Skip to content

Everything You Need to Know About Cookies: Part 1. What is a Cookie?

This is first article in the series about internet cookies. It will be covering basic knowledge about cookies, cookie usage and why is it important for your website. You can read introduction here.

Articles in this series:

  1. >>>What is a Cookie?<<<
  2. Types of Internet Cookies
  3. Explicit or Implied Consent?
  4. When You Don’t Need User Consent?
  5. Proper Dataflow Infographics
  6. How to Properly Comply with EU Cookie Law?

And now let’s get things started.

What is a cookie?

Cookies used by web browsers are just small files containing some small amount of data specific to your computer and browser. Website use them for customization, so it’s tailored for your needs. For example: cookie can remember that you’re logged in into Gmail on your computer, so you won’t be asked for password every time.

Technically, cookie contains Name, Value and additional attributes, so it’s pretty universal storage of any data. For example, cookie set by my blog could look like this:

This kind of information is stored on your computer. Next time you’ll be here – your browser will send such cookie altogether with each request to the server, so server will know that you’ve been here recently.

Cookies have many purposes. As they’re storing state information, they’re ideal to remember if user is authenticated on a site, to what username’s data should have access and others. You’ll read more on kinds of cookies in next part.

So what’s it all about with EU?

To this point we know what is cookie, that it’s stored on your computer and that it’s sent to the server which created it. When everything is working correctly, there’s no possibility, that cookie will carry any kind of viruses or malware.

european-flag-comply-with-EU-cookie-law
EU tries to protect users from unwanted cookies on their computers

What may be a concern is that if nearly every site creates cookies, it is possible to reconstruct history of your on-line behaviour – where you have been and what services you were using. Cookie can also store passwords or any other data that you filled on site, such as your personal information or credit card number.

The majority of people take cookies as-is and they don’t know anything about them. It’s understandable – i don’t need to know how each of parts of Google Chrome works to use it. I want to browse web.
Now.

But because of that, EU took action to educate users, so everyone knows about potential risks. From 2011 every website owner must ask for user consent to create and store cookies. As cookies are one of the foundations of web, they’re used almost everywhere. So since then you see banner on almost every site which states something like this:

Example of cookie consent banner, which you can expect on almost every site
Example of cookie consent banner, which you can expect on almost every site

Really? Is it necessary to force everyone to spoil their website with same information, so user first experience would be: “Great, another we-use-cookies banner. Close-close-oh-gosh-why-did-you-reloaded-my-form?”. When they’ll force us to inform with a popup that we‘re using world wide web?

Frankly, i can tell you that EU law, surely won’t protect your privacy by enforcing everyone to place banners on their website. Those who indeed would use cookies for evil purposes, wouldn’t bother to comply with that law. Or they would, but even then no one would read it. So, in the end it will spoil almost EVERY website with same information. (Why don’t they instead force UTF-8 to be a standard? I would encourage it with my whole heart!)

Don’t get me wrong, i understand idea which lies behind this – it’s to protect users. But somehow they forgot, that for example Facebook gathers WAY more data about each of us than we have in our cookies. When you register to Facebook – you agree with their terms.

Best option would be that using any browser should indicate agreeing with “browser terms” which can store cookies and all browsing or downloading history can be recreated. Even more – each of browser plugins can gather any kind of information. It is understandable, and probably not everyone know how to clear browser history.

Shouldn’t we place banners on our sites which would be screaming:

“This site is using your browser history, if you would like to clear it, go to your browser settings”

The way for cookies which EU chosen is very interruptive. It’s just an illusion of protection.

Why we call them cookies?

The term was derived from “magic cookie” which was used before, and meant itself a unique packet of data which was exchanged between two communicating programs. Unfortunately, i found no explanation for “magic cookie” term. If you know were does this name come from – let me know!

Cookie term was derived from "Magic cookie" - small packet of data used in
Cookie term was derived from “Magic cookie” – small packet of data used in program communication

As for how cookie get known and popularized, Wikipedia says:

Magic cookies were already used in computing when 24-year old computer programmer Lou Montulli had the idea of using them in web communications in June 1994. At the time, he was an employee of Netscape Communications, which was developing an e-commerce application for MCI. Vint Cerf and John Klensin represented MCI in technical discussions with Netscape Communications. Not wanting the MCI servers to have to retain partial transaction states led to MCI’s request to Netscape to find a way to store that state in each user’s computer. Cookies provided a solution to the problem of reliably implementing a virtual shopping cart.

Together with John Giannandrea, Montulli wrote the initial Netscape cookie specification the same year. Version 0.9beta of Mosaic Netscape, released on October 13, 1994, supported cookies. The first use of cookies (out of the labs) was checking whether visitors to the Netscape website had already visited the site. Montulli applied for a patent for the cookie technology in 1995, and US 5774670 was granted in 1998. Support for cookies was integrated in Internet Explorer in version 2, released in October 1995.

Can you see that? Internet Explorer in version 2! Well, that was long time ago (more than twenty years!). But the technicalities of cookies remained the same. They’re used for many purposes. In the next part you’ll read about all of them.

If you enjoyed this part, please help me by sharing it with your friends. Also, if you would like not to miss any of my articles, subscribe!

Next article in the series: Types of internet cookies

Photo by Rock Cohen / cc by
Photo by Andrew Hart / cc by-sa