3 Times You Shouldn’t “Accept Cookies” on a Site

Cookie-consent pop-ups are one of the biggest annoyances on the Internet. Almost every site you visit has a notice saying, “This website uses cookies to improve your experience. Do you agree?” or something similar. Typically, we click “yes” or “agree” without even thinking about it because we’re eager to get to the content. But should we? Not necessarily.

What are cookies, exactly?

Before we delve into the dos and don’ts of cookie consent, here’s a little refresher on this Web tool: Cookies are essentially information collectors and trackers in the form of small text files stored on your browser by the sites you visit. Some are useful. For example, a cookie saved on your browser makes it so you don’t have to re-enter your log-in information every time you visit one of your favorite websites. Cookies can also remember your shopping preferences so that you get a personalized experience when you visit the website. Others, however, track how you use a website, how often you go there, your IP address, your phone number, what types of things you look at and buy, and other information you may not want to share. While we’re on the subject, learn the 20 cybersecurity secrets hackers don’t want you to know.

Do you have to accept cookies?

Many companies have you click “yes” so that they’re compliant with current privacy laws. This means that once you click, you’ve given the company permission to use your information as they see fit without the worry of legal backlash. Most of the time, cookies are no big deal. There are a few occasions, though, where you should decline cookies. Don’t worry—if you find yourself in a situation where you need to decline or simply want to decline for whatever reason, most websites will work just fine without collecting your information. You should also learn how to clear cookies on your phone so your information is secure, whether you’ve accidentally accepted cookies on a site you shouldn’t have or not. With that said, here’s when saying no to the cookies is a good idea.

Sketchy sites

Beware when you’re on an unencrypted website (these websites will have an unlocked lock icon by the web address) while using a public Wi-Fi network. The information collected by cookies can be intercepted by hackers because there isn’t any security to stop them. Your best bet when borrowing Wi-Fi from your local coffee shop or fast-food joint is to use your browser’s private or incognito mode. While in this mode, cookies aren’t collected by default (though you can manually turn off cookie blocking on some browsers), no matter where your Internet journeys take you. You should also take note of this: are open Wi-Fi networks safe?

Third-party cookies

If the cookie-consent pop-up mentions third-party cookies, click “decline.” Accepting gives the website the right to sell your browsing behavior to a data broker. The broker then combines your behavior on one website with information from other websites and builds an extremely detailed profile of you as a consumer. “The broker then sells that profile to other third parties who want to market to people like you,” says Harry Maugans, CEO of Privacy Bee, a proactive privacy management tool for consumers. “As you can imagine, this chain extends infinitely. Once you lose control of your personal data, it gets packaged and repackaged in all kinds of ways. It’s scary but true.”

According to Maugans, some third-party cookies are even nefarious. You could become a victim of “cookie stealing” or “session hijacking.” This is when a hacker gains access to a browser and mimics users to be able to steal cookies from that browser. This can put you at risk of identity theft if hackers manage to steal cookies that store your personal information or credit card information.

If you’re worried that you might accidentally accept third-party cookies, there’s an easy way to make things fool-proof. Go into your browser and choose to allow only required cookies or “first party” cookies. These cookies are the helpful ones mentioned earlier and are usually only used by the website you’re visiting.

When you’re using private information

If you don’t feel comfortable sharing the information you’re using or accessing on a website with a stranger, don’t use cookies on that site. According to Jeremy Tillman, president of the privacy company Ghostery, you should avoid cookies on sites where you do your banking, access your medical information, or use other private information.

If you’re afraid that you’ve already accepted cookies on websites where you wouldn’t want your information gathered, go into your browser and use the “clear cookies” option. This will prevent sites from collecting your information in the future, as long as you decline the next time a site asks you to accept its cookies. Next, learn the 18 secrets of people who never get hacked.

Sources:

• Harry Maugans, CEO of Privacy Bee
• Jeremy Tillman, president of Ghostery

AleksSafronov/Shutterstock

Clear Signs You're About to Be Hacked

Posteriori/Getty Images

Password Mistakes Hackers Hope You'll Make