Choosing one of the cookie settings options is ideal for protecting your privacy (image: appier/reproduction). 1845

What are cookies? Understand how to use them safely

jefferson tafarel avatar
Having security about internet browsing data involves knowing more about cookies. See here which settings are most appropriate

If you've ever shopped online, accessed an article on a website, or even visited a company's page, you've come across a common screen: 🍪 settings cookies 🍪. They are crucial for our navigation, but they raise doubts about how they work and how they collect our data when accessing these pages, as well as other questions. Here, you can find out what each configuration does and how to decide between the available options. Let's go:

After all, what are cookies? Why are they important?

Navigation data is important for defining how the website will display its content (image: siteuptime/reproduction). T alt
Navigation data is important for defining how the website will display its content to you (Image: Getty/KCM).

The websites you saw in the introduction to this article and several others need to record data about the people who visit their pages, so that navigation is more stable. Thus, information such as your location, items you add to an online shopping cart and even the time you access a website can help provide content that is most relevant to you: this is the function fulfilled by cookies, or “biscuits” in English.

They are text files that serve to identify your device when it connects to a network. As they fulfill the function of capturing data during a session of using an internet page, they are called cookies HTTP (acronym for Hyper Text Transfer Protocol, or Text Transfer Protocol, in free translation). In other words, the moment you browse is important for this data to be collected and stored in the browser. This way, it will be prepared for when you make a purchase at an online store of your choice.

Cookie settings lou montulli t alt
Long before cookie settings existed, programmer Lou Montulli (in the image) had to think about the concept (Image: Peter Adams/Reproduction).

They are different from other types of data files, such as Magic Cookies. They serve more robust security functions, such as accessing a database, for example. The concept served as the basis for the creation of these data files that we are seeing here: in 1994, the programmer Lou Montulli decided to help a supermarket provide a more agile service, reducing the data load on servers.

Monster cookie t alt privacy policy
Cookies are regulated by privacy policy, in general; in the image, Monster Cookie, from Sesame Street (Image: Key Shleusner/Reproduction).

The solution found by Montulli made the site less congested with user information. After the new feature he created, website servers could send each user's browsing data to browsers, making it easier to load online pages. Although the developer created the cookies almost 30 years ago, it was only in 2007 that he obtained a patent for the recording technology.

It is likely that the name cookie comes from using the files for security functions, as they served as inspiration. But there is another possibility of origin: the story of Hansel and Gretel. The two characters get lost in the middle of a forest in the middle of the narrative and, in order to locate themselves, they scatter pieces of biscuit along the way, to trace their route. This way, they avoid getting lost, thanks to their “cookies".

Today the cookies They work more or less like getting a receipt for a product. Simply put: the data collected when accessing the website can range from the account used (your profile name, for example), to other internet pages that you have visited before; then, an identification is associated with this information provided; As soon as you access the website that collected data relating to your browsing, at another time, the browser will deliver to the server the identification associated with this already archived data, to be able to load the resources according to your use, using the cookies.

However, what can be a risky point in relation to this type of data file is the action of malicious people, who can take advantage of the cookies, especially in the case of an inappropriate configuration. At the end of this article, you will be aware of possible risks.

Types of cookie settings: how to choose

Navigation data t alt 0208
Browsing data is important for choosing a cookie setting (Image: Getty; adapted).

Os cookies are analyzed by web browsers using the language JavaScript, which uses a method known as name-value. Basically, the browsers use data pairs, in which a name is used to identify specific data related to the user. Once this information is analyzed, you can resume browsing a page that requires a login to access, for example.

This use is known as session administration, to improve the functionality of the page. This way, you stay on the site, being able to use the resources without problems (after all, we don't want to have to enter a login and password every time we open a social network, right?). There are two others:

  • Customization: personalized ads according to the user's navigation, along with website resources, which start to offer content guided by the cookies. This strategy serves to ensure that a user stays on a page, by showing content that may sound interesting to you.
  • Tracking: websites can look for what users have seen on other internet pages, allowing services, products, etc. to be shown. so they can get your attention. An example of using this strategy: shopping sites can check what you were looking at before, to offer an offer according to your interests.
Cookies in the browser tracking talt
Cookies in the browser can be used to track what you are looking for on the internet (Image: Pepe_Saavedra/Reproduction).

