1. What are Cookies?
A Cookie is a small file composed of letters and numbers and it will be stored on your computer, mobile device or any device you use to access a website. Cookies are not viruses – they do not contain executable codes and they cannot access the information stored on your computer.
2. What kind of Cookies do we use?
From a temporal viewpoint, we use:
- Persistent Cookies - they remain on your device for a certain time period. They are used every time you visit the website that created this file.
- Session Cookies - these files are temporary and they are erased when the browser is closed.
Furthermore, from a functionality viewpoint, we use the following types of cookies:
- Strictly necessary Cookies - they are essential in surfing a website. These files do not collect any user information that could be used in marketing or in tracking the user on the internet.
- Performance Cookies- they collect anonymous statistical data regarding the use of the website. They do not contain personal information and they are used to improve the user’s experience on the website.
3. Do Cookies contain personal data?
Cookies themselves do not solicit personal information that could be used and, in most cases, they do not personally identify the internet users. The personal data collected by Cookies can be collected only to facilitate certain functionalities for the user. This data is encrypted in a way that makes it impossible for unauthorised people to access it.
4. Deleting Cookies
Generally, an application used to access websites implicitly enables cookies installed in the terminal. These settings can be changed so that the automatic management of Cookies is blocked by the browser or so that the user is notified each time Cookies are sent to the terminal. You can find more detailed information regarding the Cookie settings in the application’s settings menu (in your browser). Blocking Cookies can affect certain webpage functions.
5. Why are Cookies important for the internet?
Cookies represent the central point in the efficient functioning of the internet and they help generate a friendly navigation experience, adapted to each user’s preferences and interests. By refusing or deactivating the Cookies, some sites may be impossible to use.
The fact that you refuse or you deactivate the Cookies does not mean that you will no longer receive online ads – it merely means that the ads will no longer be based on your preferences and interests shown through the navigation behaviour.
Examples of important uses of Cookies (that do not require the user’s authentification through an account):
- Content and services adapted to the user’s preferences – categories of products and services.
- Offers adapted to the user’s interests.
- Maintaining parental control filters on internet content (family mode options, safe search functions).
- Limiting the ads frequency – limiting the number of times an ad is shown to a certain user on a site.
- Displaying advertising more relevant to the user.
- Measuring, optimising and analysing traffic – they thus identify the level of traffic on a website, what type of content is viewed and how the user reaches a website (for example, through search engines, directly, from other websites etc.). These analyses are carried out in order to improve the websites and the user’s experience.
6. Security and Confidentiality
Cookies are NOT viruses! They are text files. They are not compiled of code segments, therefore they are not executables and they cannot run themselves. Consequently, they cannot duplicate or replicate on other networks in order to run or replicate again. Since they cannot fulfil these functions, they cannot be considered viruses.
However, Cookies can be used with negative purposes. Since they store information regarding the user’s preferences and browsing history, both on a certain site and on the internet in general, Cookies can be used as a form of Spyware. Many anti-spyware products are aware of this fact and they constantly mark Cookies to be deleted within the antivirus/anti-spyware delete/scan procedures.
Browsers generally have integrated confidentiality settings that offer different levels of accepting Cookies, their validity period and automatic deletion after a user accessed a certain site.
Other security aspects regarding Cookies
Because protection of identity is very important and it represents each internet user’s right, it would be advisable for you to know what possible issues Cookies can create. Since, through Cookies, information between the browser and the website is continuously exchanged, if an attacker or an unauthorised person intervenes in the transmission of data, the information contained by the Cookies can be intercepted. Although it is very rare, it can happen if the browser connects to a server that uses an unencrypted network (for example: an unsecured Wi-Fi network).
Other attacks based on Cookies imply that the Cookies have the wrong settings on the servers. If a website does not require the browser to use only encrypted channels, the attackers can use this vulnerability to trick the browsers to send information through the unsecured channels. The attackers then use the information in order to have unauthorised access on the website. It is important that you be very careful in choosing the best method of protecting your personal data.
Advice on a safe and responsible navigation based on Cookies
Here is some advice that could ensure a safe navigation:
- Customise your browser settings regarding Cookies, so that it reflects a level of Cookie use security that is comfortable to you. If Cookies do not bother you and you are the only person using that particular computer, you can set long expiration terms for the storage of the browser history and of the access personal data. If you share that particular computer, you could consider setting the browser to delete individual browsing data each time you close the browser. This is a means of accessing the sites that plant Cookies and to delete any access information at the end of the session.
- Constantly install and update anti-spyware applications. Many of the spyware detection and prevention include site attack detection. Thus, they prevent the browser to access websites that could exploit the browser’s vulnerabilities or that could download dangerous software.
- Make sure that your browser is always updated. Many of the attacks based on Cookies are made by exploiting the weak points of the older versions of the browsers.
Cookies are everywhere and they cannot be avoided is you wish to have access to the best and greatest sites – local or international sites. Through a clear understanding of their means of operation and of the benefits they bring, you can take the necessary security measures so that you could confidently navigate the internet.
Deactivating and refusing Cookies can make certain sites inaccessible or difficult to access and use. Furthermore, a refusal of Cookies does not imply the fact that you will no longer receive/see online advertising.
All modern browsers offer the possibility to change the Cookie settings. These settings are usually in the “options” or in the “preference” menu of your browser.
In order for you to understand these settings, the following links may be useful. You can also use the “Help” option on your browser for further information.
- Cookie settings in Internet Explorer
- Cookie settings in Firefox
- Cookie settings in Chrome
- Cookie settings in Safari
In the case of third-party Cookie settings: http://www.youronlinechoices.com/ro/