DEV Community

Cover image for Internet cookie warnings: An ineffective and inefficient way to enforce laws.
Leonardo Zamudio López
Leonardo Zamudio López

Posted on

Internet cookie warnings: An ineffective and inefficient way to enforce laws.

Written by Leonardo Zamudio López


One of the most well-known aspects of the web are the famous "cookies", those old friends who are responsible for tracking our information on the Internet for advertising purposes.

It is well known, and has even become a meme, the fact that every time we enter a website, that well-known alert appears saying "We use cookies for a better user experience and recommendations".

But before we talk about the whole moral and ethical side of cookies, we must first know what they are.

What is a cookie?

A cookie is a packet of data that a web browser automatically stores on a user's computer when the user visits a website. The cookie is sent from the server to the visitor of the web page. Subsequently, each time the user visits the same web page or another web page of the same domain, the cookie will be read by the web browser, without being modified, and sent back to the web server.

Therefore, a cookie is just data that is stored on the user's computer. But since the storage is done at the behest of the web server, there has always been a fear that something malicious could be done. However, cookies are not software, nor are they code snippets, they are simply data. Therefore, in principle, cookies cannot transmit and execute viruses or install malware such as Trojans or spyware.

However, cookies can be used to track user activity on the Web.

Cookies were developed in 1994 by engineers at the Netscape company, and their browser, now defunct, was the first to accept them. Since then, cookies have been an essential element for the Web to function as we know it today.

As a curiosity, the original Netscape cookie specification can still be found on the Web today.

Cookies are necessary because the HTTP protocol used on the Web to transmit Web pages is a stateless protocol, and does not provide a mechanism for maintaining state, i.e., the history of requests and actions performed by a user between different requests.

Cookies were originally developed by Netscape to provide a reliable means of implementing a virtual shopping cart.

A virtual shopping cart, also called a virtual shopping basket, acts as a virtual device in which the user places the items he or she wishes to purchase, so that users can browse the site displaying the items for sale and add or remove them from the shopping basket at any time. Subsequently, cookies have been used for different purposes. The main one is to be able to differentiate users from each other in order to act differently depending on the user visiting a web page.

For example, cookies are used to store user preferences such as the preferred language for viewing a website.

Another example, most search engines such as bing have a preferences option. bing displays 10 results by default when performing a search. However, from the preferences page you can change this value to 50, for example. From then on, the results will always appear paged 50 by 50, even if the browser is closed, since the cookie is maintained from one day to the next.

But the main use of cookies is to store the session. The session is a basic concept in web applications that allows you to control user access to certain parts of a website and show you information particular to that user. Finally, there are also some problematic uses of cookies, such as tracking cookies, which allow a user to be tracked between different websites.

Tracking allows to know which websites a user has visited, how long he/she has been on each of them, and is usually used to create anonymous user profiles that can be used later for different purposes, such as the creation of advertising campaigns based on user profiles. This use of cookies is employed by companies that manage ads on the Internet, such as DoubleClick, one of the most important in the sector.

What do I think about cookies?

I certainly don't think it's a bad thing for a website to use cookies to store session information or any other type of data that helps the site's performance. However, there has been a lot of controversy surrounding cookies, mainly for advertising purposes.

We can take some responsibility away from social networks or forums, since they warn you about the use of cookies explicitly in the Terms and Conditions that absolutely no one reads when creating an account on these sites. However, what can we say about other sites?

I remember being on the computer searching for information for my school research assignments. Many of the pages I consulted were of a commercial nature. Every time I entered one of these sites, I would see the typical banner at the bottom: "We use cookies to improve the user experience". And I remember thinking to myself, "Ok, at least I, a programming student, know what cookies do. But what about a person who doesn't belong to an IT branch?"

Let's put this hypothetical situation: Let's go out on the street and ask random people "What is a cookie?". Most (if not all) people will answer you the following, "A cookie is a small-sized, sweet or savory, baked dessert usually made from wheat flour, eggs, sugar and butter."

And this is where the problem lies. User data is being used for advertising purposes without the user's explicit knowledge. And the worst part of the case is not that, many sites do not explicitly tell you what data they are using and for what purposes.

How can a user be 100% sure that their data is being used properly? Many sites still lack data use transparency protocols.

I believe that the best way for a user to be aware of the data being used is to say this explicitly. For example, instead of saying for the umpteenth time "We use cookies to improve the user experience", we could say: "We use data such as pages visited, location, device type (etc, etc, etc, etc), for performance, session and advertising purposes".

If we do not explicitly state the data used, how can we ensure that our data are used within our preferences and even within the legal framework?

And it is up to us, users, to inform ourselves about technological issues involving our personal data and our digital footprint. We must ensure that our data is being used appropriately. And if not, we can rise up in virtual arms and sing that glorious war cry, "Feed me your kings and queens, I will spit their bloody crowns to the ground."

Anyways, that's it for this post. Let me know what you think in the comments. Remember to always give your opinion based on logical reasoning and respect. Take care. See you next time.

Top comments (0)