Cookies, Cookies, Cookies.

<- Back to all Blogs
6 min Read   |  Published: Wed Nov 4 2020
Cookies are small text files that can be dropped by websites onto a browser to store information about users. Cookies can be short- or long-lived, and come with different purposes. They were created in 1994 and introduced into the Netscape browser in the same year. The original intent when creating cookies was apparently somewhat innocent: to allow sites to store persistent information about the user in order to provide services, and to improve User Experience, whilst ushering in the ecommerce revolution. For a deeper look into cookies and their history, please click here.
The problem, as it is often said, is that ‘the road to hell is paved with good intentions’. Not long after gleaning the data collected with the help cookies, companies and advertisers swiftly commenced the wholesale tracking and profiling of individuals: their online and offline locations, habits, preferences, appetites, beliefs and more. The end result has been the melt-down of Privacy that we are experiencing today.

There have, however, been Privacy concerns from the get-go, notably in the U.S. with the Federal Trade Commission hearings of 1996 and 1997. With the industry as a whole ignoring multiple early warnings about the privacy impact of cookies, the digital revolution then really began. To be very clear, the digital revolution has transformed the world in many truly amazing ways; however, along the way, our Privacy has paid a huge price.

Let’s quickly take a closer look at cookies

As stated, cookies are essentially a method to track a user’s behaviour when they visit a website. They come in two similar forms, but are used and collected in two very different ways:

First-Party Cookies
First-party cookies are directly stored by the website (or domain) you visit. These cookies allow website owners to collect analytics data, remember language settings, and perform other useful functions that provide a good user experience.

Third-Party Cookies
Third-party cookies, or more appropriately termed ‘tracking cookies’, are created by domains that are not the website (or domain) that you visit. They magically remain active even on websites that they did not originate from, gathering information about your behaviour and what you click on, often for a long time into our browsing future. For more information on how they work, click here.

While cookies get a lot of attention, there are many other digital privacy threats – and some much scarier – that are not cookie-based. These range from local storage, advanced digital fingerprinting, large scale Social engineering, to identity mapping and mass surveillance using a range of means (*cough* NSA-Snowden, anyone?). That being said, cookies are still one of the more open ways for companies to track users across websites and other digital properties. So why is this so important? Well, with advancements in Digital fingerprinting as well as Machine Learning and Data Analytics, companies, organizations, and ad networks are able to build such accurate and secretive profiles of us by correlating activities across all the sites we visit and apps we access. As we are often not aware we are being followed and profiled, we are therefore not aware when we are potentially being manipulated. It all boils down to a severe breach of trust, and governments have responded with sweeping privacy regulations.

Regulation to the rescue, right?

Some say we are breaking the internet, or really the internet as we known it. Well, what we now have is an online world littered with small, needy, pop-up boxes when we visit any website. These are an increasingly hot topic in recent years and, let’s face it, we all want to hit the screen every time we get one of those notorious pop-ups. In recent years regulations like the GDPR, CCPA and ePrivacy have meant that companies now have to be more transparent with the use of cookies, and have to provide you with an option to opt-out of having them placed on your device. However, many of the cookie policies and processes put in place by companies are still questionable: they are still often difficult to understand and rely on underhand methods, like implied consent, to keep cookies being placed on your device. The popups have simply become so tiring that people have taken to blanket accepting and, in the end, if we want to see the content, we’re simply going to click accept. Like many, you may then be left wondering whether these boxes serve any other purpose than to annoy us. In what can only be seen as a sad series of events, a team member recently attempted to read an article on how Privacy is Dead and what we can do to fix it; before reading it, a cookie consent widget appeared with a bold ‘Accept All’ option and no easy route to opt out. To manage settings, they were then taken to a terrifying list of over 50 trackers that the site was wanting to place. Perhaps it was wishful to hope that regulations asking for more transparency would also mean less tracking, however this is clearly not the case. The Future of cookies is not looking bright

The Future of cookies is not looking bright

The recent suggestion is that third-party tracking cookies might be on their way out. Browsers such-as Firefox will be blocking most third-party trackers by default, and consumers are becoming more vocal about the safety of their identity and privacy while browsing. Users are tired of cookie walls and pop-ups, and a UX issue means the current regulations are not quite getting it right.

The Belgian Data Protection Authority (APD-GBA) recently found serious GDPR infringements in the system Google and other businesses are using to legitimise online tracking. The standards behind the majority of consent messages that appear in pop-ups in Europe has similarly been found to infringe the GDPR. The APD-GBA is the lead enforcer on both issues and so it is not set to be an easy outcome for the EU’s IAB framework.

At the end of the day, we have to reach a balance between business goals and user-privacy. Trunomi has an alternative zero-data, zero-risk approach to privacy and, unlike many cookie consent solutions, we tackle privacy end-to-end – for enterprises that truly want to achieve the balance between privacy and business goals. So, our message to you is don’t hide your company behind cookie walls.

If your Enterprise wants to tackle the cookie conundrum and be seen as a business that truly cares about its customer’s/user’s privacy, then stop treating it as a stand-alone issue. Cookie consent must be woven into a fully end-to-end, comprehensive Privacy Solution, one designed to scale – from cookies to wherever you need to go. Trunomi’s technology is not bound by geographical borders, unlike the raw PII that you collect today. Trunomi is unique as the only solution to never see or store customer PII, and it has been proven to create stronger customer relationships, drive new levels of engagement and unmask revenue opportunities. Trunomi is certified to operate at NSA security standards and is deemed by law firm Baker Mckenzie to be a Zero-Risk solution to global data Privacy.

Should you wish to have a conversation around an end to end Privacy Solution please contact us at