By obtaining this browsing data, website administrators can reduce costs with storing this information, as the servers can help with the content loading process. These files are stored when the pages are used, but they do not necessarily identify the person viewing the site. Therefore, the cookies are collected anonymously, just to facilitate the user experience.

To complement these browsing data coverage areas, let's now check the settings offered by privacy providers in general (In the following topic, you will learn about other services of this type), analyzing the main types. It is ideal to be aware of some of them before accepting cookies, when you need to choose the settings for these data files. Check out:

  • Cookies strictly necessary: are those that facilitate access to the resources of a website, especially in the case of information that needs to be protected. They help with the maintenance of essential items to access a page;
  • Cookies of performance: are aimed at collecting information that may be related to access, such as pages visited by you, messages sent by the websites themselves to those who access them (such as notifications), among other functions, serving mainly to alert the page provider to find possible errors;
  • Cookies of functionality: they seek to see what characteristics are associated with a user when they access a page, collecting the location of a device, for example. They are associated with personalization: if you change the color of the website, the font size, videos accessed, among others, these cookies they collect this information to memorize the choices already made;
  • Cookies of advertising: they take on the role of collecting useful navigation information to indicate advertisements, but they also serve to analyze how many times an advertisement was seen, how many times it resulted in some action on the part of the user (whether they clicked on a product, whether they registered, etc.) , among other related activities;
  • Cookies from social networks: appear when resources from a social network are within another website, serving to check what a device is seeing in an article, news, or any other page on the internet. YouTube videos, for example, collect cookies to the platform, so your feed now contains content related to the media you were viewing outside of YouTube itself;
  • Cookies collected from users/analytics: These are more sensitive navigation data files, as they are found within internal page resources, their function is to improve the functioning of websites during this more immersive access. They may use user data, provided there is a concession, but, in general, they are not transferred to third parties.

Common security and cookie providers: some examples

Privacy policy t alt 0208
When we access websites, we always have to choose a privacy policy (Image: Curvearro/Reproduction).

Configurations can be created both by those responsible for the websites and by third-party companies. In general, they work in technologies that guarantee data security and privacy on the internet, such as One Trust, which has a subsidiary in Brazil. There is also the possibility of cross-using cookies from other sites, such as social networks, company sites, or video providers, such as YouTube.

No case of cookies that come in this network scheme, caution must be exercised. Files that collect browsing data can be created from viewing the ad with the ability to be used to track the content you visit. In relation to providers, the situation is different, because privacy programs have control that makes the website less dependent on information about browsing outside of it. Let’s learn more about some of them:

One Trust

Cookies http t alt 0308
The company OneTrust helps with the collection of HTTP cookies, promoting security and privacy services (Image: LogoWik/Reproduction).

OneTrust describes itself as a company charged with bringing intelligence to data, while also seeking to promote trust in the use of data. In addition to this objective, the auditing company also promotes actions regarding the protection of files in the cloud; Privacy Policy; control in governance, risk and compliance (GRC). In this way, OneTrust is part of both the security of information shared on networks and the good quality of management of this information.

Brazilian companies and websites here use the service to secure the data collected: this is the case of Complain here, Energy Company of Minas Gerais (cemig), Unimed. In the description of the services provided by OneTrust, we can see that the company works with data protection, marketing, auditing and related sectors teams from different clients, acting in accordance with the General Law of Data Protection (Brazilian General Data Protection Law (LGPD) ). Furthermore, one of the commitments made by the navigation data auditor is to involve the companies served in an ethical commitment to respect the topic.

TRUSTe

Browsing data trust t alt 0308
The collection of browsing data can be certified by TrustE (Image: TrustArc/Reproduction).

A TRUSTe, administered by TrustArc, operates with strong regulations, based on its regulations Criteria for Assessing Business Privacy and Data Governance Practices. In other words, companies that work with data governance audit resources must be aware of these guidelines and need to adapt the privacy of their resources considering these criteria.

At the same time, the security and privacy provider also follows international regulations, such as the General Data Protection Regulation (GDPR; General Data Protection Regulation) of European Union, and in Brazilian laws (Brazilian General Data Protection Law (LGPD) ).

