According to cybersecurity experts, mechanically clicking on “accept cookies” can be problematic.
We all do it, often without thinking while browsing the web. A window opens, we click on “accept all” and we move on. If this expeditious validation has become automatic during web browsing, behind this gesture, there are very real issues surrounding the confidentiality of your data. Not all cookies are dangerous, but not all sites are created equal either. And sometimes just a quick glance can save you trouble.
Basically, cookies are small text files that allow sites to function properly and adapt to your profile. Without them, it’s impossible to stay logged in to an account, keep a shopping cart or even have a site that remembers your preferences. The idea has been around since the 1990s, today it has become the norm, and it’s hard to escape. Basically, as IT expert Cris Angulo reminds HuffPost, “cookies are neither good nor bad”their use depends above all on the choice of the user and the site consulted.
Indeed, where it gets complicated is that there is not just one type of cookie. Some are quite harmless, like those that disappear as soon as you close your browser. Others stay longer so they can analyze you properly. And then there are third-party cookies, those which come from external companies and which are often used to track you from one site to another. They are what make it possible, for example, to generate advertising targeting based on your recent queries.
In this context, by clicking on “accept all cookies”, you potentially open the door to this whole tracking mechanism. And in some cases, it can go quite far. Concretely, this means that your searches, the pages you consult or even the time you spend on a site can be recorded, cross-referenced and used to draw up a very precise profile of your habits. Roberto Yus, computer science researcher, sums it up this way: “When you click “allow all cookies,” you give the website carte blanche to install third-party trackers.” From there, companies can anticipate what you’ll search for, influence what you see online, or even exploit more sensitive information.
To avoid this, there is a simple reflex: check that the site you are on is secure before accepting anything. This involves a detail in the URL: the little “s” behind “http”. This “s” means that the connection is encrypted, which prevents third parties from easily intercepting the information you exchange with the site. Without this “s”, your data circulates in a much more exposed way, almost as if it were passing through the network in the open. This does not mean that the site is necessarily malicious, but “your data is not protected”deplores cybersecurity expert Steve Weisman, thus increasing the risks of banking and identity theft.
So no, that doesn’t mean you have to reject everything outright. The idea is rather to sort things out a little and favor the sites you trust. For example, if you are making a purchase on a site you have never visited before, taking a few seconds to check the address, the presence of the padlock and the cookie settings can avoid unpleasant surprises.
