BOISE, Idaho — If you are following the various privacy laws being passed around the world, you have certainly heard a lot of chatter about cookies. You may also be annoyed by website banners that pop up whenever you view a website.
What are cookies and why are they used?
Cookies are small text files that websites store on your device. Cookies were created by Lou Montulli and first used in 1994 by the web browser Netscape. The first cookies were used to identify whether users had previously visited a particular website.
Over the years, cookies have evolved, making users increasingly concerned about cookies tracking their online behavior, particularly without their knowledge or consent. Today, cookies are primarily used to make websites work more efficiently; however, they are also used for marketing and advertising purposes. Cookies help websites remember information about you, such as your login details and what is in your online shopping cart. But cookies are also used to track your online activity for targeted ad campaigns.
Types of cookies
First-party cookies are stored on your device by the website you are browsing.
Third-party cookies are stored on your device by third-party companies, such as an advertiser. Most third-party cookies are used for advertising purposes.
Session cookies are only kept for the length of the browser session. These cookies are temporary and are deleted as soon as you close your web browser or end the browsing session. This type of cookie generally does not have any privacy concerns.
Persistent cookies are those that remain on your device until you erase them or until they expire, which can vary.
Flash cookies are created and stored in the Adobe Flash app. These cookies are not deleted when the browser cookies are cleared—they must be deleted within the Flash player’s settings.
Privacy and Compliance
So, what do cookies have to do with privacy? The information companies obtain about you from using cookies creates concern about how that information should be used and protected.
Cookie compliance is complicated because websites can be viewed by people anywhere in the world. For example, if a website collects information from California residents, the company, even if it is outside of California, can be covered by the CCPA/CPRA, and therefore must comply with these laws. Further, the same website may collect information from citizens in the EU and therefore must also comply with the GDPR.
 Kukulka, Magdalena. “What are browser cookies? The history of cookies in digital advertising.” New Programmatic, 23 July 2021