SkipToMainContent

Privacy

Should you accept cookies? 5 times you definitely shouldn’t

May 1, 2021

What are cookies? Cookies are small text files sent by the website you’re visiting to the computer or device you’re using. If accepted, these cookies are stored on the web browser of your device. Cookies can then track and collect data from your browser, sending that data back to the website owner. More on what type of data may be collected and for what purposes below.

If you’re surfing the web and see a pop-up notice that asks you to accept cookies, then you’ve already encountered this recurring decision. While the simple click of a button to accept cookies may seem harmless, the real solution requires a bit more depth.

Is accepting cookies a bad thing? It depends on the website. It depends on who will gain access to your data and what they will do with it, along with whether declining cookies will affect your ability to use that site.

Keep in mind not all cookies are the same. Some cookies are placed by first parties like the sites you visit, while others are placed by third parties like advertisers.

Let’s take a look into why websites want you to accept cookies, whether you have to and should accept them, and what happens if you decline.

Why websites ask you to accept cookies

Websites have become more focused on asking you to accept cookies. The reason reflects a data privacy protection law that governs online data tracking and transparency.

This data privacy law is known as the European General Data Protection Regulation (GDPR), which became enforceable in May 2018. The GDPR legislation requires all multinational companies to provide an opt-in whereby website owners receive a user’s permission to use cookies before they can be stored on a user’s web browsers. This opt-in is designed to give users greater control over their data, knowing information is being collected if they give consent to that data collection.

A website owner’s noncompliance may result in fines. This potential legal violation has led to more websites sending cookie notifications to ensure they are in compliance. 

Should you accept cookies?

There are reasons why you should or shouldn’t accept cookies. When making the decision, it’s helpful to understand two key questions.

  1. Do you have to accept cookies? – The short answer is, no, you do not have to accept cookies. Rules like the GDPR were designed to give you control over your data and browsing history.
  2. What happens if you don’t accept cookies? – The potential problem with refusing to accept cookies is that some website owners may not allow you to use their websites if you don’t accept their cookies. Another downside is that without acceptance, you may not receive the full user experience on certain websites. More on that, below.

3 times cookies can be helpful

In some scenarios, it can be useful for you to accept cookies. To understand why cookies can be helpful, it’s important to understand the data a cookie might contain about you. Here’s a list.

  • Website name
  • Unique user ID
  • Browsing habits and history
  • Personal preferences and interests
  • Links clicked
  • Number of times a website is visited
  • Time spent on a website
  • Settings selected
  • Account log-in information, including your username and password
  • Online identifiers like your location and IP address
  • Personal data like your phone number and address
  • Shopping cart items

With all of this data collected, companies can use cookies to their advantage and, in some cases, to your advantage as well. Here are three ways that accepting cookies could help you.

  1. Website access. The first advantage is simple: Without consenting to cookies, some websites won’t grant access.
  2. Improved user experience. Cookies can be helpful because they help sites remember you. This memory can help improve your individual user experience. Why is this a good thing? They already know about you and can tailor your website experience to your interests — making your browsing experience quicker, more focused, and more helpful. This more personalized experience can be especially helpful when online shopping. For example, when you revisit a website, it could remember shopping cart items you haven’t yet purchased. Cookies can make the shopping process quicker, more convenient, and more successful.
  3. Easy log-ins. Cookies saved on your web browser also can remember your log-in credentials. This can come in handy when repeatedly logging in to your go-to websites, especially if you sometimes forget your passwords.

5 times you shouldn’t accept or keep cookies

There are some scenarios where you might not want to accept or keep cookies. Here are five examples.

  1. Unencrypted websites. You shouldn’t accept cookies when you’re on an unencrypted website — a site where the lock icon beside the website address is not locked. Why is this dangerous? If a website isn’t encrypted, there is no security to protect your data. This unsecure access may allow third parties like hackers to steal cookies from your browser, intercepting personal information you likely want to be kept private,  like credit card and other private information, leaving you more vulnerable to online crimes like identity theft.
  2. Third-party cookies. Not all cookies are the same. It’s a good idea to decline third-party cookies. If you don’t decline, the website could sell your browsing data to third parties. Sharing your personal information with third parties without giving you any control over it could also leave you vulnerable. For one thing, you don’t get to choose the third parties.
  3. Slowed computer speed. Having new cookies stored in your browser over and over also could slow down your computer. Cookies occupy disk space, which can affect your computer’s speed.
  4. Flagged cookies. Antivirus software may flag suspicious cookies, in which case you should not accept them (or you should delete them if you already have).
  5. Use of private information. If you’re sharing private data like your Social Security number (SSN) or banking information, you should decline the use of cookies to keep it safe. This is the type of personally identifiable information (also known as PII) that, if intercepted by the wrong parties, could help fraudsters commit online frauds like identity theft. Personal information like your Social Security number in particular should always be kept private and only shared when absolutely necessary and with the highest regard for privacy and security. A regulation like the GDPR helps ensure you’re given this decision and have control over your data, especially when sensitive information like your SSN is at stake.

Cyber threats have evolved, and so have we.

Norton 360™ with LifeLock™, all-in-one, comprehensive protection against viruses, malware, identity theft, online tracking and much, much more.

Try Norton 360 with Lifelock.


Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2021 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.