What are cookies and how are they used?

Internet cookies, often called website cookies, computer cookies, or just cookies, are small text files that websites store on your computer or device when you visit them. These files contain data that websites use to remember and track information about your browsing activity.

In this article, we look at what cookies are and how they are used. Third-party cookies, in particular, can pose a threat to your online privacy, so we’ll discuss them in more detail. 

What is a browser cookie?

Cookies are small text files that websites you visit store on your browser. Cookies can store various types of information, including login credentials, browsing history, user preferences, and shopping cart contents. Most cookies are benign and help improve your overall browsing experience.

Cookies typically don’t contain personally identifiable information (PII(new window)), such as your real name or address. Instead, they use unique identifiers to associate the stored data with a specific user or device. However, advertisers and Big Tech can use these unique identifiers to track you as you move between websites. 

Cookies can be broadly classified into two types:

Session cookies

Session cookies are temporary and are stored only during your browsing session. They enable a website to remember your actions and preferences within a single session, such as the items you add to a shopping cart. Once you close your browser, it deletes your session cookies.

Persistent cookies

Unlike session cookies, persistent cookies are stored on your device over multiple browsing sessions. They’re used to remember your preferences and settings for future visits. For example, persistent cookies may remember your login information or language preference on a website. Third-party cookies (see below) are almost always persistent cookies.

Get Proton VPN

First-party and third-party cookies

Another way of classifying cookies is whether they are first-party or third-party cookies.

First-party cookies

First-party cookies are created by the website you’re currently visiting. They enhance the website’s functionality and remember your preferences, payment details, and other logistical data.

As you can see, first-party cookies are usually beneficial to you, the visitor, and any attempt to block them will likely damage the website’s functionality or even break it altogether. 

Third-party cookies

Third-party cookies are set by domains other than the website you’re visiting. They’re often used for advertising and tracking purposes. For example, a website may include third-party advertising or social media plugins that set cookies to track your interactions across different websites.

Third-party cookies typically belong to advertising companies such as Google or social media networks such as Facebook, TikTok, and Twitter. These companies have  business models that rely on knowing as much about you as possible so that they can target you with ever-more personalized ads. 

This kind of internet cookie presents a serious privacy risk while offering little benefit to you, the website visitor. It’s usually safe (and arguably advisable) to block third-party cookies. Most web browsers provide options to manage and control cookies, allowing you to delete or block them selectively. 

Learn more about third-party cookies and how to block them on all browsers

The “EU cookie law”

If you live in a European Union (EU) country (or the UK), you’re probably  used to being asked to consent to the use of cookies when you visit websites. This is primarily due to the ePrivacy Directive(new window), which requires all websites to ask anyone who visits them using an EU IP address for explicit consent before placing cookies on their browser. It was designed to reign in privacy abuses from third-party cookies. 

Since cookies can be used to identify you, they’re also considered “personal data” and subject to GDPR(new window). This allows companies to process data gathered via cookies as long as that data is considered to be of legitimate interest(new window) to the website. 

In practice, EU attempts to regulate cookie abuse have been less effective than hoped for. Many websites simply ignore the law while others refuse to load unless you accept third-party cookies. Another problem is that many people agree to cookies without ever bothering to look at what they’re doing. 

Final thoughts

A good rule of the thumb for thinking about cookies is “first-party cookies: good; third-party cookies: bad”. First-party cookies play a crucial role in enhancing the user experience and personalizing website content, but third-party cookies often raise serious privacy concerns. 

Frequently asked questions

Does a VPN protect against cookies?

A standard virtual private network (VPN) hides your real IP address from websites you visit but does not, on its own, provide any protection against cookies. 

However, Proton VPN offers a feature called NetShield Ad-blocker. This filters DNS queries from domains known to host ads, malware, and trackers, effectively blocking many malicious cookies. 

Learn more about NetShield Ad-blocker 

How do I stop internet cookies from tracking me?

Using Proton VPN with Netshield enabled (see above) is a highly effective way to prevent cookies from tracking you. You can also block third-party cookies in your browser. Just be aware that doing this may occasionally prevent some websites from working correctly.

Are cookies the only way that websites can track me?

No. As more people become aware of the dangers of cookies and take action to mitigate their abuse, websites, advertisers, and Big Tech have all developed other ways to track people against their will. The most common techniques are browser and device fingerprinting(new window), but other sneaky tactics include HTTP E-Tags(new window), web (or DOM) storage(new window), and browser history sniffing(new window)

How do I block third-party internet cookies in my browser?

Most web browsers allow you to manage how they handle cookies, including enabling you  to block all third-party cookies. Please see our article on how to block third-party cookies on all browsers for a detailed look at this subject.

Are third-party cookies ever useful to website visitors?

Not really. Some of the scripts that set third-party cookies might be useful (for example, a script that loads a live chat support window), but the cookies themselves are almost invariably designed to track your online activity as you visit different websites on the web.

Related articles

s AliExpress reliable?
en
  • Privacy basics
Chinese shopping platform AliExpress is undoubtedly cheap. But is it also safe and reliable, or you are likely to get scammed?
How to fix a 502 error
en
In this article, we explain what a 502 bad gateway error is and explore possible ways to fix it as a visitor to a website.
Watch Thanksgiving Day football with Proton VPN
en
Here's how you can live stream this year's Thanksgiving football games using Proton VPN, whether you're watching from home or abroad.
Where to watch Macy's Thanksgiving day parade
en
Here's how and where to watch Macy's Thanksgiving Day Parade live from anywhere in the world with Proton VPN.
What we've been up to, and what's next
en
Here are the main things Proton VPN delivered this spring and summer and the exciting changes that lie ahead on our product roadmap this winter.
Proton VPN for Windows ARM
en
  • Proton VPN news
We’re pleased to announce a new Proton VPN app with native support for Windows devices that use the ARM chipset.