How to Control Web Cookies and Boost Online Privacy

By clicking Become a Member you accept the terms of ourUser AgreementandPrivacy Policy.

Were so glad to have you as a member. You now have access to benefits that can help you choose right, be safe and stay informed.

How to Control Web Cookies and Boost Online Privacy

Dont like being tracked on the web? The right browser settings can help.

We respect yourprivacy. All email addresses you provide will be used just for sending this story.

Odds are that your computers browser is full of cookies, tiny files left behind as you go from website to website. Mine is. My personal machine has close to 5,000 cookies.

Some of the web cookies on your machine are used by big advertising companies looking to gather and store information about youwhat you shop for, which sites you visit, and so on. That can feel like a violation of your privacy and make you think you should dive in and delete them all.

But other cookies contain important information that makes your web experiences smoother. Which is why you really shouldntdive in and delete them all.

Privacy experts have been talking about cookies for years, but the subject remains confusing. It doesnt have to be. Managing cookies is a privacy maintenance task that everyone should understand, the digital equivalent of regularly changing your smoke detector batteries.

And Dec. 4, National Cookie Daywhich celebrates the baked kind, not the digital onesis a great time to take care of business. Its as easy as baking some Toll House chocolate chip treats, pouring yourself a glass of milk, and opening your browser preferences.

Note that managing cookies is just one component of protecting your privacy.

Companies may use non-cookie technologies to track you across websites, and clearingcookieswont address that, says Justin Brookman, privacy director for Consumers Union, the policy and mobilization division ofConsumer Reports. Butcookiesare still the most common way companies track you on the web.

Use the right settings and you can enhance your privacy while making sure websites still work the way they should.

A cookie is a little bit of data stored on your computer by a website thats related to your activity on the site, explains Selena Deckelmann, a director of engineering for the Firefox browser at Mozilla.

Cookies are simple files, notprograms, and they dont contain malware or anything that can damage your computer. Theyre also tinymany are just 3 to 10 kilobytesso theyre not occupying a significant amount of space on your hard drive.

Theyre small but powerful.Deckelmann was shopping for a sink recently. She went to a hardware retailers website, browsed various models, and then left to visit more sites. And she immediately started seeing ads for faucets, vanities, and other sink-related items.

Cookies help explain how that happened. A company can drop cookies across the web and get a decent sample of your browsing activity, says Casey Oppenheim, co-founder of the web security firm Disconnect.

When Deckelmann visited the retailers website, it deposited a number of cookies on her computer, in a location determined by her browser. Some of those cookiescalled first-party cookiescame from the domain that she saw in the URL at the top of the browser window, such as or m. (Well discuss third-party cookies below.)

The first-party cookies left by the retailer carried information such as an indication that she had logged in successfully. They may have recorded her location (to help the website display the right language and currency) and what she placed in her shopping cart.

But how does the website use that information?

Each time you go to a webpage, your browser sends out a request for the files needed to display the page. And along with that request goes a copy of every cookie that originated with that domain. The browser sends Amazon.com the cookies left by Amazon.com, while BestBuy.com gets the cookies left by BestBuy.com, and so on.

Lots of those cookies expire when you close the browser, but not all of them.

When Deckelmann came back to the site the next day or the next week, the browser sent back copies of the remaining cookies. Thats how the site seemed to know who she was, and what shed done during her last visit.

Without first-party cookies, websites would seem a lot stupider.

Weve only been talking about first-party cookies. But during Deckelmanns visit to the retail website, other companies may have deposited their own, third-party cookies.

How did that happen? Well, a webpage is made up of many files and little bits of code. Many of those bits and pieces come from the retailer itself. But other elements, such as ads and social media buttons, come from other companies.

A huge percentage of all the ads you see online are handled by DoubleClick, which is owned by Google, so lets use that company as an example. When you see an ad embedded in a webpage, theres a good chance its coming from the domain . And the advertisement may carry cookies along for the ride.

Next time you go to any site with elements originating on DoubleClick.net, your browser sends DoubleClick a copy of all its cookies. If you visit many websites that contain chunks of DoubleClick content, your browser supplies the company with a steady stream of cookies.

And remember, DoubleClick.net is just one example of the many domains that supply elements to webpages and leave cookies on users machines.

Thats why the entire internet seemed to know instantly that Deckelmann had been shopping for sinks.

As Oppenheim says, From a consumer perspective, theres a big difference between first-party cookies and third-party cookies.

One way to do that is by browsing in Private mode (for Safari or Firefox) or Incognito (for Chrome). Browsing this way doesnt keep your internet service provider or a web server from knowing what youre doing online, but it does keep cookies from working. And that can be illuminating.

Its showing you what its like to live in a world without cookies, Deckelmann says.

For instance, if you normally stay logged into Facebook, youll have to log in again if you visit using a Private window.

If I clear my cookies, it screws up my workflow, says Oppenheim. Having to sign in every time is a hassle.

Full disclosure: uses cookies, though the site doesnt accept advertising. You can learn more in theConsumer Reportsprivacy policy.

You may not mind third-party cookies. After all, you might like seeing ads for items youve been shopping for.

But, if you want to, you can block just third-party cookies and let through first-party cookies.That will reduce the number of companies collecting and storing information about you.

Deckelmann has a three-pronged plan for accomplishing this, just by using your browser settings. (Ad-blocking web extensionsalso accomplish this, along with other tasks; thats a discussion for another day.)

The first step is to make sure you have a record of all the passwords for sites that require a login. (Apassword managercan help with that.) Once youve done that, Deckelmann suggests going ahead and clearing all your cookies, as outlined below. Trying to delete cookies one at a time would take forever, and even experts cant tell with any certainty what each individual cookie does.

Its like your purse, Deckelmann says. Periodically you need to dump that thing out and start fresh.

The trade-off: Your web surfing experience will be a little choppy for the next few days as you re-enter passwords and update other settings.

Heres how to clear cookies in three popular browsers.

Chrome:Under the Chrome tab at the top left of your screen, click Clear browsing data. Check the box: Cookies and other site data. Then click the bar at the bottom right of the window that says Clear browsing data.

Firefox:Under the Firefox tab at the upper left of your screen, go to Preferences Privacy & Security Show Cookies Remove All.

Safari:Under the Safari tab at the upper right of your screen, go to Preferences Privacy Manage Website Data Remove All.

The final step is to instruct your browser to allow first-party cookies while blocking third-party cookies.

Chrome:Go to Preferences Privacy Content settings. Open the Cookies tab and select Block third-party cookies.

Firefox:Go to Preferences Privacy History. The default setting is Remember history. Change it to Use custom settings for history to reveal your cookies options.

For third-party cookies, you have three options: Always, Never, and From visited.

Safari:Apples browser features the same cookie compromiseAllow [cookies] from websites I visitwhich can be found at Preferences Privacy.

We respect yourprivacy. All email addresses you provide will be used just for sending this story.

Oops, we messed up. Try again later

Shopping links are provided by eBay Commerce Network and Amazon, which makes it easy to find the right product from a variety of online retailers. Clicking any of the links will take you to the retailers website to shop for this product. Please note that Consumer Reports collects fees from both eBay Commerce Network and Amazon for referring users. We use 100% of these fees to fund our testing programs.

I believe that technology has the power to change our livesfor better or for worse. Thats why Ive spent my life reporting and writing about it for outlets of all sorts, from newspapers (such as the Wall Street Journal and the New York Times) to magazines (Popular Mechanics and Rolling Stone) and even my own books (Newtons Football and Claptons Guitar). For me, theres no better way to spend a day than talking to a bunch of experts about an important subject and then writing a story thatll help others be smarter and better informed.