Reading Time: ~ 3 min.

In May of 2018, the General
Data Protection Regulation (GDPR)
came into effect in the
EU. Seemingly overnight, websites everywhere started throwing pop-ups to inform
us about their use of cookies and our privacy rights. While the presence of the
pop-ups may be reassuring to some (and annoying to others), the real issue is
that very few of these pop-ups give any explanation as to how the cookies are
used or whether they inform marketing decisions. So, before you click “accept”
on that next privacy policy notification, read our primer on all things related
to cookies, pixels, and web traffic trackers.

Check
out the Webroot Community for more tips on how you can manage
these cookies
.

What is a Cookie?

Cookies
(aka. HTTP cookies, session cookies, browser cookies, web cookies, or tracking
cookies) are used by almost all websites to keep track of site users’ sessions.
While you might not like the idea that a website is tracking you, cookies actually
provide a very convenient function. Without them, websites you regularly visit wouldn’t
be able to remember you or what content they should serve you. For example, if
you added items to an online shopping cart and then navigated away without
purchasing, that cart would be lost. You’d have to go back and add everything
all over again when you were finally ready to buy. If it weren’t for cookies,
our web experiences would be entirely different (and much more frustrating).

In
cases like the previous example, the use of tracking cookies is pretty benign
and helps smooth the user’s online experience overall. So, if cookies can provide
a beneficial service, why do we need privacy laws like GDPR? The answer is
because of a specific type of cookie, i.e. third-party tracking cookies. These are
created by domains other than the one you are actively visiting. They run
silently in the background, tracking you and your online habits without your notice
and compiling long-term records of your browsing behavior. These are typically used by
advertisers to serve ads “relevant” to the user even as they navigate unrelated
parts of the web.

Who Serves Cookies
and Why?

By far the most prolific servers
of third-party cookies are Google and Facebook. To help businesses target and
track advertisements, both Google and Facebook both suggest embedding a
tracking pixel—which is just a short line of code—into business websites. These
pixels then serve up cookies, which allow the site owner to track individual
user and session information.

The tracking doesn’t stop
there. To optimize their marketing tools for all users, Google and Facebook both
track and store this data in their own databases for processing through their
own algorithms. Even if you’re not currently logged in to Facebook, your
session data can still be tracked by your IP address.

What is People-Based
Targeting?

Google and Facebook’s ad
platforms work incredibly well because they pair cookie data with an existing
bank of user data that most of us have willingly (or unwillingly) given them.
Your Facebook account, Instagram account, Gmail, and Google Chrome accounts are
all linked to larger systems that inform sophisticated advertising networks how
to appeal to you, specifically, as a consumer. This way, websites can serve you
ad content you’re likely to click on, no matter which sites you’re actively
visiting. Combining traditional cookie tracking with these types of in-depth
user profiles is called “people-based targeting” and it’s proven to be an
incredibly powerful marketing tactic.

How to Protect Your Data

The sad truth is that you’ll never fully escape tracking cookies,
and, frankly, you probably wouldn’t want to. As mentioned above, they
streamline your online experiences in a pretty significant way. What you can do
is reduce the breadth of their reach in your digital life. Here are a few key
ways to do that.

  1. Stay vigilant. Be sure
    to read the privacy policies before you accept them. This advice goes beyond
    the GDPR-compliant pop-ups that have become so prevalent in the last year. Keep
    in mind that tech giants are often interconnected, so it’s important to be
    aware of all the privacy policies you’re being asked to accept.
  2. Clean
    house.
    You don’t have to do it often, but clear your cookie cache every
    once in a while. There are plusses and minuses here; clearing your cache will
    wipe away any long-term tracking cookies, but it will also wipe out your saved
    login information. But don’t let that deter you! Despite that sounding like a
    hassle, you may find your browser performance improves. Exact steps for how to clear
    your cookies will depend on your browser, but you’ll find plenty of guides
    online
    . Don’t forget to clear the cache on your mobile phone as well.
  3. Use a VPN.
    Most
    of all, we recommend installing a virtual private network (VPN) on all of your
    devices. VPNs wrap your web traffic in a tunnel of encryption, which will
    prevent tracking cookies from following you around the web. Make sure you use a
    reputable VPN from a trusted source, such as Webroot®
    WiFi Security
    . A number of the supposedly
    free
    VPN options
    may just sell your data to the highest bidder themselves.

Cookie tracking and digital ad delivery are growing more
sophisticated every day. Check back here for the latest on how these
technologies are evolving, and how you can prepare yourself and your family to
stay ahead.

The post Cookies, Pixels, and Other Ways Advertisers are Tracking You Online appeared first on Webroot Blog.