Samui Infotech Logo
Home » Our News » From Cookies & Co – Why we need to know about them?
From Cookies & Co - Why we need to know about them

From Cookies & Co – Why we need to know about them?

Simon Vetterli
158

What is a cookie?

Cookies aren’t the biscuits you often have with your coffee or tea. We are talking here about.

HTTP cookies are short data packets created by a web server while a user is accessing a website and stored on the user's computer

HTTP cookies are short data packets created by a web server while a user is accessing a website and stored on the user’s computer or other device by the user’s web browser. HTTP cookies are also known as web cookies, Internet cookies, browser cookies, or just cookies. A website may store many cookies on a user’s device throughout a session. Cookies are stored on the device being used to view the website.

On the internet, cookies perform useful and occasionally necessary tasks. They allow web servers to track a user’s browsing activity or keep stateful information on the user’s device (such as products added to the shopping cart in an online store) (including clicking particular buttons, logging in, or recording which pages were visited in the past). Additionally, they can be used to store data that users previously provided into form fields, such as names, addresses, passwords, and credit card numbers, for later use.

Web servers frequently employ authentication cookies to verify that a user is currently logged in and with which account. Without the cookie, users would have to check in each time they wanted to visit a page containing sensitive information in order to prove their identity. An authentication cookie’s security is typically influenced by the security of the website that issued it, the user’s web browser, and whether the cookie data is encrypted. A cookie’s data could be read by an attacker, used to access user information, or used to log into the website the cookie belongs to using the user’s login information due to security flaws (see cross-site scripting and cross-site request forgery for examples).

It is common practice to accumulate long-term records of people’s surfing history using tracking cookies, particularly third-party tracking cookies; this potential privacy problem prompted European and American legislators to take action in 2011. All websites targeting the member states of the European Union are required by European law to obtain “informed consent” from users before placing third-party cookies on their devices.

In 1994, cookies made their debut as a feature of the Netscape Navigator web browser. They assisted the browser in determining whether a user had previously visited a particular website. Netscape developer Lou Montulli invented the initial cookie implementation. He was granted U.S. Patent No. 5,774,670A, with the description, “Persistent client state in a hypertext transfer protocol based client-server system.”

Types of cookies

Modern web browsers use a variety of different cookies. Specific use cases for various cookie types provide particular features.

  • HTTP cookies. This is the broad category of computer cookies used by contemporary web browsers to activate particular features. Except for flash cookies, every cookie in this list is an HTTP cookie.
  • Session cookies. Only while the user is using or logging into a particular website does a session cookie remain active.
  • Persistent cookies. These are commonly referred to as “permanent cookies,” and they last until either a predetermined date that is established by the web server, or for a programmable amount of time.
  • First-party cookies. The cookie and the data it contains are only accessible by the same site on which they were set, also known as SameSite cookies.
  • Third-party cookies. These cookies are not exclusive to the website where they were initially created. For user tracking and personalization purposes, third-party cookies let websites that are not the original one access them.
  • Zombie cookies. This is a particular kind of cookie that stays in place even after the user makes an attempt to remove it.
  • Flash cookies. These cookies are a special kind that function with Adobe Flash; they are not browser or HTTP cookies. These cookies are no longer routinely used due to the fall in Flash usage.
  • Secure cookies. These first- and third-party cookies can only be transmitted through HTTPS connections that are secure.

Are cookies in general safe?

Since they were first used, cookies have been a regular element of internet usage. Third-party cookies, though, might occasionally be viewed as intrusive.

Third-party cookies give organisations the ability to monitor user behaviour in a way that the user may not be aware of, which may violate their privacy.

Third-party cookies give organisations the ability to monitor user behaviour in a way that the user may not be aware of, which may violate their privacy

Third-party cookies are frequently used by advertisers to track user behaviour and deliver relevant advertising to the user. Many people who don’t want to be followed or have their browsing histories disclosed have privacy concerns about this. Regulations under the California Consumer Privacy Act, the General Data Protection Regulation and here in Thailand the PDPA Thailand now apply to cookies that can be used to identify users.

Why do we need to know about cookies?

Cookies are immediately thought of when discussing data law and privacy regulation because they are closely tied to both.

This frequently results in the widespread misunderstanding that the General Data Protection Regulation (GDPR) plus all other similar data protection regulations, which does not, has repealed the Cookie Law (ePrivacy regulation). Instead, consider the ePrivacy Directive and GDPR as collaborating and enhancing one another. This might be different depending on the country You are running Your website.

Companies like Google, Facebook, Twitter or Apple are using cookies for different kind of services – mostly for analytics but also for advertising.

Google an it’s policies
Facebook Cookie Policy
Apple’s Use of Cookies

What exactly is required under the Cookie Law?

Before storing or accessing information on a user’s device, the Cookie Law needs the user’s informed consent. Thus, if you utilise cookies, you must:

  • Inform your users that your website or mobile application (or any third-party service utilised by your website or mobile application) uses cookies.
  • Clearly and completely describe how cookies operate and what you use them for.
  • Obtain informed consent before storing such cookies on the user’s device.

Unless your website employs only exempt cookies, which is highly improbable, you will need to present a cookie banner (also known as a cookie notice) upon the user’s first visit, adopt a cookie policy, and give the user the option to offer consent. Except for those that are exempt, no cookies should run or be installed before receiving approval.

What are Your next steps?

As mentioned in our last blog, “Is Your Website PDPA Thailand ready?“, Samui Infotech does have a great Privacy Suite for WordPress ready to install.

Let us know if You are interested in having Your website PDPA Thailand & GDPR compliant.

Post Views: 158

get a quote today!

To get a quote today - please fill out this contact form. Your requests, questions and comments are important to us. Select a topic below, fill in all required fields and You get answers in the next 24 hours.All fields with * are required!

Name*
Previous Post
Is Your Website PDPA Thailand ready?
Next Post
Google Maps is the new way to manage your business

Recent Posts

This website uses cookies to improve your experience. If you continue to use this site, you agree with it.