Cookies

About Cookies and their Functions


Public Forum Limited, Gator’Jax: Cookie Use.


Types of Cookies Used
There are many different types and uses of cookies, but most can be classified in a number of different ways.


First Party Cookies (Used)
One of the key attributes of a cookie is its 'Host' - this is the domain name of the site that ultimately sets the cookie. Only the host domain can retrieve and read the contents of the cookie once it has been set.

If the host name is the same as the domain in the browser address bar when it is set or retrieved, then it is a First Party Cookie.

First party cookies are only set or retrieved by the website while you are visiting it, so they cannot normally be used to track activity or pass data from one site to another.

However the owner of that website can still collect data through their cookies and use that to change how the website appears to the user, or the information it displays.

Of course they can also collect the data and use it outside their website, and even sell it on to other organisations. However, if they do this it must be explained in the site's privacy policy.

Most desktop browsers allow you to see a list of the cookies that have been set – and they will normally be listed by the host domain value.


Third Party Cookies
(Used, also used only by 3rd party business members) 

If the host domain for a cookie is different to the one in the browser bar when it was downloaded, then it is a third party cookie.

They are usually placed in a website via scripts or tags added into the web page. Sometimes these scripts will also bring additional functionality to the site, such as enabling content to be shared via social networks.

For example, if you visit a site that has a YouTube video in one of its pages. This has been included by the website owner, using a piece of code provided by YouTube. YouTube will then be able to set cookies through this code, and know that you have watched that video, or even just visited the page the video is in.

Online advertising is the most common use of third party cookies. By adding their tags to a page, which may or may not display adverts, advertisers can track a user (or their device) across many of the websites they visit.

This allows them to build up a 'behavioural profile' of the user, which can then be used to target them with online ads based around their 'calculated' interests.

Use of cookies for this purpose is often seen as intrusive and an invasion of privacy. Such activity is one of the drivers behind the development of new privacy laws, especially the EU Cookie Law.


Session Cookies (Used)
Session Cookies are only stored temporarily in the browser's memory, and are destroyed when it is closed down, although they will survive navigating away from the website they came from.

If you have to login to a website every time you open your browser and visit it - then it is using a session cookie to store your login credentials.

Many websites use session cookies for essential site functions, and to make sure pages are sent to the browser as quickly and efficiently as possible.


Secure Cookies (Used)
Secure cookies are only transmitted via HTTPS - which you will typically find in the checkout pages of online shopping sites.

This ensures that any data in the cookie will be encrypted as it passes between the website and the browser. As you might imagine – cookies that are used by e-commerce sites to remember credit card details, or manage the transaction process in some way, would normally be secure, but any other cookie might also be made secure.


HTTP Only Cookies (Used)
When a cookie has an 'HTTP Only' attribute set, the browser will prevent any client script in the page (like JavaScript) from accessing the contents of the cookie.

This protects it from so-called cross-site-scripting (XSS) attacks, where a malicious script tries to send the content of a cookie to a third party website.


Cookie Law in the UK
Privacy and Electronic Communications Regulations

The EU Cookie Directive was implemented into UK law under the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 which are themselves an amendment to the Privacy and Electronic Communications (EC Directive) Regulations 2003.

These regulations came into UK law on 26 May 2011, one day after the deadline set by the EU.

Wording of the UK Regulations
There is one key section of the UK regulations that is relevant to website owners in respect of user consent:

 

Confidentiality of communications
6.—(1) Subject to paragraph (4), a person shall not store or gain access to information stored, in the terminal equipment of a subscriber or user unless the requirements of paragraph (2) are met.

(2) The requirements are that the subscriber or user of that terminal equipment— (a) is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information; and (b) has given his or her consent.

(3) Where an electronic communications network is used by the same person to store or access information in the terminal equipment of a subscriber or user on more than one occasion, it is sufficient for the purposes of this regulation that the requirements of paragraph (2) are met in respect of the initial use.

(3A) For the purposes of paragraph (2), consent may be signified by a subscriber who amends or sets controls on the internet browser which the subscriber uses or by using another application or programme to signify consent.

(4) Paragraph (1) shall not apply to the technical storage of, or access to, information— (a) for the sole purpose of carrying out the transmission of a communication over an electronic communications network; or (b) where such storage or access is strictly necessary for the provision of an information society service requested by the subscriber or user.

An everyday interpretation of this would read:
You cannot store or gain access to information stored on a computer, unless the user has been given clear and comprehensive information about what you want to do, and why, and has given their consent to do so.

The exception to this rule is when the user requests a service and that service cannot be provided without storing or gaining access to information stored on their computer.

UK Enforcement of the Regulations
Enforcement of the regulations is the responsibility of the Information Commissioners Office (ICO). They have investigatory powers and the ability to impose fines of up to £500,000 for serious breaches of the regulations.

The ICO’s approach to enforcement is a very light touch one. They have put in place a complaints mechanism, but do not take any proactive investigative action.

As of Spring 2013, the most action they have taken is to make a visual check of sites to see whether or not they have any user notification of the use of cookies. They have the power to force site owners to change their site to comply with the law, but have also said that it is unlikely they would go so far as to impose a fine for non-compliance with the law.

