What the title says. I remember, let’s say 10/15 years ago cookies were definitely a thing, but not every website used it. Nowadays you can rarely find a website that doesn’t give you a huge pop-up at visit to tell you you need to accept cookies, and most of these pop-ups cleverly hide the option to reject them/straight up make you deselect every cookie tracker. How come? Why do websites seemingly rely on you accepting their cookies?
In: Technology
Any web site that saves any kind of user settings (e.g. language etc.) or let you log in will use cookies.
Additionally, any web site that wants to count visitors, and distinguish between the same person visiting the web site 5 times and 5 different people visiting the web site, or more advanced “analytics” (how do people use the site), uses cookies.
On web sites that don’t have ads, these will usually be the two answers. Additionally, third party content embedded into the site (e.g. youtube videos, tweets, …) may set cookies.
The main answer, however, is ads. That’s why “they and their 1300 partners value your privacy” (spoiler: they don’t). They want to be able to re-identify you, track you across multiple web pages, and be able to serve you personalized ads – because if they show you an ad that’s actually relevant to you, you’re more likely to click it, and thus they’ll, on average, make something like 10x as much money from a visitor that “accepts cookies” vs. one that “rejects cookies”.
It’s about a *lot* more than cookies. They’re also asking for consent to collect/analyze your data. Usually pseudonymized, but not always (e.g. if you have an account there, and look at power drills, they may tell Facebook “person with email X is interested in power drills, please haunt them with our ads wherever they go for the next two weeks”).
Every time you visit a web site, they share what you looked at with some of their hundreds (300 is low, most sites are somewhere between 200 and 800) “partners”, who may share it with others. Then, in the milliseconds between your initial request and the ads loading, ad companies start bidding on who is willing to pay the most to shove an ad in your face, based on the data they collected. If one of them knows you’re an easy mark for scams, for example, they might pay extra to serve you a scam ad. I think they aren’t *supposed* to store the data if they don’t win the auction, but the ad industry is a swamp of shady companies.
The reason you notice is that GDPR (a EU privacy regulation) requires them to ask for your consent before they do certain things.
# Use an ad blocker (specifically, uBlock Origin)
uBlock Origin is open source, clean, and works well. For technical users, it’s *the* ad blocker (the only browser-extension-based one worth considering, there are legit ones for other use cases like network-based blocking). If you use anything else, there’s a 50% chance you’ll end up with something scammy or dangerous. Ad blockers doesn’t block everything, but 95% of the crap that would collect your data doesn’t even load if you have an ad blocker.
Oh, did you see how I put “reject” cookies into quotes? Because that means less cookies and abuse of your data, not none. Some claim they are allowed to process data without your consent under “legitimate interest”, some let you opt out of that, some don’t at all, some make you uncheck 20 boxes. But *regardless of that*, most have a lot of “necessary” categories, many of them related to ads, that they will hit you with regardless of your “choice”. Much of what they do is likely illegal, but enforcement is lacking and happens slower than the swamp spawns new shitty companies. So…
# Use an ad blocker.
Latest Answers