To children, whenever the word cookies is mentioned, only one thing comes to mind and that is a deliciously baked chocolate-filled yummy snack. The face usually brightens up the moment that first bite is taken and then saddens once the end is near. Aside’s the delicious and yummy snack, the term cookie is also seen and used in the tech space. Many would have noticed that whenever an attempt is made to access some websites, a pop-up usually comes up requesting an acceptance or decline of cookie. This pop-up is usually annoying because it serves as an obstruction to accessing the website intended. What are those cookies and are they harmful to our devices?
In an easy to understand form, cookies are simply pieces of information saved about you whenever you visit a website. They could also be referred to as small files sent to a users device by the websites visited to remember certain information about the user. These information vary from log-in details to links clicked upon amongst others. Cookies simply aid the website/tech companies in knowing more about as well remember a user’s online preferences. Sometimes, many wonder how a site is able to bring up their previous activities when a site is revisited. That is possible as a result of the cookies already saved on the device. But are these safe?
Over the years, there have been debates and discussions over the type of personal information a website can access. This is so because once cookies are saved on a device, a user’s online privacy is breached and he/she has no control over what is done to the information collected. To curb the excesses of tech companies and discourage the infringement of a user’s online privacy, in May 2018, the European Union enacted the General Data Protection Regulation (GDPR), a sweeping data privacy law . The purpose of this regulation is to ensure that users are very much aware of the information gotten from them by companies. Companies who breach the GDPR were to be heavily fined and sanctioned.
At the full commences of this regulation, companies all over the globe began to enact changes to their user privacy. This then led to the increase in cookie pop-up which basically informs a user that the website uses cookies and ask if a user would accept or reject the cookies. To the Dutch data protection agency, there is little compliance with the GDPR because they’re basically a price of entry to a website.
In 2019, the Nigeria data protection regulation was introduced, mirroring the European union’s GDPR, with the following objectives and definition of terms;
- to safeguard the rights of natural persons to data privacy;
- to foster safe-conduct for transactions involving the exchange of Personal Data;
- to prevent manipulation of Personal Data; and
- to ensure that Nigerian businesses remain competitive in international trade through the safe-guards afforded by a just and equitable legal regulatory framework on data protection and which is in tune with best practice.
Some of the terminologies were also defined as;
‘Consent’ of the Data Subject means any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which he or she, through a statement or a clear affirmative action, signifies agreement to the processing of Personal Data relating to him or her;
Personal Data means any information relating to an identified or identifiable natural person (‘Data Subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; It can be anything from a name, address, a photo, an email address, bank details, posts on social networking websites, medical information, and other unique identifiers such as but not limited to MAC address, IP address, IMEI number, IMSI number, SIM, Personal Identifiable Information (PII) and others;
Personal Identifiable Information (PII) means information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in a context ( NDPR, 2018).
Although cookies are intended to be harmless and just aid a user’s experience when revisiting a website, it is encouraged that care is taken to prevent companies or scammers from accessing, using or selling information gathered to ad companies or for other malicious acts. To prevent cookies from accessing a device, a user can simply find the cookie section typically under Settings > Privacy, click the boxes to allow cookies or simply uncheck these boxes if you do not want it.