What is a Cookie?
The notices about cookies are referring to tiny bits of information that websites download to your computer and store in your browser. At their most basic, HTTP cookies are used to identify users and tell whether they have visited a specific website before.
When you visit a small business’s e-commerce website, it will issue a cookie assigning you a unique user identifier number, and some basic info about you. If go back later to finish your order, the cookie will tell the website who you are, and which orders are connected to you.
Is That Cookie Chocolate Chip or Oatmeal Raisin?
Just like at the bakery, the web has different types of cookies. What they do, and how bad they are for you depend on how long they stick around, what information they collect about you, and whether they were made by your website, or somebody else.
Session cookies are like wafers. They don’t stick around long and they’re not going to get you into too much trouble if you eat them. They are information that is only stored in your browser’s memory while your browser is open. For example, they may store where you have been on a multi-page website.
Persistent cookies are like peanut butter cookies. They have sticking power. They are stored in your browser’s memory even after it is closed, but eventually expire and get deleted. For example, by clicking “remember me” on an online account, you allow the website to create and store a persistent cookie until your login expires.
First-party cookies are the cookies you get from the bakery. They’re created for a specific purpose by the company whose website you visited. For example, a first-party cookie may direct whether you get a pop-up for the company newsletter.
Third-party cookies are like the cookies you get at a fast-food restaurant. They were made by someone other than the company you are visiting, and you’re not entirely sure what’s in them. For example, when a website imbeds a Google Map on its contact page, Google uses a third-party cookie to track your clicks on that map.
Are You Sure You Want a Cookie?
Just like the sugary variety, HTTP cookies have a downside. When users click “I accept” they could be getting more than they bargained for.
Persistent Cookies Threaten Privacy
There are lots of innocent uses of persistent cookies. However, search engines and other websites sometimes go beyond storing data to collecting it, and that can create privacy concerns. These persistent cookies track what you do and where you go online after you have left their website, and then send that information to the creator’s site the next time you visit.
Third-Party Cookies Create Security Risks
While some third-party cookies are useful, others can expose users and companies to security risks. Malicious websites can use third-party cookies to act like the user on your website, authorizing actions or logging in without their permission. They can also be designed to look like your website when the user goes somewhere else, leading your customers into risky online situations.
Does Your Company’s Menu Come with a Side of Cookies?
As a small business owner, your website may have come with cookies without you even knowing it. Widgets, add-ons, shopping carts, and a variety of other business tools all come with their own recipes to add functionality, and gather information about how they are being used.