#SpotlightOnDigital: Don’t Feed the GDPR Cookie Monster!

Banning the Cookie Monster
[based on Cookie Monster by yahyanikrushdi]

Since the GDPR (General Data Protection Regulation) came into effect in late May 2018, the web has become a more frustrating place. A vast majority of websites, both large and small, block access to their content until you consent to their data gathering and processing policies, including cookies to track you across the site and, often, the wider web. These show that the website (or the corporation behind it, at least) is complying with the letter of the law by asking for ‘informed consent’ regarding the personal data about you they intend to collect and how it will be processed and shared, however they are also showing complete disdain for the spirit of the law, which was intended to limit the amount of unnecessary personal data being collected and processed for EU citizens.

If you have looked carefully at the terms and conditions of many of these sites (but who could blame you if you haven’t!), you’ll generally see that you are consenting to allow the website operators to track you across the internet, send you targeted ads based on your activities, share the information within their wider corporate groups, and sell the gathered data with any third party they wish. In fact, while the increased transparency is positive, many sites are using this as a  digital ‘land grab’ to get more power over your data than they had before. This is particularly nefarious on the sites where you must consent to access the content and there is no opt-out option.

So what can you do?

Well, the first thing to ask is whether you care about the content from the site. If you aren’t too fussed or can get the same material elsewhere, then you could just boycott the site. When they start losing visitors, and therefore money, because of these practices they might change their ways. However, that isn’t always feasible, so you managing your cookies may be better.

One of the main ways that websites remember who you are between visits is by saving a tracking cookie in your web browser. These cookies are small text files that contain a unique identifier that can be used to save and load information about you as you browse the web. If you’ve ever wondered why you get adverts on a variety of websites from, say Amazon and Ebay, for things you’ve looked at on those sites, it is because they have saved a cookie and when you go to a website that uses their advert technology it looks you up and personalises the ad based on what you’ve recently looked for.

Preventing your browser from accepting cookies entirely is possible, but it can severely reduce the functionality of many websites. Therefore the easiest way to crush the cookies is to use your browser’s ‘incognito’ mode, a.k.a InPrivate [Internet Explorer/Edge], or Private Browsing [Safari/Firefox] (instructions for all browsers). This won’t make your online activity completely secret – your ISP, or employer when at work, will still be able to see where you’ve been – but it does automatically delete all the cookies created in the incognito session when you shut your browser down. This means that you can agree to all of the data collection policies, browse the site, then close the browser. When you go back to the site you’ll look like a completely new visitor as there will be no way to tie you to you previous activities.

However, you should be aware that this is only useful for sites where you don’t log in. When you log into a site you are again telling it who you are and giving it the opportunity to store data about you and track your activity. So, ultimately, you may want to be more disciplined about the sites you sign up for and make sure that you log out before you leave them.

Leave a Reply