Browser Cookies: Friend or Foe?

Emily Gann
The Startup
Published in
5 min readDec 5, 2019

Cookies — the tech-related variety — have been getting a bad rap lately. But they aren’t necessarily the demons that they’ve been portrayed to be.

As someone recently analogized to me, cookies are like having a door-to-door salesperson stop by your home, ask you some questions such as “What is your favorite color?” and “What’s your favorite food?” and writing your responses on a Post-It note and sticking that note on your front door. Then, other salespeople who stop by can read your responses and customize their products/ads to you.

Cookies encountered in browsers act similarly to that Post-It note. Companies and organizations use cookies to target and collect your preferences for product-placement and advertising purposes. They acquire your online preferences from studying your browser-based actions the sites you visit, searches you conduct, etc. On a technical level, cookies are merely key-value pairs stored within your internet browser. These are kept on file, so to speak, in the browser until the cookie expires.

Besides the cookies that are associated with browsing habits, the most common example of a cookie is the shopping cart feature on an e-commerce site.

Let’s say that you’ve found a book on Barnes and Noble’s website that you want to buy. You add the book to your cart and are then given a visual indicator that your cart now contains one item.

Perhaps you’re unsure whether you want to buy the book and decide to think about it for a while. You leave the Barnes and Noble site, thus abandoning your cart, and navigate to your favorite news website. After reading the news, you decide that you really do want that book after all. So, back to the Barnes and Noble site you go, fully prepared to search again for the book and add it to your cart.

Except that, when the page loads, you immediately notice the shopping cart icon because it shows that there’s an item in your cart already. After clicking the cart, you see that it is the book that you’d wanted. While it wouldn’t have been too laborious to search for and place the book into your cart again, it’s helpful that Barnes and Nobel remembered that you were interested in buying this book, enabling an even faster checkout.

So, how did the Barnes and Noble site know to keep that particular book inside the shopping cart? A cookie, of course! When you first visit the site, a request is sent to the Barnes and Noble website server. When it responds to your computer, it sets a cookie to capture your unique user information. As a result, things such as your cart contents are captured for the duration of your browsing session, which is the actual term used to describe this duration. In other words, as long as you keep your browser open and don’t close out of it, the cookie will remain active and remember your cart’s contents until the cookie’s set expiration date.

Below is a list of cookies identified from Barnes and Noble’s website. The green box highlights a single cookie’s information. Among the cookie’s details are the value assigned to the specific cookie, the domain to which it is attached, its specific path in the URL, and its expiration date.

List of cookies used on bn.com

I used an extension to access this list, but you can easily access the web page’s cookies list via the “Application” view in the developer tools.

Types of Cookies

Cookies are divided into two categories: “First-party cookies” and “third-party cookies”.

First-party cookies aim to provide a better user experience for users while they browse the web. They can store passwords and capture a user’s location and other details to enable easier and faster information retrieval.

Third-party cookies, on the other hand, are the ones responsible for giving cookies the bad press they have been receiving. They typically involve tracking the user as they browse. This tracking can manifest via “ad retargeting”, which is essentially tailoring ads to the user based on the sites visited by the user. Another popular third-party cookie function utilizes social media plug-ins, which in turn enable the social media site to follow you as you peruse the internet. Information obtained from these types of cookies include not only the sites you visit but also details such as your location, the type of device that you’re using to access the site, etc.

For companies using third-party cookies to track users’ behaviors and other information, it all boils down to making more money. So while you the user can not accept that cookies are used on a certain site, the company may not let you view their site in return.

On one hand, cookies can be viewed as very helpful when browsing and communicating on the internet. On the other hand, what a site does with the information it collects via cookies can perpetuate their negative reputation. At the end of the day, the least a user can do is to be informed about cookies and things to look for when surfing the internet.

References

https://www.theodinproject.com/courses/ruby-on-rails/lessons/sessions-cookies-and-authentication

https://www.allaboutcookies.org/

https://www.slicktext.com/blog/2019/08/what-are-cookies-on-the-internet/

--

--