It varies. Likely the are cookies related to site operations. For example, Amazon will put a cookie on your computer that saves your shopping cart so you can add things to it without being logged in; once you log in, the cookie tells the site that the cart should be associated with your account. That cookie is pretty essential to the operation of the site.

Sites where you have an ongoing interaction with it, like when you’re logged in or doing something involving multiple interactions over a period of time, don’t work without cookies. The cookie is how they know you’re you.

For one, a cookie is required in order to remember whether or not you pressed “block cookies” last time.

Cookies are also used for security to check whether or not you’ve logged in previously, to bypass 2 factor auth, or to keep you logged in after closing and re-opening the website.

Without cookies, a website can’t remember *anything* about you when you leave it.

Those are cookies that are necessary for the site to function, that store information about your visit and allow information to pass around the site — say the fact you’re logged in, or items you’ve placed in a cart.

They are a textfile, saved locally to your computer, that allow the website to remember things about you between uses. They are frequently required for a site to function because the site doesn’t have a different way of remembering things about you. For example, a website you can use without an account, like a news site or a cooking site, might limit the number of articles you can read. A shopping site without cookies would mean you need to be logged in before filling your cart, otherwise it could only remember the last item you added. Things like dark mode, wouldn’t work, they’d switch off the moment you left the page. The cookies message itself requires a cookie to remember your choice.

The vast majority of cookies exist to make websites function. The only alternative is for every site to require an account before you can do anything. If your concern is privacy, allowing cookies is far safer an option then making accounts everywhere.

Well, to start with to keep track of what cookie options you chose. Without any cookies at all it would be tabula rasa each time you visit, the website would have no idea who you are or what options you have set for yourself previously.

Cookies are generally a way for websites to remember something. This includes whether you have logged in. So one required cookie could be a session token indicating that you have logged in. To get this to work without cookies you would have to log in on every page visit.

Webpages that are the same no matter what you have done before do not need cookies, but anything that requires a website to remember what you have done *cannot* be accomplished without cookies or something similar (local storage, I.P. address, device ID).

Cookies are not inherently evil and don’t always have anything to do with tracking private information, they usually are just a way of storing user state between requests so that the website can do its desired function. You *can* set browser settings to completely block cookies, but many webpages simply won’t work.

From your response OP, looks like this question is better suited for r/privacy

Besides simple utility and session tracking, the real answer is that absolutely every sizeable website benefits from tracking as much user data as possible. The reason? Advertising. The more they know about your browsing, clicking, and exploring habits, the better they can crunch huge volumes of data to identify patterns in consumer interest and spending. Either they use this data themselves, or they sell it to third parties.

In a nutshell, companies benefit from tracking you, there is little to no regulation on how much they can track you (GDPR was a bandaid on a compound fracture), and companies will continue to track you as much as they feasibly can. There’s the reason the popups are designed to be annoying, with the easiest way to dismiss them being “Allow all”.

Bonus – if you don’t explicitly disable third-party cookies (browser settings), sites will even install cookies from their affiliates and earn a small commission for the data they harvest from you.

Google has some of the most invasive cookies, which makes Google Ads one of the most bang for buck advertising services. Amazon uses to show you more stuff you’ll buy. Same with FB/Insta, and Tiktok on mobile has perfected the art of using even the length of time you hover before scrolling in their recommendation.

If you’re interested, check out this concept/book called Surveillance Capitalism that explains how pervasive this is – https://en.wikipedia.org/wiki/Surveillance_capitalism

Essential cookies are how pages work.

For example, if you log in, it stores a small file (session token) that says that you’re authenticated. So each time you access content only available to registered users, computer just checks if you have active cookie (they expire over time). Otherwise, you’d need to log in on every time you move to different page and send instant message or make a forum post or whatever. Even reading my post, Reddit, before rendering it on your screen, checked if you’re logged in or not (via cookie), so it could add “save” and “reply” buttons under it. Without cookie, it wouldn’t know if you’d have those rights – non users can’t reply!.

There’s some other things cookies store as well. For example, internet store might save your location to calculate shipping costs for every product and so on.

More complex explanation would be that (most) websites (nowadays) are programs, not simply instructions to draw something on the screen (HTML), as it was when internet was simple. There’s either one or two programs (back end and front end), meaning something can run on server (not needed for simpler websites) and something almost definitely runs in your computer. And any software usually lies on local storage. But since internet is dangerous, local and remote storage (can a website save extra or generated stuff on the server or your machine) is highly regulated. That’s why they made you confirm that you accept cookies in the first place.

Early internet was more was more similar to text or Word files – just images and text (“static”). But from modern internet, we expect to be able to interact with it, not just request content from a server, but send our data to other end as well. And any sort of data interactivity pretty much means that you’ve moved from simple (viewable) document to an actual application with an user interface. That’s what gave birth to cookies.

I’m not very good at ELI5, but I thought it would be good to add some extra information

As said cookies are used to store data. One thing to note is that most of the web uses HTTP, which does not allow state, or data, to be stored. It either has to be stored on the server or in the browser. In the past you would sometimes see session IDs in the url, but that was horribly insecure. It also depended on the request going to the same server, or else all data would be lost, because the new server doesn’t know about the previous server’s session. Cookies was one way to solve that problem. Now a days we have more options to choose from, but the most common required cookie is going to be one that stores a token for when you log in.

Also cookies can last through multiple requests, where most other data storage would disappear when you reload the page. The other option of local storage can work, but is much less secure than the protocols around cookies.

I will agree with you about news sites and other sites you just víit not necessarily needing cookies, but also for pay wall purposes and such they need them.

tl;dr if you had no cookies the site would think you are a new visitor every time, and cookies are actually pretty secure, when used properly