Demystifying Tech: Cookies

Chocoloate chip cookies resting on a cooling trayImage:Kimberly Vardeman

Yes cookies, those delicious chocolaty baked crumbly biscuit things that do something magic on the computer. We all have to accept them when we visit websites, and when they stop working we sometimes have to delete them, but what are they? What do they do? And why do we need them? Let’s demystify the tech!

What are cookies?

A cookie is a small text file that your web browser creates when instructed to do so by a web page that you visit. Then when you visit subsequent pages on that website, the browsers sends the contents of the cookie file back to the server along with the request.

Usually cookies are tied to a specific domain (www.something.com), so that the information stored in it can only be accessed by websites on that domain.

What are cookies used for?

Cookies are usually used for storing a piece of information that is unique to you, which your browser sends back to the server with each request. This reminds the server of who you are so it can serve you content that is custom to you.

Remembering it’s you and its cool

When you login to a website, how does it know on each page you visit that it is you visiting and to show you all the protected stuff only you can access?

When you initially log into a website, it asked your browser to store a unique ID in a cookie (a session cookie, more on this later), and on each subsequent visit, the unique ID in the cookie is sent back. This enables the server to take your unique ID and know that you are the person who logged in before, from which your custom page is created and sent back to you.

Remembering what’s in your shopping cart

When you visit an ecommerce website, browse some products, and add one to your cart, a cookie is used to either store a list of the items in your cart, or a unique ID is stored that is the key to corresponding session data on the server (a session cookie) where the items in your cart are kept. The server then generates a cart page containing the items you have in your basket.

Tracking your interactions with pages you visit

Most websites have some sort of tracking built into them, this enables website owners to collect information about the pages you visit and your interactions with those pages across a browsing session in their website.

This is useful, because it allows the website owner to see which pages are being visited, how long you spend on each page, which pages you leave the website on, and what action you are taking such as filling in forms or downloading documents.

The data that they collect is then used to identify where content is not engaging enough, where visitors are not completing the actions they want you to, hopefully with the aim of improving the user experience on the website, and enabling you to get the information you want more efficiently.

Selling you stuff

The obvious extension to this is to improve your shopping experience, your unique ID stored in that cookie may be connected to a data store with all the products you have looked at or brought on their website, which could be used for recommending other products to you, or giving you deals to entice you to buy.

Serving you adverts

Don’t you find it annoying when you are thinking about for example going on holiday somewhere, so you visit a travel operator’s website, do some searches to get a rough idea of how much it might cost, and from that point on, in every website you visit, you are bombarded with adverts from the operator you just visited?

This is because all those websites are on the same ad network, and they have a shared cookie. The operator has paid for what is called “remarketing”, where after you have shown an interest in something, their adverts are targeted on getting a conversion for that product. They use the unique ID stored in the ad networks’ cookie to know it is you.

What are session cookies?

For the most part, cookies are used as session cookies, which is a way of connecting unique information stored in a cookie with corresponding data on the server.  Think of the cookie data like a key, it only contains a unique ID, and the box with all the data on it is on the server which can only be opened with your key.

This method prevents you from sending your information back and forth between browser and server, and keeps all the data on the server.

What about privacy?

As if adverts chasing you across the half internet was not creepy enough; take for example Google Analytics, which is installed on over 50% of websites you visit. When you visit the website, the tracking code sends requests back to google-analytics.com, which enables their cookie data to be tied to that domain, and therefor accessible on every website where the tracking code is installed.

Yes. They can track your browsing habits across more than half of the internet!

That’s not to say that this data collection is bad, the data is always used in an aggregated way, usually to improve user experience. Because a good user experience mean customers want to use your product or service, which usually equates to the site owners meeting the goals of their site, be that offering you information, getting you to contact you, or you buying something.

Private Mode

But if you are concerned about privacy, you can always browse using private or incognito mode. This mode basically starts with no cookies, and then deletes all the cookies generated during your browsing session when you close the browser. So they will still collect data about you, but they won’t be able to link it together with any other browsing data you have generated.

If you visited that site to look at a product and now the adverts are driving you insane, you could always clear your cookies, then they won’t know you were the person that looked at that product earlier!

Ad Choices

Marketers know that ads can be irritating, and are working towards giving you more control over the adverts you see, currently the tools are a bit clunky and over complicated. But if you want to get rid of an ad, some adverts have an “Ad Choices” link on them.

If you click that it brings up a tool that allows you to opt out of adverts served by specific marketing agencies, which is not that helpful unless you know which agency is doing marketing for the ad you don’t want! I am sure in time, these tools will get better.

Help I can’t login!

Every now and then, something just goes wrong, be it a bug in how the website handles cookie or session data, or a cookie gets corrupt. You type your username and password to login to a site, and it just kicks you back to the login page with no error message as it you are just arriving there. Well it seems the site is unable to read your cookie!

Like fixing your computer by turning it off and on again, clearing your cookies will usually clear the blockage, although you will have to log back in to any websites you access.


So hopefully this clears up what cookies are and what they do. They are quite simple really; just a mechanism for sending data back to a website on subsequent requests. But the ability to connect that data to huge stores of unique personal information makes them extremely powerful, and quite possibly a little invasive. But this is the price we pay for logins, shopping carts, and a better experience on the web.

Back to Magazine


Related Articles

Parenting in a digital age: Parenting through technology

Parenting in a digital age: Parenting through technology

More and more parents are looking to technology to keep their children safe online, but at what cost?

18 August 2017
Online Safety
Demystifying Tech: HTTPS

Demystifying Tech: HTTPS

As the web integrates deeper into our lives, terms like security, privacy, encryption, SSL and HTTPS are being talked about more and more. But what is HTTPS and why do we need it?

14 June 2017
Schools Internet Service, Online Safety
Unmasking online anonymity

Unmasking online anonymity

For many, anonymity allows them to express themselves freely online. But be careful what mask you put on. Be a superhero, not a villain.

11 May 2017
Online Safety
Parenting in a digital age: Privacy and parents - the digital disconnect

Parenting in a digital age: Privacy and parents - the digital disconnect

What are young people's expectations around their online privacy and how does this compare with parents own expectations?

10 April 2017
Online Safety
What the Tag?!

What the Tag?!

Explain what tagging means in online social media websites and give a real-life case.

12 August 2016
Online Safety