When operating with browsing data, TRUSTe works with privacy consultancy, data management, consumer rights, as well as providing services against information leakage and training. Companies working with the provider's systems are known all over the world: Mastercard, Adobe, IBM, Yamaha are some examples.

Alation

Cookie settings t alt aliation 0708
Choosing cookie settings can be done with the intelligence company Aliation (Image: Alation/Reproduction).

Alation, another company that works with a data intelligence platform, works with research, governance and analysis of extensive databases, provided by the companies with which it operates. Therefore, the data intelligence company describes itself as a pioneer in information cataloging, seeking to innovate when developing its actions.

Its reach is spread across 34 different types of industries. As customers, Aliation serves some famous brands: Riot Games, LinkedIn, GoDaddy e Mercado Livre are on the list of companies that have the intelligence service. However, unlike other companies, Alation's service is not part of data capture, but when analyzing the bases provided by its customers.

BigID

big id t alt browser cookies
The browser cookies you provide can be analyzed by BigID (Image: BigID/Playback).

"Mobilizable data information“: this is how the company BigID describes itself on its homepage. Its range of activities and services offers diverse applications: location, privacy, protection, as well as classification, cataloging and data crossing are among what the company offers to its customers.

Major technology companies, such as IBM, Google, Slack, Adobe, and GitHub. These and other companies are served with different services: automation; overview of data and privacy; automated data intelligence, among others.

In one of the most recent advances, BigID is starting to act more effectively in an area known as Data Security Posture Management, or DSPM (Data Security Model Management, in free translation), which seeks to evaluate possible risks associated with databases, such as mistaken configurations and other types of vulnerabilities.

AdOpt

Adopt lgpd 0808 talt
AdOpt uses the LGPD in its services (Image: AdOpt/Reproduction).

Perhaps one of the best-known security and data management providers, AdOpt appears on many Brazilian websites, including vehicles such as Examination, Medium & Message, and state banks, such as Caixa. Suitable for Brazilian General Data Protection Law (LGPD) , AdOpt creates banners for cookies optimized, allowing companies that use your service to manage configuration settings cookies available in a personalized way.

One of the provider's main features is the creation of technologies and resources for internet applications, such as plug-ins: AdOpt offers an option that can be included in the WordPress, for example. Its free plan offers several advantages: from blocking the creation of files with data about users' browsing on third-party websites; consent reports; to performance indicators and the creation of navigation data concession agreements.

Privacy policy and use of advertising cookies in marketing

Privacy policy t alt 0308
Have you ever stopped to think about what is in the privacy policy of the websites you visit? (Image: 8photo/Freepik).

In your daily use of the internet, you may have already come across a contract that you easily avoid reading: the privacy policy. cookies. It is a descriptive regiment, which indicates everything that the website is responsible for doing with the data of people who access an application or website, indicating information such as data used and its protection, preferences, use of what is collected, among other sections.

The documents containing these policies explain what the website is for, in terms of browsing data, and also show its potential use for marketing. In relation to communication strategy and brand sales actions, there is greater proximity, as it involves exchanging emails and direct messages.

By giving permissions to browser cookies, we are providing important data for the operation of various internet services (image: peoplemnagement. Uk/reproduction). T at
By giving permissions to browser cookies, we are providing important data for the operation of various internet services (Image: Getty Images/Reproduction).

When downloading applications, the cookies is also present. Once installed, an app can capture usage data, with notifications and other types of messages sent to you. Over the course of using the application, interactions and responses to these stimuli for consumption of a brand's communications, through digital communication, generate information to apply strategies aimed at marketing.

Therefore, one of the main objectives of showing privacy regulation to the user (which, in most cases, is accepted without much analysis) is to inform about the actions that will be taken to better direct the brand's communication. This applies to a website or application, which seeks to convert users into new consumers.

Accept cookies t alt 1738
Accepting cookies is a choice that can be made with caution: always try to know what data is being shared (Image: Firefox/Reproduction).

When we access a website, social media, or application, we have to think about how the information disclosed will be used. To do this, most applications contain a section called privacy settings, where you can know what is being shared or not. From this, it is possible to have a greater dimension of how the cookies are operated and choose the settings that will be most appropriate for the use of some application on the internet.

By granting the use of your data, the companies responsible for the applied privacy policy can carry out different operations with the information. Different governments' regulations on browsing data, among other privacy information, help make these policies more accessible, with greater control for people, among other improvements.

