Do you need to list individual cookies used on your site?

ByKrzysztof Planeta
gdpr cookies illustration

In short, NO.

You do not have to list cookies, neither in your consent banner nor your privacy policy. What’s more, it is often technically impossible to do so. And we are not the only ones to say that. Here is an article from TermsFeed on the same subject.

So, why do people think it’s necessary? And why do so many CMPs (Consent Management Platforms) recommend their users to do it?

Let’s find out.

What do consent management platforms use cookies for?

Firstly, you need to know that blocking cookies, while technically possible, can cause various problems on a website and can even break it completely.

That is why most Consent Management Platforms do not block cookies. Instead, they block tracking scripts, which create these cookies. This is a safer and a better approach.

So, what do they use cookies for?

They use it to determine, what tracking tools you have on a website.

You see, cookies are like fingerprints. They are unique to the tools that set them.

But there is a problem…

Most cookies are unknown

Even though CMPs rely on cookies to determine what tools you have on your website, they also have a big problem – they only know a small percentage of them.

This is because:

  1. any developer can create cookies,
  2. there are millions of them,
  3. it is very difficult to guess their purpose.

And that is why…. CMPs ask their own users to name, categorize, and describe all the unknown cookies on their site.

As a result:

  • they can find out more tracking tools
  • their accuracy grows
  • and you have a problem, because the responsibility to find, categorize and describe cookies, lies on you.

So, why are cookies listed in privacy policies?

It’s not about cookies. It’s about their descriptions.

The description of a cookie says:

  • what is the purpose of the tracking tool that set it
  • what is the category of the data that the tracking tool collects

And, coincidently, this is the type of information that you need to put in your privacy policy.

In other words, these cookie descriptions, describe the purpose of the tracking tool that set it. And this is exactly the information that you should have on your site.

Not lists of cookies, but descriptions of tracking tools. Easy.

Krzysztof is a WordPress plugin developer, the author of WP Full Picture analytics plugin and a big web-analytics enthusiast. At the moment he lives with his wife and 2 cats in Spain where they enjoy the sun.

Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments