An evil wizard sprinkling cookies into a computer

Cookies, Tracking, and Privacy: What’s Actually Going On

ByNancy Jones

I looooove me some chocolate chip cookies. I also have a deep affection for Pepperidge Farm Chessmen and homemade shortbread. You know what other kinds of cookies I like? I like some kinds of computer cookies. Those aren’t sugar cookies that I baked in the shape of a laptop, but that’s something I may need to look into another day. Computer cookies make life easier for some users in some ways. You may have heard about campaigns against cookies, which might have caused you some concern. Before we sound any alarms, I’m going to present you with a jargon-free explanation of computer cookies. I’ll give you the facts without any fear-mongering. Here you can gain some clarity on cookies.

Let’s start by stating what a cookie is not. A cookie is not a program. It is not a virus. In and of itself, it is not spyware. A cookie is a small text file on your computer. It’s sort of like a sticky note, a coat check ticket, or a “remember me” card. Cookie files are quite small, just a few kilobytes in size.

Why Cookies Exist (The Helpful Stuff)

Cookies make things easier to use on the web, to the extent that the web would feel sort of “broken” without them. They make it possible to stay logged into a website, they make shopping carts work, and they can save and store language and location preferences. Here’s an example:

Logins

You like shopping at Frankenstein’s Silk Shop. In fact, you like it so well that you’ve created a shopper’s account, where you can save a shopping list (no, that’s not a cookie). To begin your shopping trip, you log into the site with a username and password. The site checks to make sure that what you typed matches what it has stored, and, if it does, lets you enter the site. The site sends a cookie, called a Session cookie, to our browser. That lets the site remember you for the duration of the visit, so that you don’t have to log in to every page. Session cookies store a random ID number that is not your password.

Shopping Carts and Preferences

If you select something, say a red scarf, and add it to your shopping cart, and then click away from the cart to read the care instructions, your shopping cart doesn’t delete that item. A cookie will remember not only that it’s a red scarf, but also that you have logged in from a location that usually operates in a particular type of currency, and the site will default to that currency. You can change the currency, and an updated cookie will remember that change for that visit.

Remember Me

If you see a checkbox at login that says “Remember Me,” you have the option to set a persistent cookie. You can stay “logged in” to the site, without having to re-enter your username and password, for a particular period of time specified at the site. If you didn’t check out with that red scarf, and you don’t log out, you can come back tomorrow, and your red scarf will still be in the shopping cart.

If you didn’t check “Remember Me,” that won’t be the case after you close the tab or the browser. That persistent cookie cannot read your credit card information as you enter it to make your purchase, and it can’t read your emails. It also can’t spy on your computer.

If you log out of the website, that closes that connection, and the persistent cookie is deleted or marked as invalid. Additionally, if you are clearing your cookies to try to clear up a browser issue, that will delete all those persistent cookies.

Types of Cookies

I mentioned session cookies and persistent cookies up above. Those describe how long the cookies hang around. Other types of cookies warrant discussion, partly because they have raised some controversy recently. This part of the discussion centers around who the cookies belong to. (Hint: even though they live on your computer, they don’t belong to you.)

First-Party

A first-party cookie is created by the website you’re actively visiting. We rely a lot on first-party cookies, usually without even thinking about it. First-party cookies are read only by that site. They support really basic functionality, and we expect them.

Third-Party

Third-party cookies are very different. They’re created by a different site than the one you’re visiting. It happens when a page loads some content from somewhere else, like advertisements, embedded videos, social media buttons, and analytics tools. Those cookies may track which sites you visit, build a profile of your interests, and can be used for targeted advertising, and this is where privacy concerns begin.

I know you’ve noticed the social sharing buttons at the top of the page, and I do collect analytics information. I have not chosen to show ads on my site because the pennies aren’t worth degrading the user experience. However, I want you to be aware of what goes on with what I am using. Social sharing buttons make it easy for you to share this article, and any others on my site, with your social network or via email. The buttons may load small pieces of code from the social network, but they do not place advertising cookies, they do not give me access to your social media accounts, and they don’t tell me who you are. Any data collected by the social media platform is governed by its privacy policy, and I don’t get any information about who clicked what.

I use basic analytics to help me understand things like how many people visit a page, which of my posts are most popular, whether readers are on phones or computers, and approximate geographic locations (countries and maybe states if I ever need to dial down to that granularity). This helps me fix broken pages, write content people find useful, and keep the site running smoothly. I do not serve ads, I absolutely do not sell data, I don’t build user profiles, and I don’t follow you across other websites.

Cookies vs. Tracking: Where the Confusion Starts

Cookies get blamed for everything – they’re treated like the villain of the internet, because they’re the only part most people can see. Even if they aren’t the thing doing actual tracking, cookies will be blamed if something feels invasive. Over time, cookies have become a shorthand for all online data collection, and it’s not always accurate. Cookies didn’t become controversial because they changed; they became controversial because the web around them changed.

Identifiers

Using cookies for identification is simply a way for a website to know, “Is this the same visitor as before?” It’s not knowing who you are, but just recognizing continuity. Most of this identification occurs without names, email addresses, or any other personally identifiable information.

Tracking

Tracking observes behavior over time, rather than just for a single visit. It’s when data follows you beyond one page or one session. Tracking looks for patterns: where you go, what links you click, and what you ignore. It becomes more sensitive and more controversial when it extends across multiple sites.

Profiling

Profiling is what happens when someone collects the behavior tracking data and then groups and labels it. It’s not a name, but rather a set of assumptions. It turns activity into categories – interests, habits, or things a person is likely to prefer, based on other things about them. This is the step where data isn’t “raw” anymore, and it starts the interpretation phase.

What About Ads?

