I used to ignore cookies. Now I clear them every two weeks—and it’s changed how I think about online privacy. While they have their uses, here’s why managing cookies matters.
What Are Cookies?
Cookies are tiny bits of data stored on your computer by websites. Yes, these cookies aren’t edible, but they exist to enhance the functionality of a website, and to make browsing as smooth and personalized as possible.
As you browse a website, cookies save data—including your preferences, login data, and items in your shopping cart. The cookie “remembers” all of this, so the next time you visit, you don’t have to start from scratch. But the same technology that keeps your shopping cart full also has a dark side which we’ll explore.
Cookies Come in Different Flavors
Just like baked treats that come in different flavors, browser cookies also come in various types. Session cookies only last for a session and get deleted (or expire) as soon as you close your browser, while persistent cookies linger for days, months, or even years.
Tracking cookies (also known as third-party cookies) are a type of cookie that help build a profile on a user’s behavior and preferences. This information not only includes websites visited and their duration but also products you’ve clicked on or purchased, search history, and device information (including geographic information).
Tracking cookies exist to collect data for targeted advertising, analytics, and personalization of user experience, which is usually set by third-party advertisers. All this data is typically stored under a unique identifier used to identify an individual user. Fortunately, you can block tracking cookies on many browsers.
As someone who is privacy conscious, I don’t want to be “tracked” and I don’t like that my browsing habits are recorded for advertising purposes. There’s also the security risks associated with cookies.
The Security Risks of Cookies
Cookies aren’t inherently bad, but they don’t exist without risks. If not properly managed by website owners and developers, there are several security risks associated with cookies.
Improperly configured cookies can be compromised via man-in-the-middle (MITM) attacks (where the hacker captures cookies during data transmission between your browser and the website) to steal sensitive information such as login tokens, as well as other data. If a hacker gains access to these tokens, they may not even need your password to access your account.
Cookie poisoning is real and can be carried out via MITM attacks. Techniques hackers might use include directly modifying cookie values in the user’s browser using malicious JavaScript or exploiting cross-site scripting (XSS) vulnerabilities to steal cookie information. An example of cookie poisoning in e-commerce fraud includes a hacker modifying a cookie for a shopping cart total from $200 to $20, tricking the website into processing a transaction at a lower price, and profiting off it.
Session hijacking is also a common method where hackers can intercept or steal session cookies. This can be used to impersonate you on a website and gain unauthorized access to your account and sensitive information. Though using strong passwords and two-factor authentication are good security practices, this method allows hackers to bypass both of these measures. I try to use https as much as possible, which encrypts my internet connection and provides protection against some of these security risks.
Remember I mentioned that third-party advertisers use tracking cookies to learn more about user behavior? Well, it doesn’t end there. Some e-commerce platforms have implemented dynamic pricing strategies with cookies. This means that the cost of a product can be based on factors like location, browsing behavior, or even device type. For example, if you repeatedly visit a page to book a hotel, cookies may alert the site to your heightened interest, and you’ll see the price spike the next time you visit.
I’ve actually experienced dynamic pricing when looking at plane tickets. After viewing them on my phone, I changed my location to Brazil using a VPN and went back to the website after clearing my cookies. The price of the ticket had decreased by almost 20%! This “personalized pricing” felt like a betrayal of trust, turning cookies into tools for making as much profit as possible rather than to improve the user experience.
For those who frequently shop online, clearing cookies can level the playing field. Think of it as cleaning the lens through which e-commerce companies view you. You can also shop in incognito mode, so cookies can’t track repeat visits, and also compare prices on different devices. As I mentioned earlier, you can even use a VPN to change your location. Who knows, you may just end up saving a bit of money.
Why I Clear My Cookies Regularly
In the past, I used to let my cookies just be. Sure, I’d check the boxes to “only allow necessary cookies” on websites I’d visit, but I didn’t tend to pay too much attention to them. Of course, now I know differently.
Clearing cookies every two weeks feels like cleaning the clutter from my browser. For me, it’s more than about security and privacy. I find that it gives me a bit more control over information stored on my browsing habits, and being able to control how I’m tracked by advertising companies.
Best of all, it’s quick and easy. Modern browsers make it easy to delete your cookies. Whether you’re using Android, Safari, Firefox, or Edge. I’m using Chrome right now, so these are the steps I usually follow:
First, click the three-dot menu in the corner and go to “Settings:”
Next, go to Privacy and Security > Delete Browsing Data:
Check the box for Cookies and Other Site Data > Delete Data:
You can also delete cached data as shown in the window above to speed up your browser performance in the long term (however, clearing the cache can make browsing slow in the short term).
The Cons of Clearing Cookies
The short answer is that you’ll lose convenience. Those quick auto-logins on your socials? Gone. Your saved shopping cart? Poof. Clearing cookies feels like tearing down all your saved logins and shopping carts.
Certain cookies also power website features you don’t think about. Ever wonder how a site remembers your preferred currency or language? Light or dark mode? Cookies. Delete them, and you’ll have to reset those preferences manually. Still, the occasional hassle is a fair trade-off for peace of mind.
Cookies aren’t inherently dangerous, but they require some management. By regularly clearing cookies, you maintain your privacy, dodge price gouging, and reduce the risk of your sensitive information being compromised.
I’ve found that deleting cookies every two weeks strikes the perfect balance between maintaining convenience and being cautious. If you decide to try it out, you might find yourself enjoying a little less clutter in both your browser and your online experience.