General Data Protection Law: see what the regulation has to do with cookies

Lgpd and cookie settings t alt 0208
LGPD and cookie settings have some important relationships, as both deal with user data on the internet (Image: André Borges/Folhapress).

As of 2020, companies that use user data, including through cookies, have had to adapt to a recent regulation: the General Law of Data Protection. After adapting to the requirements of the Brazilian General Data Protection Law (LGPD) , the data captured must comply with requirements such as transparency regarding storage, sharing, and other forms of use by those responsible.

Companies that carry out these activities with databases must comply with the criteria of the law throughout Brazil, even if the company that manages this information is located outside of Brazil. Information linked to foreign people is also covered by the LGPD, as long as the person is in Brazil.

Privacy policies should include several t alt 1620
Privacy policies must include several criteria in relation to the LGPD (Image: Freepik/Reproduction).

The law seeks to provide very specific divisions on how user data is stored. Therefore, the LGPD not only evaluates personal data of those who access a website that collects private information, but also seeks to impose rules on the visit to a platform itself. At the same time, there are some fines established for those who fail to comply with these rules. When applying penalties, the following are considered:

  • infractions involving people's rights;
  • the intention behind the illegality committed (whether or not there was an intention to cause the problem, what the objective was, etc.);
  • recurrence and degree of damage caused;
  • adoption of good practices, considering appropriate management and governance of databases;
  • proportion between the damage caused and the intensity of the error.
Cookie settings undergo a series of analyzes in accordance with local legislation (image: t alt
Cookie settings undergo a series of analyzes in accordance with local legislation (Image: Embratel/Reproduction).

In the law itself, we see that there are characteristics that are requirements to be met by anyone who somehow manages browsing data and use of virtual services. They are consistent with the Federal Constitution, to provide guarantees both to companies responsible for digital services that operate with databases, and to users included in these sets of information. Therefore, the LGPD requires compliance with ten principles:

  • Goal. Those responsible must explain how cookies and other types of bases will be used, and their objectives must be stated as clearly as possible, giving specifications about practices;
  • Adequacy. The activities to be carried out with the user bases must be compatible with the services in operation;
  • Need. The data that is used is restricted to the uses that are in the policy created by the person responsible, and must be treated according to the purposes;
  • Free access. Users can know how data processing will be carried out and how long the activities involved will take. cookies and similar files will occur;
  • data quality. Users must also be informed in the event of an update on the rules involving the use of navigation data, with the guarantee of making everything explicit and explaining the relevance of each information operated;
The lgpd requires that the privacy policy t alt
The LGPD requires that the privacy policy of those responsible for processing data be carried out in a secure manner, ensuring that uses are exposed to those who accept the terms (Image: groovypost.com/Reproduction).
  • Transparency. The use of user information needs to be exposed in an accessible way, showing how the bases are handled. However, this does not include commercial secrets and other materials that could compromise those who process these databases;
  • Security. To accept cookies it must be an activity that does not generate risks due to unauthorized uses, or due to accidental situations, base changes, inadequate dissemination and other similar problems;
  • Prevention. The risks associated with the processing of user data must be premeditated, with measures and protocols in place for cases in which there are problems included in the principle of financial security;
  • Non-discrimination. No use of user information bases may be made for discriminatory or abusive purposes;
  • accountability. The guarantee of protection must also contain methods of compliance with security rules, which involve metrics and other forms of observation on the effectiveness of compliance with established standards.

Why can cookies be dangerous?

Paying attention to cookie settings is ideal to avoid problems
Attention to cookie settings is ideal to avoid problems with personal data (Art: Jefferson Tafarel).

In an interview with the agency AFP, the creator of cookies, Lou Montulli, warned that personal data files were not designed to carry out any type of tracking: he even recalled the purpose of his contribution — “Cookies were originally designed to provide privacy“. It turns out that the purpose of helping websites collect browsing information has grown over time, to the point where cookies become a crucial tool for internet advertising.

“My invention is at the root of many advertising schemes, [but] it is just a core technology for allowing the web to work”

Lou Montoulli
T alt accepting cookies is a choice that involves
Accepting cookies is a choice that involves checking what types of data will be explored by the person responsible (Image: Inc./Getty).

