In the spirit of weird naming, I decided to title this article in a language you probably don't understand. But it basically means 'This COOKIE is not edible'. :)
Bon! Let’s get into the article.
At the risk of sounding like an unserious person, one of the things that intrigue me the most in the tech space is the art of weird-naming. For instance, check out this TechCrunch Article that discusses how startups make weird name choices. I mean, a good example in Nigeria is ‘JiJi’. If you’re Yoruba, you probably understand better why this is a weird name selection for an Online marketplace.
But, then, even apart from companies, some technologies do have funny and unrelated names.
For instance, ‘Bluetooth’.
Here’s a question: What does a tooth, so dirty, it’s blue, have to do with file sharing and communication between devices? (P.S. The only thing a real blue tooth is sharing is oral thrush -_-). Anyway, Bluetooth was the name of a king in Norway who introduced Christianity to Denmark and Norway and united different regions and allowed for better flow of communication. Read about him here.
Also,check out Phil Belanger (founding member of the WiFi Alliance) saying that the word ‘WiFi’ stands for nothing. Nope. Not ‘Wireless Fidelity’ According to him, “It is not an acronym. There is no meaning” Buhahahaha.
And now, in this article, we’re looking at ‘Cookie’ as an internet word. I have heard that the term may have been coined from ‘leaving crumbs of data on the internet’ or from the fortune cookie which usually has an embedded message (this might be a reach though). Anyway, Cookie, in this regard, is also referred to as ‘HTTP Cookie’ or ‘Internet Cookie’ or ‘Web Cookie’. But or this article, we’ll just stick to ‘Cookie’.
What, in the web, is a cookie?!
A cookie is simply data/information sent from a website to your computer to help store your preferences or choices in order to make your future experience on the site more seamless or better tailored.
For instance, a couple of days ago, I was seriously desiring a Vinyl Player and I was like ‘Okay, Boro, you’re doing this. You’re getting yourself one’. So I went on my go-to site for weird stuff, and searched for ‘Vinyl Player’. I saw the one I wanted and then saw the price and then laughed and continued eating from hand to mouth. I, however, visited the site again today and there on the landing page and without having to search for it, I was welcomed with:
I’ll paint a scenario to help you better understand: You want to buy a shoe so you visit www.bestshoeseverliveth.com You search for sneakers and scan through and finally find one that you like. You add it to your cart and proceed to payment. At payment you select ‘Naira’ as your preferred currency and then you pay. If the website uses cookie (which it’ll most likely do), a piece of information will be sent to your computer. The website creator is the one who determines the type of information a cookie collects. In this scenario, it may just be your currency preference, but it may also be other details like: your preference of sneakers, your Name, your card details, items you favorited but didn’t purchase.
Why? Why? Why? Why? Oh Lord, Why are they saving information about me?
Well, like I said earlier, it’s generally to help you enjoy your visit to the website next time. For instance, the next time you come, you’ll probably be served with an array of sneakers and won’t be asked what currency you want to pay in anymore. Furthermore, it’s stored on your computer so that when you use that same computer to browse for stuff, the website server communicates with the cookie it has kept on your computer and tailors your experience.
Cookies are also used to present more relevant advertising (for sites that embed ads). See the notice on this site I visited today as well:
Speaking about sites that display ads, has it ever happened to you that you tried shopping for an item on a site, or you searched for something somewhere and then every other site you went in the world, kept offerings ads of those items?
Well, the general rule is first that only the same website that saved your information can read your cookie. So normally, if you visit bestdresseseverliveth.com and search for ‘red bodycon dress’, you shouldn’t expect to visit greatdresseseverliveth.com and have a flood of red bodycon dresses thrown at you in a very unsubtle manner.
However, here’s a clause. One website can actually have embedded pieces of another website.
Let’s imagine again: You visit myfirsttimehere.com for the first time. And as you scroll through the site you begin to see ads of ‘red bodycon dresses’ all over the place. Don’t be shocked, it could either be that myfirsttimehere.com embeds ads from bestdresseseverliveth.com OR, it embeds ads from a site that also gets its ads from bestdresseseverliveth.com. And so what happens in that scenario is that since bestdressesseverliveth.com already has a cookie stored in your computer, although you’re currently on myfirsttimehere.com, it’ll still be able to extract information about your preferences through that site because a bit of it is embedded on the FirstTimeHere website.
Also, it might be important to know that some websites don’t bother with the basic cookies. The idea of cookies is to store small pieces of data, but if the website intends to store more than small pieces of data, they may choose the alternative of using an ID (like a username). So what happens is that instead of storing a cookie in your computer, the website saves a unique ID in your computer and so whenever you interact with that website, the unique ID stored aligns and thus the cookie/information is saved on the website’s system and not your computer anymore. These are called ‘Third Party Cookies’.
This sounds like several levels of risk and invasion? Please scare me further!
LOL. Well, like all technology tools, Cookies are to be used to make stuff better; for you, to make your browsing experience better and help you use your brain less. For the website, it is to help them deliver more stellar services and help with more precise targeting of ads. But also like all technology tools (especially invasive ones like this), it can be misused.
For instance, imagine I am able to get a hold of your cookies and then communicate with the website as you. It means that I may have access to details such as your passwords, credit card details, address and so on. It’s supposed to be almost impossible for this to happen but apparently, there’s something called cross-site scripting which basically happens by inserting a script into an unsecure website and then sending the session cookie of visitors back to the insertor of the script. So when building your website or when visiting websites, it’s important to be conscious of the security of the site.
So what does this have to do with Law?
Well it’s simple, every discussion on data and information collection, processing and use should envisage the watchful stare of the Law. As I have said a couple of times, the right to privacy is real and information about people in your custody should be treated with diligence, intentionality and care.
The very popular guiding principles of data protection say:
“personal data or information must be processed fairly and lawfully; personal data or information must be obtained only for one or more specified and lawful purposes; personal data or information must not be excessive in relation to the purpose or purposes for which they are processed; and personal data or information must be deleted when no longer necessary for the purposes for which it is collected” – Culled from the African Declaration on Internet Rights and Freedom.
That quote up there is super important so I’m going to copy and paste it down here again.
“personal data or information must be processed fairly and lawfully; personal data or information must be obtained only for one or more specified and lawful purposes; personal data or information must not be excessive in relation to the purpose or purposes for which they are processed; and personal data or information must be deleted when no longer necessary for the purposes for which it is collected”
“The collection, retention, use and disclosure of personal data or information must
or information is collected about them, to correct inaccurate information, and to
protect such data or information from disclosure that they have not authorised.
The public should be warned about the potential for misuse of data that they supply
Online.” – Culled from same source above.
And if you’re not sure whether your browser allows cookies, just open this tab here and you’ll know.
*serves cold Berry Blast to go with the Cookies y’all just had*