Should You Accept Cookies?

Whether you should accept cookies or not depends on the website you’re visiting. Digital cookies, also called HTTP cookies or browser cookies, are small text files that store information in the form of data. Most sites use cookies to identify who you are and improve your online experience.

E-commerce sites, in particular, need a way to understand their customers, what they purchase, and why. So the cookie was created to remember things like who you are and what you purchased. However, some cookies track a lot more than that, and you may want to keep some activities private.

We’ll help you decide when to accept cookies, opt out, or use ad and tracker blockers to prevent third-party cookies and trackers.

Should I accept cookies?

You should accept necessary cookies so that a web page functions properly. However, there are some times when you should decline cookies:

• Don’t accept cookies from unsecured websites. The web address for an unencrypted site starts with “http://” instead of “https://,” and you may see the lock icon in your browser’s URL bar change from locked to unlocked.
• Reject third-party cookies. Third-party cookies are a privacy concern because they collect your data and track you across the internet. For example, if you helped your friend search for a new apartment in Oregon and suddenly see ads popping up for Oregon rentals, this is thanks to third-party cookies tracking and sharing your data. Opting out of third-party cookies will not negatively affect your browsing experience unless you really want targeted advertising.
• Check cookies with your antivirus. Your antivirus software's browser protection may flag cookies as potentially malicious. Even though false positives are possible, it’s better to be safe than sorry and hit the "reject" button. 
• Opt out when sensitive info is at stake. If you're inputting personal info like your Social Security number or financial information, you don't want to run the risk of the website collecting that data.

When are cookies helpful?

Most cookies are perfectly safe. They’re intended to make your online experience more convenient, such as filling in your username when you revisit a site or remembering items in your digital shopping cart. For example, if you often visit the same websites for online shopping or browsing, accepting cookies helps personalize and optimize your experience. 

Session cookies and persistent cookies can also help your web experience in the following ways:

• Session cookies will keep you signed if you accidentally close your browser window.
• Persistent cookies remember your site preferences for a personalized experience.
• Cookies will also help provide localized content or recommendations based on your geolocation. Hotels, restaurants, car rental shops, and other services use cookies to show you information relevant to your location.

Cookies are also necessary for websites to function properly and can provide analytics to improve the user experience (e.g., page load speed). However, websites can use other cookies to track your online activities unless you explicitly opt out. 

What types of cookies are there?

Websites use different types of cookies like session cookies, persistent cookies, third-party cookies, and first-party cookies. Each of these captures relevant and, in some cases, personal information about you. But third-party cookies are the ones to watch out for.

Session cookies and persistent cookies

Session cookies are temporary, which means they disappear after you close your web browser. They’re used to remember any settings or selections you make on a website. For example, if you add items to your cart, a session cookie will remember those items and save them in the cart for you.

Persistent cookies, also called stored or permanent cookies, help websites remember your preferences and take care of authentication. But instead of disappearing when you close your browser, persistent cookies keep the information, such as bookmarks, login details, and language preferences, stored in a text file on your computer for up to two years. Persistent cookies are also used to track what pages or products you view on a site so that a profile can be created and the site can offer personalized suggestions.

First-party cookies and third-party cookies

First-party cookies tend to be less intrusive than third-party cookies. They’re created by each website you visit and should be safe as long as the website itself isn’t malicious.

Third-party cookies aren’t always looking out for your best interests. These specialized cookies are often used by web analytics and advertising companies — sometimes, they’re even created by a site you’re not actively browsing. These cookies track user behaviors, such as your history and data, to advertise product recommendations, such as options for better hotels or tours in the area.

Most ad blockers prevent your computer (or other device) from saving cookies from advertisements, which can help protect your information.

Do cookies collect personal information?

Cookies collect a variety of information about you, including:

• A unique user ID
• Your browsing history
• Site-specific settings and preferences
• Your hobbies and interests
• What links you’ve clicked
• How often you’ve visited a website
• How long you’ve spent browsing a website
• Your username and password
• Your geolocation and IP address
• Your phone number and physical address
• What products you’ve placed in your cart
• Items you’ve saved or bookmarked

The collection of all this data may seem like an infringement of your privacy, and it can be. But sometimes cookies collect this data to help you. This could include auto-filling your username and password when you return to a site, showing you offers available in your area, and remembering where to ship your next purchase.

Of course, marketers use cookies to know what sites you’re browsing, what types of content you prefer, and your general location too.

On top of that, cybercriminals can steal cookies and use them to gain access to your accounts. For example, a hacker could create a phishing email that lures you to an impostor site that looks just like sites you’ve already browsed. This method of phishing often starts with social engineering and cookie extraction.

Why do websites ask you to accept cookies?

If it feels like you’re bombarded with cookie notices every time you go online, you’re not alone. Most websites need to follow strict data privacy laws, such as the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Protection Act (CCPA). By asking you to opt-in to using cookies, the sites give you more control over your data and its collection and use.

This also means you can refuse to accept cookies. But you should be aware that some sites may not work correctly if you don’t accept cookies.

What does it mean when I accept cookies?

Each website you visit requires your consent to use cookies and track your session and web experience. Most of us quickly accept cookies to get rid of those irritating pop-up notifications.

By accepting the cookie, you’re granting the site permission to record your actions. These recordings could be used to improve your website experience and maybe even help the site improve by adding or removing features.

What happens if you don’t accept cookies?

Most web browsers allow you to turn off internet cookies, but if yours doesn't, you can reject them by clicking “reject” when prompted.

You won't get a personalized experience if you reject cookies. This means that the next time you visit that site, you’ll need to tell it where your nearest store is or what language you would prefer the website to be in. Some website tools, such as Google Analytics, also use cookies to provide feedback to the website owner on how users interact with the site. 

For the most part, cookies are optional. So if you feel unsafe about accepting cookies, no worry, you can still shop, browse, and post. You may just need to log in or enter your information every time.

FAQs

Bottom line

Accepting cookies can be valuable, but certain types of cookies can pose a cybersecurity risk. Remember, cookies contain your information, including what sites you browse, what products you click on, where you’re located, and even login information.

By not accepting cookies, you eliminate the chance a hacker could hijack your cookies and use the data inside to access sites while pretending to be you. There are times when accepting cookies is particularly risky, including:

• Accepting third-party cookies
• Accepting cookies your antivirus flagged as malicious
• Accepting cookies from unsecured sites

Ultimately, you have the choice. The security risk posed by cookies is real. However, cookies also help improve websites. You can also use software to prevent some cookies from following you around the web, including on your phone, with tools like the best ad blockers for Androids or iPhones.

If you’re still undecided about accepting cookies, you could simply disable cookies on your web browser and see how they affect your online experience.