Cookies and Cache: What They Are and How to Manage Them
Cookies and cache work behind the scenes to bring you a better experience when you go online. They make browsing easier, faster — and the pros generally outweigh the cons. But it’s important to manage cookies in a way that protects everyone’s privacy. Browser cache can throw up its own issues with curious on-page errors and deja vu moments. As such, there may be times when it’s best to do a little spring cleaning and make a fresh start. In this guide, we’ll show you how to clear cookies and cache on the big four browsers: Chrome, Firefox, Safari, and Edge. What’s the difference between cookies and cache? Cookies and cache both store data on your device to improve your browsing experience, but they do so in different ways. In short, cookies are about remembering your browsing preferences and habits. Browser cache is all about storing temporary data to help speed things up when you browse. Cookies store user-specific information. Websites create cookies to remember things like login details, preferences (such as your preferred language), and browsing history. This works to personalise your experience and ease interaction with websites. Cache, by contrast, acts like a short-term memory for your browser. It stores website resources like images and HTML files. That way, you won’t need to download them again each and every time you visit the same website. The basic goal is for pages to load faster. Session Cookies Temporary by nature, session cookies vanish as soon as you close your browser. They’re only active for one session and don’t hang around once you leave the site. Persistent Cookies Unlike session cookies, these stick around after you close your browser. They’re used to store long-term preferences, like your login info or site settings. Persistent cookies often get a bad name, but they aren’t automatically a privacy risk — they simply help websites remember things between visits. The problems start when cookies are used to follow you from site to site, or store sensitive data without proper safeguards. That’s where First-Party and Third-Party cookies come into play: First-Party Cookies These are created by the site you’re actually visiting. They’re mainly used to make your experience smoother — remembering your settings, preferences or login status. Third-Party Cookies Third-party cookies are placed by other domains, not the site you’re on. Advertisers often use them to build a profile of your activity across multiple websites and deliver targeted ads. Why would you want to clear your cookies? Certain cookies track your browsing habits across different websites and build a profile on you, based on your browsing history. The collected data is valuable for advertisers and other businesses — and can even be sold on to data brokers. You may feel uncomfortable with the idea of your online activities being monitored and used for targeted advertising without consent. Indeed, the cookies may be placed by advertising companies rather than the owners of websites you’ve consciously visited. In some cases, malicious websites might steal sensitive information or even hijack your browsing session if it’s not properly secured. This is rare, but it highlights the importance of being cautious about cookies, especially on unfamiliar websites. In recent years, there has been growing awareness of privacy issues associated with persistent third-party cookies, leading to increased scrutiny and efforts to restrict their use by web browsers and regulatory authorities. That’s the way the cookie crumbles. So what should I do about cookies? To protect your privacy, you can block or limit third-party cookies in your browser settings, or choose to clear cookies regularly. Most modern browsers offer features to block or limit the use of third-party cookies, and there have been calls for stricter regulations to protect user privacy online. Some browsers even offer private browsing modes that don’t save cookies at all. All major browsers let you manage cookies — but it can be a bit of a chore. Clearing them often helps protect your privacy, but it can also break the experience on sites that rely on cookies to remember things like logins and preferences. What is cache? From the French for hidden, cache is pronounced “cash” — like the coins hiding under your sofa cushions. Caching in IT is the process of storing data so it can be used again quickly. It’s all about saving time — if something’s already been loaded once, there’s no need to fetch it again. Your computer’s processor uses cache to store previous instructions. Even your printer has a cache to hold recent print jobs. Browser cache works in a similar way. As you browse the internet, your browser saves things like images, logos, fonts and bits of website code. When you visit the same site again, it checks what’s already saved. If nothing has changed, it uses those saved files instead of downloading them again. That means pages load faster and you use less data. Why would you want to clear your cache? Clearing your cache can help resolve any issues you may be experiencing when with certain websites. This often happens when a site has recently been updated, as the data stored in your cache might conflict with the latest version of the website’s files. In some cases, browser cache can become: ▢ Outdated: Have you ever arrived at a website that appeared a bit… retro? This tends to happen when you try to open a page without realising you’re disconnected from the internet (bringing up deja vu BBC news headlines from 6 months ago, for example). You might also keep seeing the old version of a page until you manually clear the cache. ▢ Corrupted: Cache can become corrupted, in a few ways — leading to unexpected shutdowns or software conflicts that garble data. On some occassions, the cache itself can fill up with outdated files, leading to conflicts with newer versions of website content. ▢ Insecure: Cached temporary files may contain fragments of your browsing history. While not as detailed as cookies, this information could
Is the EU’s cookie law confusing you too?
