This article is written by Arushi Agarwal, pursuing a Diploma in Advanced Contract Drafting, Negotiation, and Dispute Resolution from LawSikho. This article has been edited by Ruchika Mohapatra (Associate, Lawsikho).
- Cookies generally keep a track record of the information we have access to, by remembering our registered sign up or login credentials.
- Cookies are often indispensable for websites that have huge databases, need logins, have customizable themes, and other advanced features.
That is why you must have noticed that after signing into a website and closing it when you come back, the website seems to remember your id and most probably your password. The cookies present on the website would have saved this data before you closed the window in your previous visit to the website.
What are the different types of cookies?
Cookies are usually used as a fast-track method of storing information and a website operator may use different types of cookies to recognize the online pattern of remembering our actions.
These types of cookies are used by commercial platforms where online shopping is done. These types of cookies expire once you go back to the web homepage, and you are no longer using that page. They are temporary and they memorize your online activities. In fact, with every click you make, the website treats you as a completely new visitor.
Also known as first-party cookies, these cookies work by tracking your online preferences. When you visit a website for the first time, it is at its default setting. But if you personalize the site to fit your preferences, persistent cookies will remember and implement those preferences the next time you visit the site. This is how computers remember and store your login information, language selections, menu preferences, internal bookmarks and more. These cookies are stored in your hard disks for preferably a longer period.
These types of cookies are set by the website which constantly monitors the activity of each user; for example, say a LIKE button on Facebook. Each user who likes the post on a social media platform is tracked by the help of third-party cookies and according to that, preferences are set. When we like a post on Facebook, similar posts are updated due to our previous likes and preferences set and saved by the cookies.
One can enable/ disable third-party cookies in the setting menu. Third-party cookies are identifiable in the forms of marketers and advertisers. We receive so many SPAM texts and emails because of the use of third-party cookies as third party cookies keep a regular check on all tabs that are functional within a window. If we fill our login id and credentials on the login web page, it saves the information to create spam emails and ads.
There is a well designated ‘Cookie Law’ of the European Union also known as the ePrivacy directive that directs all countries that are a part of the EU to set up laws requiring websites to obtain informed consent before they can store or retrieve information on a visitor’s computer or web-enabled device. It ensures transparency and shows that the website operator sensitises the user regarding the usage of cookies and that there is due respect for the privacy of the user.
- Transparency: There is clear communication of knowledge regarding cookies and how they are deployed by the website. It brings in more visitors and maintains trust between the operator and the visitor.
If certain users complain that they were not aware of the cookies storing their information, website owners can take this defence. This information should be disclosed by the operators in their policy to avoid future disputes.
- Limited liability: There are many policies hidden in the content of the website that are not visible to the user of the website. So, if we accept all the cookies at once, our relevant data is shared and passed on from one entity to another entity. The creator in this situation plays an important role, and he must disclose on the webpage to disable these cookie policies as well as list these cookies too on the page that share our data.
Advantages of cookies
- Submitting forms- Cookies are very useful when we fill a google form. It stores valuable data like our names and phone numbers which often saves a great amount of time rather than filing all the data again and again.
- Personalisation- Cookies are useful when we want to customize our preferences according to our tastes, whether it is to visit a web page that stores our language preference or visiting a web page of a reading column.
- Content suggestion- We often visit our favourite e-commerce site which saves our preferences by keeping in mind our previously selected items and segregating them into the option of ‘related searches’.
Disadvantages of cookies
- A threat to our privacy- Some websites have cookies by default where our valuable data is stored into their networks for a longer period which in turn saves into the browsing history and IP address.
- Local storage- These ‘little’ website cookies are actual files stored on your hard disks. The more you visit the websites, the more they get stored. As they build over time, they can take up quite a bit of storage space on your computer/mobile device thereby even slowing down these devices.
- Unauthorisation- Some operators have fraudulent intentions where they design cookies in such a way to hack and steal your personal online information which is stored and later often sold to third party entities.
- A detailed explanation of the cookies used by the operators as discussed above i.e., the technologies used, and the list of specific cookies used.
- Describing the first-party cookie, if any.
- Describe the third-party cookies, if any and explain in brief how they work.
- While drafting, an important point that should be kept in mind is that the average person must understand the policy and therefore language has to be simple enough for a layman to be able to grasp it.
- While drafting the main policy for the cookies, one must keep a note that all the essential clauses covered are in sync with the local and international privacy laws. If a website developer is developing a website in India that will involve European users, then due regard must be given to the privacy laws of India as well as the GDPR.
Recital 30 states that if a cookie can identify any individual via a device, it is known as personal data. It also states that any verified type of data can identify an individual either directly or indirectly. The GDPR mostly lays down the rules of how an individual is identified through cookies and mentions the policy regarding the same.
- The choice for data subjects: The data subjects must also have the choice to choose and accept certain cookies according to their preferences and have the full authority to accept and decline all the cookies or select some preferential ones. As mentioned above, it is not completely followed in spirit by many websites.
- Full access to the websites: If the data subjects reject all the cookies and do not select preferential cookies, they still should have full access to use the website without any hindrance and not just specifically be accessed to a part of the information on the website.
- https://www.cookiebot.com/en/cookie-policy/#:~:text=A%20cookie%20policy%20is%20a,world%20this%20data%20is%20sent.text=Whereas%20most%20of%20the%20remaining,dynamic%20and%20 might%20change%20often.
Students of Lawsikho courses regularly produce writing assignments and work on practical exercises as a part of their coursework and develop themselves in real-life practical skills.
LawSikho has created a telegram group for exchanging legal knowledge, referrals, and various opportunities. You can click on this link and join:https://t.me/joinchat/L9vr7LmS9pJjYTQ9