Privacy Issues for Computer Cookies

Cookies themselves are harmless. Privacy concerns come into play with how they are used.
We receive compensation from the products and services mentioned in this story, but the opinions are the author's own. Compensation may impact where offers appear. We have not included all available products or offers. Learn more about how we make money and our editorial policies.

Cookies are simple, uncompiled text files that help coordinate the remote website servers and your browser to display the full range of features offered by most contemporary websites. These features include hassle-free automatic logins and authentication, shopping cart functionalities, third-party ad serving, ad management, preference settings, and language settings. 

As cookie technology evolves along with website publishing and advertising technology, privacy issues are sure to arise time and again.

We'll dig into the privacy concerns behind cookies as well as how you can protect your online data with help from the best ad blockers and other tools.

Best Basic Adblocker — Including YouTube Video Ads
4.9
Editorial Rating
Learn More
On Total Adblock's website
Ad Blocker
Total Adblock
CYBER WEEK: Up to 80% off
  • Instantly blocks distracting ads on millions of websites, including Facebook and YouTube ads
  • Blocks third-party trackers to protect your privacy and information
  • Improves page load times and enables faster browsing

In this article
Cookies and privacy issues
What to know about opt-out cookies
How to preserve your online privacy
Bottom line

Cookies and privacy issues

Cookies can provide lots of quality-of-life improvements on websites — including the removal of login requirements if you revisit a page. But while these improvements are nice, you should still be cautious and informed when it comes to cookies and how they collect your data.

Cookies store personal information and track your behavior

While cookies by themselves cannot dig or research your information or search your computer, they do store personal information in at least two ways — form information and ad tracking. This personal information is not generated by the cookies themselves but by your own input into websites' order forms, registration pages, payment pages, and other online forms. 

Often used for e-commerce, this information is often encoded and protected from hacking by the remote server through limited interaction via security features like secure sockets layers (SSL) certified pages and similar network security schemes.

Cookie-based ad tracking has evolved through the years. From simple operations like counting ad impressions, limiting popups, and preserving ad sequences, third-party ad-serving cookies have evolved to user profiling/website preference tracking.

Ad tracking has attracted a lot of controversy among online consumer privacy groups and other concerned parties. Many of the largest websites online use large-scale third-party ad-serving networks that cover many sites. One of the largest is Google's Adsense/Adwords ad-serving network. 

User profiling is used for ad personalization

Google's ad-serving platform embodies many of the technological innovations used by other ad-serving companies — it uses a user profiling system that tracks and models a particular user's browsing and ad-clicking habits. Google has long provided contextual advertising, which means ads are triggered by the words on a page. 

Google's ad-serving system has added another layer to this technology — user preference modeling/tracking.

Simply put, when a user visits particular websites or reads particular content, Google tries to serve ads to that user that match their content browsing preferences. The preferences are not consciously or explicitly set by the user but modeled after the user's browsing history, page viewing, and ad-clicking history. 

For example, if you read some web articles about dog training and move to another Google ad-powered page that might not be related to dog training, you might still see dog training ads on that new page. You certainly don't get notice or notification that your actions online are being tracked for ad-serving purposes.

As observed by some online consumer privacy groups, this ubiquitous tracking and ad personalization increases the effectiveness of ads. However, these groups also caution that such increased ad effectiveness must be weighed against the impact on user privacy and the fact that there is no obvious consent given for such tracking. 

Given the rapid evolution of cookie-based ad-serving and behavior-tracking technology, consumer privacy activists are urging a reconsideration of the default standards for cookies. The rise and fall of flash cookies intensified the privacy debate.

What to know about opt-out cookies

For much of the history of the internet and cookie-enabled websites, most websites used cookies and dealt with user information on a purely opt-out basis. By default, websites are free to load their cookies onto your computer. If you don't like it, you can always search for the cookie files and delete them or set your browser to prompt you when a cookie is created. 

Moreover, there are websites like the Network Advertising Initiative that offer an opt-out tool for online ads.

Here are the main pros and cons:

Pros
  • Smooth navigation
  • Convenience
Cons
  • Intrusive capabilities
  • Follows you from site to site

Online consumer privacy groups pushed for a new default standard for cookies: opt-out cookies

Under an opt-out scheme, consumers are notified via an alert or window when they load a website. The user must consent to the notice before they can navigate the site and any cookies are created. 

You may have seen these notices when browsing online recently — the notifications typically ask you to accept or deny cookies in order to continue browsing the site.

At a minimum, the notice is to contain the following: disclosure of information-gathering practices, the uses for the information, and policies for processing and disposing of the data. 