This has led to a situation where many websites either ignore it completely, or try to do as little as possible to avoid the threat of action. Some people have argued that this has led to a situation where online privacy has been diminished as a result of the law, rather than strengthened.


ICO Complaints Tool
The ICO has produced an online tool to enable consumers to make complaints about the use of cookies without their consent.

The ICO also has up to date information about cookies here: http://www.ico.org.uk/for_the_public/topic_specific_guides/online/cookies.

 

California Consumer Privacy Act (CCPA)
Information Taken from: www.oag.ca.gov/privacy/ccpa

The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them and the CCPA regulations provide guidance on how to implement the law. This landmark law secures new privacy rights for California consumers, including
1, The right to know about the personal information a business collects about them and how it is used and shared;
2, The right to delete personal information collected from them (with some exceptions);
3, The right to opt-out of the sale of their personal information; and
4, The right to non-discrimination for exercising their CCPA rights.

Businesses are required to give consumers certain notices explaining their privacy practices.
The CCPA applies to many businesses, including data brokers.

 

How to Enable and Disable Cookies

How you manage your cookies depends on which web browser you're using, but it's a great way to boost your online privacy.

Different browsers offer differing ways to configure your browser's cookie settings.

Due to the wide range of differences among different websites' privacy policies, many browsers allow for universal privacy settings you can choose from.

What can I do to manage cookies stored on my computer?

You can choose different privacy settings based on your personal privacy concerns. Most commercial and professionally-created websites like Yahoo and Google have privacy policy pages that disclose how the sites handle, gather, and pass on user information to third parties. These are known as “P3P” features (Privacy Preferences Platform).

Some modern browsers have a feature that will analyze website privacy policies and allow a user to control their privacy needs. These are also known as P3P features.

What web browser am I using?

Check out our easy guide and find out what browser you're using.

 

If the commercial website you're visiting lacks a privacy policy, be very careful with any information you enter into any forms within the site.

You can easily remove any cookies that have been created in the cookie folder of your browser. For example, if you're on Windows machine, here are the steps on how to use Windows Explorer to erase cookie files:

  1. Click on "Windows Explorer"
  2. Select the "Search" button on the toolbar
  3. Enter “cookie” into the search box field for "Folders and Files"
  4. Choose "My Computer" in the "Look In" drop-down menu
  5. Click on "Search Now"
  6. Select and open the folders that are retrieved
  7. Click to highlight any cookie file
  8. Click the "Delete" key to erase the cookie file

If you don't have Windows Explorer, click the Help function on your Start button and enter “cookies” to search for information on how to locate the folder.

There are a number of ways to manage cookies. You can clear cookiesprevent cookies, delete cookies, and enable cookies at your will and for different circumstances. If you use different computers in different locations, you'll need to ensure that each browser is adjusted to suit your cookie preferences.

What cookies do to your PC

Cookies are browser-dependent and are essentially text files that contain information your browser saves in a folder for some of the websites you visit. By themselves, cookies pose no risk since they don't contain viruses in any form nor do they spy on your PC content to compromise security.

Cookies are used to make online surfing faster and easier by making the sites you’ve visited remember who you are. This includes remembering your IP address or passwords, along with your personal preferences, such as when Amazon recommends a book or music CD similar to what you looked for on your last visit.

But this convenience feature of having cookies can be overused when some websites use them to track you across various websites, often for analytical competition purposes, and end up recording your web surfing behavior.

Cookies can get a bit frightening when the companies that track you are those you've never dealt with and to whom you never gave your personal information.

Older browsers like Internet Explorer or Netscape offered a limited choice for managing cookies. They just completely allowed or disallowed cookies, so you'd either benefit from cookies or not. These browsers can also be set to prompt you for a yes or no response in each attempt for a site to send cookies. 

Today, newer browsers like Microsoft EdgeFirefox, and Opera offer a better degree of control in selecting which sites can or cannot send cookies.

Managing cookies on the Firefox 8.0 browser

Just as an example of what a modern browser can do, you can specify your cookie options under Firefox 8.0 by selecting the following:

Tools -> Options -> Privacy

In the Privacy box, you can prevent websites from tracking you by checking the “Tell website I do not want to be tracked” under Tracking.

But even if you are tracked, you can click “remove individual cookies,” which opens up a new dialog box containing all the websites you've visited and their respective cookie files that were saved by your browser. You can individually delete the cookies, search for specific cookies, or just delete all of the cookies with one click.

Managing Flash cookies

Browser cookies generally make it faster and easier for you to access sites the next time around, and the same benefit comes with Flash cookies. 

Deleting them may require you to re-enter verification information on sites the next time you visit. But just like any cookie, you can delete Flash cookies for security or technical reasons since flash cookies tend to slow down your browser. 

Here’s how to delete Flash cookies:

  1. Visit the Settings Manager for your Adobe Flash Player. You will be taken to the Adobe website.
  2. The Adobe site lists the websites with the cookies.
  3. Click the delete button that's listed opposite the website where you want the cookies deleted.

Need to clear your cookies? 

Check out our guides on how to remove cookies from your particular browser:

Cookies on GatorJax.
GatorJax website uses cookies. On your Computer or Device We store harmless, non-intrusive cookies that monitor your actions and use of the GatorJax website only. ( You can delete these cookies once you have left our website by clearing your browser history and clearing cookies)
Read more east Accept done