https://giphy.com/gifs/cookie-l3vRmjIZpfYp8MLwA

Cookies & The Right to Anonymity on the Web

PROG102 | Ashani Li Peissigma

Source: https://giphy.com/gifs/nbc-mJONUM663p4OZt3i5J

What's the deal with cookies?

If you've ever found yourself shopping for something online before seeing an ad for that very item on a different website, it's no coincidence... Cookies are the culprit.

Cookies are small data files that websites and browsers use to identify users. These files store information about a user's activity on the internet, from their browsing history to the accounts they use. Some are more useful than others, and others can be flat-out dangerous (more on this next).

Source: https://giphy.com/gifs/afv-funny-fail-lol-l3nWl5bhBoim7glNu

Types of Cookies

Authentication Cookies save information about the user when they log into a website, including usernames, passwords, and other account information. This allows users to access websites without having to log in again. Most browsers also encrypt passwords to store them, making the login process relatively safe and secure.

Tracking Cookies record users' session usage and information, such as pages visited and searches made. Tracking cookies are often used to display custom content and advertisements based on a user's search and browsing history, such as a list of recommended products based on previous products the user views.

Source: https://giphy.com/gifs/party-birthday-celebration-s2qXK8wAvkHTO

First-Party vs. Third-Party Cookies

First-Party Cookies are owned by the site using them (matching the domain and the scheme of the site), and are generally safe to use if the site itself is safe and secure.

Third-Party/Cross-Site Cookies are owned by third-party services and do not match the domain and scheme of the site. These cookies are often associated with advertisements and ad-tech platforms, and are used to track browsing history in order to serve relevant ads to users. These cookies are also used to collect analytics, such as page views, clicks, session duration, traffic sources, and geolocation data.

Source: https://giphy.com/gifs/geek-the-incredibles-writing-schedule-13rQ7rrTrvZXlm

Our (lack of) Privacy

Many and most third-party cookies are collected without user consent. While most websites notify their users about cookie collection, ads and other embedded content often act as hidden trackers. Other times, websites sell their users' data to third parties, which turn around and serve ads based on that content. Personal data exchanges hands more often than people think.

Unbeknownst to many, third-party servers can combine cookies collected across multiple sites over weeks, months, and years of usage in order to create a detailed profiles of users, from their browsing history, interests, habits, and personal information like demographics, location, and financial data. In worst cases, this can lead to defrauding, doxxing, and identity theft.

Source: https://giphy.com/gifs/snl-saturday-night-live-3ohzdTinQ1itue6f2o

Data Privacy Laws

While there are no federal laws that regulate the collection and usage of cookies in the United States, many states have data privacy laws enacted that protect consumers, their privacy, and their data. For example, the California Consumer Privacy Act (CCPA) requires businesses to disclose their data collection practices.

The European Union imposes stricter regulations. Websites must require users to give consent before their data can be collected and stored, as well as give them the option to refuse. Under the General Data Protection Regulation (GDPR), consent must be presented clearly and given freely, and users have the right to access their data and have it deleted.

Regardless of laws, it's generally best practice for websites to inform visitors of cookie collection and usage, ask for consent, and give the option to opt out of data collection.

Source: https://giphy.com/gifs/funny-xT41JICjl8yyc

Taking Back Digital Privacy

Online and offline, everyone is entitled to their privacy and anonymity. While it's virtually impossible to be anonymous on the internet, these best practices can help users take control of their digital privacy.

Reject all, or allow only necessary cookies: it's best to get into the habit of rejecting all cookies when prompted. Some sites may require necessary cookies in order to operate, but in general, most websites will allow users to reject most third-party cookies.
Disable cookies: most popular browsers allow users to block or delete third-party cookies.
Use adblocker(s): in addition to preventing annoying ads from loading into websites, ad blockers also prevent subsequent trackers from working properly.
Use a VPN: virtual private networks (VPNs) encrypt and hide browsing history and IP addresses from internet service providers and websites visited.
Browse privately/incognito: most browsers have the option to browse privately. In this mode, the browser deletes any searches made or sites visited after the window is closed.*
Use a secure search engine: Google tracks everything its users do online, harvesting personal information to serve targeted ads (and Google has plenty of ads). Instead, use secure search engines like DuckDuckGo, which provides private searching and built-in tracker blocking.

Source: https://giphy.com/gifs/cat-brighten-yourlaptop-aNqEFrYVnsS52

The Web Developer's Perspective

One useful aspect of cookies is analytics. Analytics are an important metric for web developers and their stakeholders, as they highlight what the website is doing well and where it could improve. Using these metrics can help developers and designers improve traffic and the overall user experience of the site. Search Engine Optimization (SEO) is also highly dependent on analytics, since analytics will reveal how effective the site's strategy is at reaching its target audience.

As mentioned before, it's best practice for websites to inform their visitors of cookie usage and ask for their consent. Many websites now allow users to customize and manage which cookies are collected. Developers should always keep their users' rights and preferences in mind when building and maintaining a website, regardless of whether they are first-time visitors or frequent users of the site.

Works Cited

Baluch, Anna. "Website Analytics: A Beginner's Guide." Forbes, Jun. 2024. https://www.forbes.com/advisor/business/software/website-analytics-guide/

"Common Myths about Private Browsing." Mozilla Support, Nov. 2025. https://support.mozilla.org/en-US/kb/common-myths-about-private-browsing?as=u&utm_source=inproduct

Cruz, Brett & Petrino, Gene. "How To Remain Anonymous on the Internet." Security.org, Nov. 2025. https://www.security.org/vpn/anonymity/

"Everything you need to know about Internet cookies." Microsoft Edge Learning Center, Apr. 2025. https://www.microsoft.com/en-us/edge/learning-center/what-are-cookies?form=MA13I2

Mathews, Lee. "What Is Private Browsing And Why Should You Use it?" Forbes, Jan. 2027. https://www.forbes.com/sites/leemathews/2017/01/27/what-is-private-browsing-and-why-should-you-use-it/

Mare, Andreea. "Cookie Laws: Everything You Need to Know to Stay Compliant." Website Policies, Aug. 2025. https://www.websitepolicies.com/blog/cookie-laws

"Third-party cookies." MDN Web Docs. https://developer.mozilla.org/en-US/docs/Web/Privacy/Guides/Third-party_cookies

Notes

*Private browsing doesn't hide activity from internet service providers or hide IP addresses. Websites may still be able to track users in this mode.