Online & Websites

What you need to know:

When you’re browsing the web online, websites often use unique IDs stored in “cookies” (data files stored in your browser) to identify you. They function as the site’s short-term memory and can remember your settings, preferences, activities and login status while you visit different pages on the site or when you leave the site and come back. These are known as “1st party cookies” and can only be accessed by the website which created it.

However, large advertising networks, technology companies, social media platforms and data brokers can also create and store in your browser what are known as “3rd party cookies” when you visit websites across the web that have their code placed on that site. This allows these companies to be able to identify you as you navigate across the web and collect your online browsing data. This data is then utilized to facilitate advertising between brands that want to show ads and publishers (sites with content) that can place these ads on their pages. This mechanism for example, enables marketers to show you ads for a product you browsed on website A, while you are visiting website B.

This type of tracking has been a core part of how the online advertising industry has operated for many years. Privacy concerns though have increasingly put 3rd party cookies under fire, with some browsers implementing technology to block them by default. However, advertising networks and technology companies are continuing to look for new ways to collect data and track user across the web without the use of cookies. Furthermore, large tech companies with enough of your data collected through its own services (like owning the browser itself for example) may end up benefiting from a cookie-less world, as it makes the data from these alternative sources all the more valuable to advertisers.

Keep in mind that the majority of the internet has incentives aligned around data collection, where brands/retailers wants to serve consumers ads to drive purchases, publishers wants to sell ad space to brands/retailers and advertising/technology companies want to facilitate and enable that transaction in order to profit. This means the entire internet ecosystem is dependent on knowing and tracking you.


Beyond tracking from websites and tech companies, your internet service provider (ISP) also has access to everything you do online, including websites and apps you’ve visited, when and where you visited those sites and what devices you are using. This type of data can be incredibly powerful for targeted advertising.

When you visit a website that uses the unencrypted protocol “HTTP” (a good chunk of the web), then your ISP can see the full URL and content of the webpage. When you visit one using the encrypted protocol “HTTPS”, then the ISP can see the top level domain name (i.e.

Federal protections that had prohibited ISPs from selling your online behavior data without consent was repealed in 2017, giving these companies free reign to monetize your data. Investigations are ongoing by the FTC to understand these companies’ data practices, but some states (like Maine), have taken matters in their own hands and barred this practice.

Learn More:

Learn more about cookies

How some browsers are phasing 3rd party cookies

How publishers are tackling the fall of 3rd party cookies and looking to create alliances to share data amongst themselves

How Facebook uses pixels to track you across websites without cookies

Digital fingerprinting, an alternative method to track users across the web

Google may end up better off in a world without cookies and holds a lot of power in how the digital advertising world will evolve

How Verizon used “supercookies” in 2016, cookies you can’t delete

Learn more about the 2017 repeal that allows ISPs to monetize your online data without consent

How FTC is investigating ISPs selling your online data without consent, and how Maine has barred the practice

What to do:

Check this website to see if your browser has 3rd party cookies enabled.

For Chrome- instructions on how to clear and change cookie settings here, also refer to here on how to manage other Google tracking mechanisms.

Considering changing to a browser with 3rd party cookies automatically blocked like Safari and Firefox or use extensions that help you block trackers like Ghostery. Read here for a summary of privacy focused browser options.

In addition, using services like VPNs or Tor will eliminate tracking (even from ISPs).

If making purchases online consider using a disposable email service to limit the ability to trace that data back to you. Also consider using services that can mask your credit card for additional levels of data and identity protection.