Additionally, the user should be given:

1.  The right to know if the information being gathered contains any personally identifying information

2. The right to get a copy of the data collected at an affordable price and in a form that the consumer can readily understand.

3. The right to request a correction of the data.

4. The right to have all data on the user's behavior/browsing pattern within the website destroyed.

What about opt-in cookies?

Consumer privacy protection activists argue that given the huge evolution of websites like Facebook, which pose extensive security concerns as well as the evolution of “hidden” cookie technology as exemplified by flash cookies, an opt-in approach is the only effective way to safeguard user information.

Not so fast, says third-party ad servers, arguing that an opt-in approach is unworkable because consumers don't know enough about a website to opt in when they first arrive. 

It is, arguably, unrealistic to expect that the user can come up with an informed decision to opt in. It's arguably much better to create the user-tracking cookie when the user arrives at the site so they can get a fuller understanding of the site's offerings and let them opt out at a later time if they wish. Now, at this point in time, it is argued, they would have enough information as to which features to opt out from.

It can also be argued that an opt-in system forces marketers and websites to ask for more information than they would normally ask for since they have to compensate for the higher cost of each user. 

Since more users are turned away by the opt-in system, the cost per user increases and this forces website owners and third-party ad servers to ask for more information that they can monetize later or ask the user to opt into more areas and features of the site.

Compare this to an opt-out system which incentivizes websites to offer users a feature-by-feature list they can opt out from. Sites and services are pushed to do this in a bid to retain the user. This incentive, arguably, isn't present in an opt-in system.

Finally, opt-in imposes costs on website owners and marketers, since they filter out users that would normally navigate in and out of their site unobtrusively (under an opt-out system). There might be a decrease in registrations as a percentage of users don't have enough information about the site to “risk” cookie creation and behavior tracking. 

The end result of these costs would be to incentivize websites and their affiliated ad-serving partners to create “walled gardens," which are sites that require you to log in and that have a higher cost of exchanging information among each other. Walled gardens can severely limit users' abilities to smoothly and easily navigate from one website to another. 

This leads to a severe limitation of users' opportunities to experience new sites outside of the “walled garden.” A key example of this is Facebook.

Need to get around a walled garden? We share 16 easy and free tricks in our guide on how to bypass paywalls.

How to preserve your online privacy

As the debate over opt-in versus opt-out cookies continues, rest assured there are actions you can take to safeguard your online privacy. Here's where we recommend starting:

  1. Learn how to clear your cookies, clear your cache, and delete your browser history.
  2. Update your social media privacy settings as well as any privacy options for accounts with Google, Microsoft, and other large companies.
  3. Use a safe ad blocker — we recommend Total Adblock, Ghostery, and 1Blocker as they also include tracker blockers.
  4. Install a good antivirus program, as cybercriminals may try to invade your privacy by installing keyloggers and spyware. McAfee, Norton 360, and Bitdefender are great antivirus software to start with. 
  5. Keep your operating system updated — especially when it comes to security patches. The same goes for your antivirus and any other security software you use.
  6. For ultimate privacy, download and install a virtual private network (VPN). VPNs preserve your privacy by masking your IP address so governments, advertisers, and hackers can't see your true location and other identifying information. The top VPNs also block ads and trackers as well as malware so you can double down on your security.

The best VPNs for online privacy

Starting price Starts at $2.99/mo (billed every two years) Starts at $1.99/mo (billed every two years) Starts at $2.03/mo (billed every two years)
Number of devices 10 Unlimited 7
Server count 6,800+ servers in 111 countries 3,200+ servers in 100 countries Unlisted in 100 countries
Streaming support
Torrenting support
Learn more See NordVPN Pricing See Surfshark Pricing See CyberGhost Pricing

Bottom line

Cookies' website-enhancing functions will remain in demand regardless of whether the cookie, as a file form, survives today's raging privacy debates. Cookies are at a tenuous yet crucial crossroads between public policy and technology. One thing we as users can do is take our privacy into our own hands. 

You can use tools like VPN apps and ad blockers to continue browsing online without worrying about an advertiser looking over our shoulder.

Best Basic Adblocker — Including YouTube Video Ads
4.9
Editorial Rating
Learn More
On Total Adblock's website
Ad Blocker
Total Adblock
CYBER WEEK: Up to 80% off
  • Instantly blocks distracting ads on millions of websites, including Facebook and YouTube ads
  • Blocks third-party trackers to protect your privacy and information
  • Improves page load times and enables faster browsing