You might remember that in May last year some new EU rules came into force. Dubbed the ‘EU cookie law’, the legislation says websites have to get permission from users before storing pieces of information called cookies on their computers. What are cookies? Cookies are small text files which websites place on visitors’ computers. They’re typically used to identify that particular visitor and provide them with a better experience. Cookies are a crucial part of many website functions which we take for granted. For instance, it’s usually cookies which allow online shops to remember what items you have in your shopping trolley. They’re also used to keep you logged in to a website, or to provide valuable usage statistics and information to website owners. If you run a website, it almost certainly uses cookies. Their most likely function is to monitor visitor numbers and behaviours through tools like Google Analytics. They may also be used to display relevant adverts to visitors, or – if you sell online – to power key parts of your online shopping system. What the cookie law says Although the cookie law came in last year, the Information Commissioner’s Office (ICO) decided to give websites a year to implement the rules. The deadline is 26 May 2012 – after that date, websites which don’t comply with the law could be fined up to £500,000. The implications of the new cookie law could be far-reaching, yet there’s still a lot of confusion about how the rules should be interpreted and what websites need to do to comply. As a result, many websites are taking a ‘wait and see’ approach. In short, the new rules require websites to get permission from visitors before placing any cookies on their computer. Permission must be informed and overt, which means you have to ask visitors outright if you can put cookies on their computer, and explain clearly what the cookies are used for. You can’t bury the information in your website’s terms and conditions and leave it at that. The only exceptions to this are cookies deemed essential to providing functions visitors have asked for. But you can’t rely on this to cover many of your cookies. The ICO guidance on the new law (PDF link) says that “this exemption is a narrow one”. It’s certainly not likely to cover cookies for analytics purposes, which is one of the most common uses of cookies – particularly for smaller websites. Implementing the cookie law Even with the May deadline fast approaching, hardly any websites have done anything obvious to comply with the cookie law. The few which have begun seeking permission tend to use messages displayed at the top of the screen or overlaid on the website’s pages. As you’d expect, the ICO website has an opt-in message at the top of every page. And BT has begun displaying a message (right) to explain a bit more about its cookies, although it’s debatable whether this is a proper opt-in. But by and large, most websites are keeping their cards close to their chest. That’s understandable, when you look at the commercial implications: when the ICO added an opt-in message to its website, measured visitors dropped by about 90%. That didn’t mean the site was receiving fewer visitors – it just meant people weren’t opting in to cookies, so the ICO couldn’t track what those people were doing. For sites which rely on accurate visitor data to make money, the implications are significant. Adding an opt-in could leave them at a disadvantage to competitors, which is why there’s a real reluctance on the part of website owners to be the first to move. The bare minimum It’s looking very unlikely that many websites will have implemented a cookie opt-in by 26 May. But that doesn’t mean they won’t be doing anything at all. In fact, the ICO – which is responsible for enforcing the rules – has suggested that the most important thing is to take steps in the right direction. If you can show you’re moving towards full compliance then you’re unlikely to be targeted. As a bare minimum, it’s important to have an understanding of what cookies your website uses and plan how you might implement an opt-in. It’s useful to know exactly what cookies your website uses anyway, and you can do this relatively easily using tools like Bitstorm View Cookies or Attacat Cookie Audit. These will show you what cookies your website creates as you move through the pages. The harder bit is working out how you would create an opt-in function on your site. As we’ve seen, most websites display a message to users – but the tricky bit is creating the back-end logic to ensure cookies are only set once people have given their permission. If you’re not adept with computer code, you might need some help from a web developer to accomplish this. There are some ‘plug and play’ tools available, like Optanon and this tool from Wolf Software (designed for sites using Google Analytics), which could make things easier. Don’t do nothing Although there is still a fair amount of uncertainty around the new law, it’s fair to say that doing nothing is not a good option. In the long-term, people’s attitudes and understanding of cookies may change – and web browsers may include settings to help provide a consistent opt-in. But for now the onus of complying with the law falls very much on individual website operators. And while the chance of being prosecuted may be small (at least to begin with), doing nothing at all is a dangerous move. To start with, review guidance from the ICO (PDF link) and try and establish what cookies your website currently uses. Even Europe doesn’t understand the cookie law That’s the way the cookie crumbles