Now let’s talk about advertisers. Advertisers don’t usually know who you are. They know what kind of user you resemble. For advertisers, cookie data is much more about probabilities than it is about personal identities. Ads really don’t target biographies – they target behaviors, matching patterns.

Those Banners!

What about those cookie banners that appeared all over, overnight? Should you be worried about cookies now? No, those banners didn’t appear because of some sudden cookie danger. Privacy regulations have changed, now requiring disclosure and consent when a website collects certain kinds of data. The big trigger points are tracking across sites, targeted advertising, profiling of identifiable users, and non-essential third-party cookies.

You notice that I don’t have a cookie banner, but I do offer you the opportunity to sign up for my email list. In that case, I’m still only collecting information that you voluntarily supply, not placing a cookie on your computer for it. I also offer the opportunity to leave the list at any time. I’m not going to the trouble if I don’t have to, even though a lot of sites have that also didn’t need to do so. Maybe in the future I’ll offer some advertising on my site, but it’s kind of a pain to get it set up. (Now, if you’d like to support the site, check the link at the bottom for my photography sites. 🙂 )

Are Cookies Dangerous?

Short answer: usually, no. Longer answer: possibly. See, they don’t execute any code on your computer, so they’re not a virus or malware. They can’t read your files, so they’re not spyware. However, there are some realistic risks if they are used for excessive tracking or data correlation. Also, if you share devices, such as with your family or in a library, you need to ensure that you don’t simply walk away from an active session on a website; you must also log out of any account you’ve logged into. But on a computer that you use and nobody else uses, don’t lose sleep over cookies.

Cookies You Don’t See (But Should Know About)

Tracking Pixels/Web Beacons

Not all tracking relies on cookies. Some methods are nearly invisible. A tracking pixel is a tiny transparent image that is loaded from another server. When that image loads, it can quietly record that you viewed a page. Tools like this are often used for measurements like email opens and page loads, not always for profiling. For example, when I send an email to my email list, after several days, I get a message indicating how many people actually opened that email. It’s a good way for me to know if my subject lines are interesting enough.

Browser Fingerprinting

Even without cookies, browsers can reveal some small technical details. Browser fingerprinting looks at combinations of settings, and not stored files. It isn’t so much that one single detail identifies who you are; it’s more that the combination of screen size, fonts, and the browser version you use lets a site know that this particular browser is not some other browser that someone else is using. It’s a way to estimate unique visitors, especially when cookies aren’t available.

Why Blocking Cookies Alone Doesn’t Equal Total Privacy

As you can see, cookies are only one piece of a larger privacy puzzle. Blocking cookies can limit some tracking, but it doesn’t make a browser invisible. Modern websites can still measure activity using other technical signals. Privacy is really about layers and trade-offs, not a single switch that we can flip off or on.

Sites like mine don’t want to track you, but I’d like to know that you were one visitor, and someone else was a different visitor, so that I’d know that my content appealed to two visitors and not just one. I’d like to know that you stayed long enough to read the whole piece, and that you clicked on other pages. I can get that information without knowing anything at all about you personally, and that’s where cookies and browser fingerprinting can be benign and very helpful.

Managing Cookies – Practical, Not Paranoid

Now that you know a little about cookies, you can learn how to manage them so that they’re useful and not disruptive. Here are a few things that you may find helpful.

When to Clear Cookies

Clearing the cookies, which we often do in conjunction with clearing the browser cache, can be useful if a site isn’t behaving the way you expect it to. It’s kind of a reset when logins, preferences, and carts stop working. If you use public computers or if you share a computer, clearing cookies removes leftover logins. Most of the time, if you’re the only one on a computer, you don’t need to clear the cookies unless a technician advises you to.

When to Block Third-Party Cookies

Blocking third-party cookies will mainly affect advertising and cross-site tracking, which probably won’t bother you much. Most modern websites will still function just fine with third-party cookies blocked, and you can reduce how much an outside company can recognize your browser. This low-effort action is probably the biggest bang for the privacy buck.

When to Use Private or Incognito Mode

Incognito browsing is more about isolation, not so much invisibility, although it feels like you’re invisible while using it. It can be useful if you have to use a second account at a website, or if you use a shared device. Your cookies and history are deleted when the window closes. Lots of people use incognito mode when shopping for airfares, because they don’t want the airline knowing they’re looking for a price drop. The internet provider can see the traffic to and from the website, and the website itself can see the activity, but the site won’t know if you were there before in that mode.

What Happens When You Block All Cookies

Yes, you can block all cookies, but it’s pretty disruptive. Logins won’t stick, carts won’t hold your purchases, and your preferences won’t save. Some sites might even refuse to function at all. This setting does offer privacy, but the trade-off will be extremely noticeable.

Bottom Line: What You Need To Remember

Look, cookies aren’t going away. They’ll evolve, but they’re here because they’re useful in a lot of ways. Cookies are tools, not villains. Most of them are pretty boring, but a few deserve some limits on them. You’re not powerless, and you don’t need to panic.

Your Turn

Do you automatically accept cookie banners? Have you ever cleared cookies out and broken a site’s functionality? Here’s the big question: Where do you stand on the trade-off between convenience and privacy? Let me know in the comments.

My photography shops are https://www.oakwoodfineartphotography.com/ and https://oakwoodfineart.etsy.com, my merch shop is https://www.zazzle.com/store/south_fried_shop.

Check out my New and Featured page – the latest photos and merch I’ve added to my shops! https://oakwoodexperience.com/new-and-featured/

Curious about safeguarding your digital life without getting lost in the technical weeds? Check out ‘Your Data, Your Devices, and You’—a straightforward guide to understanding and protecting your online presence. Perfect for those who love tech but not the jargon. Available now on Amazon:
https://www.amazon.com/Your-Data-Devices-Easy-Follow-ebook/dp/B0D5287NR3

Similar Posts