Technology: Are Cookies Bad For You?


Technology: Our tech guy Colin Moors delves into the mystery of HTTP cookies – the ones girl guides don’t sell! Are cookies bad for you?

Unless you have been away to the moon in the past couple of months, you’ll have noticed that most websites serving the EU will now have a pop-up box notifying you of the company’s obligations under the EU’s General Data Protection Regulation (GDPR) regarding cookies. This iseither part of the landmark “right to be forgotten” legislation initiated by the EU, or a faceless bureaucracy meddling in our lives, depending on which side of the fence you sit.

Either way, cookies (the small data files that are stored in your web browser’s temporary storage or ‘cache’) fall under this regulation as they can, and sometimes do, store information on you personally. If not, there’s a possibility that they could hold data that would personally identify your surfing habits or sites visited. I say ‘could’ because by and large they don’t. There’s still a fair amount of mystique around the use of cookies but they are mostly not that sinister. I’ll get on to their misuse later but first, a quick 101 in cookie-ology.

There follows a brutally simple attempt to explain things a little. You’ll be fine. Netscape, the early innovators in web browsing and e-commerce applications, wanted a way to store partial transactions. Imagine you’ve been drunk shopping on the internet and plopped a Renault Mégane in the checkout cart. We’ve all done it, I won’t judge. Before committing the purchase, you’ve fallen asleep. Three days later, you are browsing the Renault site again and it mysteriously asks if you still want that Mégane in black with the alloy wheels. Basically, there’s your cookie at work.

Rather than store incomplete and potentially unfulfilled transactions on their servers where they would mount up and fill expensive server space, Netscape invented a way of storing these things on your personal machine, for later retrieval, often with a “time to live” or expiry date. The first real-life use of cookies was mostly just to check if you had already been to the site you landed on, chiefly so the company that owned the site could gather data on traffic statistics in the days when hosting an internet server was as costly as running a small village and every kilobyte transferred needed to be justifiable. A useful analogy for a cookie is a car parking ticket. You go to the car park, drive in and take a ticket from the machine. You now no longer have a car to look after but have a piece of paper. The paper has no value in and of itself but you can hand it back in later for a car.

Pretty soon after the early days of identification only, the wider use of cookies started and continued in the way we vaguely know and possibly don’t love today. There are around eight different distinct types of cookie but to save you all from snoozing and spilling your coffee, I’ll explain the big three, which make up 99.9% of all cookies on your machine at home or work.