Cookies and Data Privacy

Many people have heard the term “Internet Cookie” or “Http Cookie” before but not many really know what they are. This article will explain what cookies are and their relationship to data privacy.

What a Cookie Is Not

A common misconception is that a cookie is harmful – much like a virus. However, this is not true. Cookies are not viruses nor do they transmit viruses.

There are some security concerns with cookies however. Authentication cookies have some security vulnerabilities to XSS (cross-site scripting) attacks. Which is an attempt to steal the cookie to gain access to a users account.

What a Cookie Is

Cookies at their core are nothing more than a small snippet of data. This data generally contains information about you, your browsing experience/activity, devices, locations, etc. This data is stored your web browser and is accessed and used by websites – generally to improve your web browsing experience.

Different kinds of cookies include:

  • Session cookies
  • Authentication cookies
  • Persistent cookies
  • Third party cookies
  • First party cookies

These cookies vary in purpose but are generally used for things such as:

  • Authenticating a user without requiring a log in
  • Collecting browsing data for marketing
  • Remembering user preferences
  • Shopping carts
  • Video recommendations
  • and much more

Cookies and Data Privacy

The primary concern with cookies has always been related to data privacy. Historically before laws such as the GDPR and CCPA websites would use cookies for aggressive marketing tactics – usually without the users knowledge.

Since then, many websites now employ what are known as “Cookie Consent Managers” that track whether or not a user has consented to the sites use of cookies.

These managers generally should accomplish a few things:

  • Clearly outline what the user is consenting to
  • Explain what the site uses cookies for
  • Have an option to decline


Cookie consent managers are generally accepted as a solution for GDPR compliance, but they are not perfect. Many websites currently use cookie consent managers that are hard to understand, don’t have an option to decline, nor do they explain what they use cookies for.

However since the introduction of these laws, awareness of cookies and data privacy has increased significantly. Users are much more keen to websites employing shady/aggressive marketing tactics through the use of cookies.

Need Policies for Your Website?

Let ezDoc handle your terms and privacy needs with our custom policy generating software.