Table of Contents Hide
All consulted websites require accepting, refusing, or configuring cookies before accessing their content. What is a cookie? It’s always better to know what it is before giving consent, right? Our article covers the topic and informs you to become an expert on internet cookies.
What is the simple definition of a cookie on the internet?
Although “cookie” can be translated as “biscuit” in French, an internet cookie is not a chocolate chip treat. (Even though we like this pun).
A cookie is a tiny text file, around 4 KB, whose content represents a sequence of alphanumeric characters. For example, AGT129!?…
They enable certain website features (social media sharing button, online chat module, visitor path tracking on the site…).
More officially, the National Commission for Informatics and Liberties (CNIL) defines a cookie as “a small computer file, a tracker, deposited and read for example during the consultation of a website, reading of an email, installation or use of software or a mobile application, regardless of the type of terminal used (computer, smartphone, e-book reader, Internet-connected video game console, etc.)”.
The cookie contains coded information about the visitor generated by the server of the consulted website and then saved by the web browser.
The cookie works with all browsers: Firefox, Chrome, Explorer, Safari, and Mozilla… and on all devices, tablet, computers, and smartphones. It is, therefore, omnipresent on the internet.
There are cookies for all tastes, with specific purposes. Each occasion has its particular cookie:
Functional cookies: strictly necessary for the proper functioning of the site; they are exempt from consent. Without them, it is impossible to display site features correctly.
- Advertising or marketing cookies: we can distinguish “third-party” and “first-party” cookies.
- Third-party cookies come from domains other than the user is visiting, while first-party cookies come directly from the site. In any case, they are used to track visitors for marketing purposes (study of online behavior, chat launch, unfinished cart, etc…).
- Statistics and audience cookies: halfway between functional and marketing, they are used to improve the site and user experience. But since they are not strictly necessary for the site’s operation, they are still subject to consent.
- Social media cookies: Considered third-party cookies, and for marketing purposes, we categorize them in social media, given their importance in the cookie landscape. Often called “Pixels,” they are used for retargeting for advertising and affiliation. Some occasions require permission.
Whether they are “third-party” or “first-party” cookies, it should be remembered that those that aim to collect personal data to track visitor behavior, conduct advertising campaigns, or contain information for any marketing operations, require consent! As for functional cookies that strictly ensure the proper functioning of the site, they can be eaten without hunger and are allowed for all.
Note: even if the term “cookie” is the most used, you may sometimes find its synonym, the “connection token.” For the CNIL, the cookie is a type of tracker.
Good to know: Google has announced the removal of third-party cookies on its Chrome browser. Initially scheduled for 2022, the date has been pushed back to mid-2024.
Where do internet cookies come from?
Computer cookies were invented in 1994 by engineers at Netscape, a company that sells web servers. For one of their clients, they created a tool to store navigation data on a website. Cookies were born.
On October 13, 1994, the code was first introduced on the Netscape website to identify users who had previously visited the site without informing them of this novelty. The practice then spread like wildfire.
It was not until 1996 that the presence of cookies on website pages was revealed to the general public.
What is the role of a cookie?
The cookie allows users’ data to be stored for later reuse. It represents a mine of information for companies exposed on the internet.
This storage serves several purposes:
In the short term:
- The cookie allows the server of the visited site to remember the passage of the Internet user and what they did on the site. For example, if they put products in a cart. Which ones?
- Or if they activated filters. But also to know a multitude of information about them: which page they consulted, how long they stayed on it, if they clicked links…
In the longer term:
- The cookie allows websites to improve the user experience. That is, to improve the visitor’s navigation on the site but also their satisfaction in having visited it.
- The cookie allows for a better understanding of the user’s habits as a consumer, but also their preferences, and to better target the advertising that is addressed to them. The cookie has become an essential tech tool for all these reasons. But also a necessary element of internet browsing.
To learn more about the usefulness of cookies, do not hesitate to consult our article “What are cookies used for?”
How do cookies work?
The cookie is information received from a website visited by an Internet user and stored on the browser of the latter. But concretely, what is its mode of operation?
Cookies work within the framework of the HTTP communication protocol. This protocol establishes fast connections between a computer and a server. With each request made by the user on a browser, a rapid response is brought to them in the form of a displayed web page. And voila, a cookie is created and stored.
An exemplary diagram makes understanding how cookies work better than a long explanation possible.
Note: A cookie has a limited lifespan, set by the website designer. The CNIL recommends 13 months. The same applies to the information collected by cookies. The CNIL recommends keeping them for a maximum of 24 months.
Good to know: An internet cookie is created from a visited page and becomes available only from the next page. This allows the browser to send the cookie to the server.
Can cookies be managed?
Yes, a user can manage their cookies and the information collected in different ways:
- Directly on the browser. The steps depend on the browser and are described in the browser’s help menu, explaining how to modify cookie preferences.
- Directly on the website concerned: a widget button or cookie management module allows accepting or refusing cookies that require consent, particularly those from third-party companies.
Does the law regulate cookies?
After the public revelation of cookies’ existence in 1996 on web pages, panic began to spread regarding managing collected data and user privacy risks (see our article “Do cookies infringe on users’ privacy?”).
It was not until 2002 that a directive, the ePrivacy Directive 2002/58/EC, regulated cookies and took protective measures for website users:
- 2002: obligation to inform about the existence of cookies.
- 2009: obligation to consent to the existence of cookies (Directive 2002/58/EC amended in 2009, transposed to Article 82 of the French Data Protection Act).
- 2016: clarification of conditions for obtaining consent. It must be free, specific, informed, and unambiguous. The user must be able to withdraw it at any time with the same ease as giving it (GDPR, General Data Protection Regulation. has applied since May 25, 2018).
- 2020: the CNIL proposes practical examples of obtaining consent (Decisions No. 2020-091 and No. 2020-092 of September 17, 2020).
In practice, websites now have obligations towards users regarding cookies:
- They must display a visible banner informing about the purpose of the cookies.
- They must obtain consent for creating and storing data.
- They must allow the possibility of cookie preferences.
- They must allow the possibility of refusing cookies.
Good to know: Not all cookies require user consent. This is particularly the case for those necessary for features expressly requested by the user or for communication establishments, such as language choice or preferences storage.
As a brand presence on the internet or a user, cookies have not escaped you. A true goldmine of website information, cookies collect and store browsing data. Sometimes, they even condition access to online content. When a website receives visitors from France, its owner must follow CNIL’s instructions regarding creating and using both internal and third-party cookies.