication. They use something called authentication tokens.
Here are some useful references.