The danger, according to him, is not in cookies that came to help the sites to keep registration and usage information, generally called cookies primaries, needed ou essential (in English, first-party cookies). It's in third-party cookies (third party cookies), generated most of the time by advertisers, who seek to know what people's usage habits are when browsing the internet.

“If you search for some strange niche product and then are bombarded with ads for that item on various websites, a strange experience occurs.”

Lou Montoulli

What can be called “danger” is related to the way in which browsing data is being shared and how transparent this is to users. This is exactly why more and more websites show options for cookies, so that you can decide what types of data will be transferred.

Furthermore, there are still cookies that remain on computers, called cookies. cookies zombies: even when deleted, they reappear and are used to monitor search history. The risk they can pose increases if they were created by hackers.

Privacy policy t alt 0949
Users can define what types of cookies may be available by also accessing the privacy policy (Image: CookieYes/Reproduction).

Avoid risks with cookies It then involves carefully checking the dialog boxes that appear to you. In the options that appear, try to check if there is any option that mentions location date (“local data”) or the option customize (“customize”). If you do not want them to operate while browsing the website you are visiting, simply uncheck the options involving this type of data.

Future of cookies

After Montoulli, cookie settings became a widely used strategy in marketing. Now, the future (and until the end) of cookies is being discussed (image: miragec/afp; under intervention).
After Montoulli, cookie settings became a widely used strategy in marketing. Now, the future (and even the end) of cookies is being discussed (Image: MirageC/AFP; under intervention).

In 2024 the Google Chrome will no longer accept third-party cookies in your browser. As we have already seen, they serve to inform advertisers how users are using the internet, showing which pages they are on, without identification. With an eye on this issue, other browsers are also starting to restrict the action of third-party cookies. In this regard, the media consultancy Advertising Perceptions estimates that there may be up to a 17% drop in performance, with the elimination of this type of data in marketing.

The topic has also been discussed with more attention by companies, because various punishments have been applied. To give an idea of ​​the size of this concern, at the beginning of 2022 the Google and the Facebook were fined in France 237 million dollars. As this need arises for digital advertising outlets free of “cookies”, some businesses are starting to take steps to find solutions to do without browsing data.

One of these attempts to get rid of them is Gum Gum. Founded in 2008 in the city of Santa Monica, California, the Artificial Intelligence attempts to replace the use of cookies by contextual intelligence technologies. It works like this: internet content is analyzed by software — called Verity — of the company and seeks to observe keywords and images on a website; With this knowledge, the program can choose which types of advertisements may be most appropriate for web pages. This strategy secured important customers for the company, such as vehicles Rolling Stone and US News.

For gumgum, browsing data is unnecessary t alt
For GumGum, browsing data is unnecessary. The company creates solutions to eliminate the use of “biscuits” (Image: GumGum/Reproduction).

In addition to being able to convince investors, GumGum significantly increased the company's sales Samsung. For this, the use of Verity was fundamental, resulting in a 3% growth in total sales of the Samsung Galaxy ZFlip 3, thus eliminating the use of advertising cookies to reach more buyers of the device. Another increase is expected in relation to the use of contextual information in digital marketing: it is possible that the area will be able to reach US$ 335,1 billion (more than R$ 1,6 trillion) worldwide by 2026, according to researchers of the market Global Industry Analysts.

By adopting the context of keywords and images of content to be able to build ads, marketing can become a problem for social networks. They would no longer be useful for providing data on the use of their resources. This factor, in turn, leads to another consequence: converting users into customers for products and services could become a new challenge. Data privacy, then, would be left out of the future of marketing, giving way to other technologies that could soon become a trend.

Showmetech privacy policy

You can consult the privacy policy of showmetech and check information about the cookies used by the website, data usage time and other procedures we use here, in relation to security.

How do you choose settings cookies? Have you ever stopped to think about your privacy? Tell us in the comments!

See also:

Source: Kaspersky | Segmentify Tech (Medium) | CloudFlare | Accenture | Algar Telecom | BigID | National Council of the Public Ministry | Inc. | Content Grip

reviewed by Glaucon Vital in 11 / 9 / 23.


Discover more about Showmetech

Sign up to receive our latest news via email.

Leave a comment

Your email address will not be published. Required fields are marked with *

Related Posts