What are HTTP cookies and do you need to allow them?

What Are HTTP Cookies, and Do I Need to Allow Them?

Wondering why you keep being asked to allow cookies when you browse the Internet? Here’s the answer you’ve been looking for.

You’ve probably heard of HTTP cookies (also known as “web cookies,” “browser cookies,” or simply “cookies”) before. Maybe you’ve visited a website and had it ask you for permission to use cookies and wondered what kind of privacy or security rights you were signing away. Or maybe you just want to know what they’re being used for before you grant permission.

In an era where digital privacy rights and online security are of increasing importance, these are good questions to ask. And when it comes to HTTP cookies, the jury is split. In some instances, cookies are a simple, safe, and convenient way for websites to provide a better user experience. At other times, they’re a potential privacy threat with security weaknesses. How can you know the difference?

It may help to first understand what cookies are. Put simply, they’re small pieces of data that a website sends to your browser in order to identify users. Once your browser has saved the cookie, the website is able to remember who you are, track your behavior, and customize your experience. If you’re worried about how they use that data, It’s probably less concerning than you think.

What are web cookies used for?

You’re probably familiar with a few of these scenarios:

  • You add an item to a online shopping cart, but leave the website before completing the purchase. Later, when you return to the web page, the items are still in your cart.
  • You frequently open and close browser tabs for your email, Facebook, or some other website, but you don’t have to log in every time you return.
  • You’re on a website you’ve visited before. You go to fill out a form, and notice some of the fields are already completed with the information you used last time.

Browsers are able to remember information about items in your shopping cart, your login sessions, and your form field information because of the cookies they leave behind on your computer. The cookies help them follow your actions, and for the most part, their purpose is to improve your experience on a website.

Authentication cookies are also used to help browsers determine whether a user is logged in to a web page, and which account they’re logged into. This can be critical, particularly for websites that store personal or private information.

However, cookies are also used for tracking and marketing purposes, either through the website itself, or through a third-party. This tracking information is often used to better target online advertisements, or to understand user behavior on a website to improve its design. While these uses are generally harmless, they have raised privacy concerns for some users. These concerns have caused many to wonder if they need to allow cookies on their computer at all.

Do you need to allow cookies onto your computer?

In some instances, you may. If cookies are essential to the website’s services, it may require you to allow cookies before it can operate. In this case, your choice is either to allow the cookie, or look for service elsewhere.

However, in other cases, cookies are optional. How they’re handled depends on the website owner, the browser you use, and the restrictions of various governing bodies.

Many websites, particularly in the United States, use cookies on an opt-out basis. If you don’t want their HTTP cookies on your computer, you have to change settings in your browser. The theory behind this is that the cookies are mostly used to benefit the user, and that asking permission first is more trouble for the user.

On the other hand, the European Union has taken the opposite approach. In just a few weeks, it will require all websites serving EU citizens (including non-EU countries, like the United States) to explicitly ask for user consent before placing web cookies on their computer.

Many websites already explicitly request permission to use cookies, as in the example above. Others inform users that their website uses cookies and that by continuing to use their website they grant tacit consent.

HTTP cookies and incognito browsing.

Want to avoid cookies altogether? Most browsers include an option that allows for a cookie-free browsing experience. ( This is called “incognito” on Chrome, “private” on Safari and Firefox, “InPrivate” on Explorer.) If you’ve ever used these browsing modes, you probably know that, while you do so, your browser won’t save your browsing history, your site data, or any information you enter into forms. It also won’t save any cookies to your computer.

Incognito browsing is also useful if you want to visit a website without being tracked. It’s also a helpful way to gain a more practical understanding of what cookies do. Spend enough time in private browsing, and you’ll start to miss the convenience of not having to log in every time you visit your favorite websites.

So, when should you allow cookies on your computer?

If you’re concerned by the presence of cookies on your computer, there are ways to remove them. Most browsers have a setting that allows you to clear cookies off your computer. However, by doing so you’ll also be logged out of most of your websites because, as we said before, cookies are the things that are keeping you logged in.

That said, it’s not a bad idea to clear cookie data every once and a while. This will remove any cookies from sites you visited long ago that may still be part of your browsing data. Private browsing is also an effective way to limit the number of cookies your browser saves to your computer.

If you notice a website asking permission to use cookies, and it’s not a website you visit frequently or expect to visit again, you can also decline the cookies, although your user experience may suffer. However, if you’re on a website you trust and visit frequently, you have very little reason to worry about web cookies.