Why not all cookies are bad

September 7, 2023 | Uncategorized

Cookies have undergone many developments since their invention. Originally, they were only intended to enhance important features of a website, but they were later used for many other purposes. In this article, we’ll explain to you the different types of cookies and their functions.

There are two types of cookies: technically necessary cookies, without which a website cannot fully function, and technically unnecessary cookies, which don’t impact the smooth operation of the website.

What are technically necessary cookies?

This type of cookie cannot be declined through the legally required cookie consent banners. Even when selecting “Decline all”, these small files are stored on the user’s device when visiting a website. They are harmless in that their main purpose is to improve and facilitate the user experience.

These functional cookies, for example, show us which links we’ve clicked on, automatically display our preferred language on multilingual websites, or maintain other settings we’ve adjusted on the site for future visits. An online shop’s shopping cart is also stored in a cookie so that not every order needs to be finalized immediately.

These cookies are created during the first visit to a website and saved as a small text file on the user’s device. On subsequent visits, they are sent back to the server of the website, enabling it to “remember” previous visits.

In addition to the mentioned usage parameters, these cookies generate a unique ID composed of a random number combination for recognition purposes and store an expiration date. The set expiration dates can vary significantly depending on their function. For example, a shopping cart might be saved for a shorter time than a language setting. You can manually delete these cookies in your browser at any time.

This type of cookie is also referred to as a First-Party Cookie. The name already suggests that the information stored in the cookie is only exchanged with that particular website (First Party).


When a cookie is not set by the visited website itself, but by a third party, it’s called a third-party cookie. These are not essential for the smooth running of a website visit. Their job, for example, is to enable ad servers to deliver relevant advertising. Third-party cookies document user behavior beyond the scope of a single website.

The usage profiles created provide ad servers with insights into visitors’ interests and consumer behavior, enabling them to display appropriate ads on websites. This method, known as tracking, is controversial from a data protection standpoint. Websites using third-party cookies must therefore obtain explicit consent from visitors for this type of cookie.

In comparison to first-party cookies, third-party cookies are primarily useful for advertisers. Website operators use them to show more relevant ads, hoping for greater acceptance and higher ad revenues. If cookie information is missing because a visitor has declined it, ads are still displayed, but they are not tailored to the visitor’s interests.

Declining tracking cookies, therefore, does not protect you from ads.

The business models of many online offers have been based on advertising for years. They are free for visitors to use because they are funded through advertising.

Short-lived Session-Cookies

Session cookies are a special case. They are automatically deleted when closing the website, losing all their information. They are used on sites that process sensitive data and are also very useful when multiple windows of the same website are opened during a session. Server requests are assigned to a user via a unique session ID, so new browser windows can adopt personal data.

Session cookies are solely intended to make website use more comfortable. They are therefore considered necessary cookies and cannot be declined. At the same time, their function is limited to one website.

Conclusion: Good Cookies, Bad Cookies?

The use of cookies is a topic of debate. Depending on one’s perspective, third-party cookies are either wholly rejected or seen as a crucial means of financing free web offers.

A significant advancement for users’ privacy is the transparency to which website operators have been obligated since the introduction of the General Data Protection Regulation (GDPR). Previously, advertisers could collect data covertly without consent for marketing purposes. Today, users can decide which cookies they accept and which they don’t.

With Usercentrics Data Shield, you can automate your consents. Set them centrally in the settings, and the browser plugin will automatically respond to cookie consent banners in the background for you.