isbel
es
← Back to Blog
Cybersecurity

Between Convenience and Privacy: The Double-Edged Sword of Cookies

Isbel
Between Convenience and Privacy: The Double-Edged Sword of Cookies

What can we do to protect our online privacy?

Privacy Under the Microscope: Facebook and Cambridge Analytica

Many of us likely became aware of the importance of the amount of personal information we leave on the internet every day in March 2018, when the scandal involving Facebook, Cambridge Analytica, and the United States presidential elections came to light.

If you do not recall the details clearly, here is a brief summary: this case exposed a series of questionable practices surrounding the collection and use of personal data from Facebook users without their explicit consent.

Cambridge Analytica was a British data analytics firm that worked on political campaigns, known for its focus on data modeling and electoral influence. The company acquired data from up to 87 million Facebook users through a personality quiz application called "thisisyourdigitallife." Approximately 270,000 people downloaded the application and granted it consent to access their data.

The British firm used the collected data to build detailed psychographic profiles of American voters. These profiles were then used to target disinformation campaigns and highly personalized political advertising on the Facebook platform, particularly during the 2016 United States presidential campaign.

The scandal resulted in intense public criticism of Facebook regarding its data privacy management and policies. We all remember the image of Mark Zuckerberg testifying before the United States Congress. As a consequence, in 2019 Facebook was fined $5 billion by the Federal Trade Commission (FTC), the largest fine ever imposed by the FTC. The company also agreed to implement a new privacy framework.

This case was covered by all major media outlets and became a turning point in collective awareness about online data privacy. It drove debates about the regulation of social media platforms and the protection of user privacy. However, the issue did not originate there; since the early 2000s, work on this topic had already been underway in Europe.

What Are Cookies and How Do They Affect Us?

Every time you visit a website, the page stores a small text file in your browser: that is a "cookie." Cookies were originally created to improve the user experience — for example, so you do not have to log in every time you visit your most frequently used pages, or so the site remembers your preferred language for navigation. Cookies also collect data about how users interact with a website, which helps developers understand user behavior, improve site design, and optimize content.

Over time, this personal information began to be used for advertising purposes and even malicious activities. For example, session hijacking occurs when an attacker obtains your login cookie for a site and can then impersonate you, accessing your accounts and private information.

I used to be one of those people who thought there was no problem with companies using the information they collected about me, and that, on the contrary, I benefited from seeing more advertisements for products I was interested in and fewer for things that were irrelevant to me.

However, over time I changed my mind, because I learned from technology commentators such as Santiago Bilinkis. This week I watched one of his videos in which he explained that a ride-hailing application we use to travel around the city was using the remaining battery percentage on your phone as a determining factor to calculate the fare for the trip. If the application detected that you were close to running out of battery, it was likely that you were desperate to quickly secure that ride, so the cost of the trip would increase significantly. In any case, they have since changed the algorithm and this no longer happens, but it left me thinking.

Legislation on Cookie Usage

Initially, companies tracked cookies without the user's knowledge, but legislation evolved and better practices were imposed. Now, fortunately, we have to deal with the annoying pop-ups to accept cookie usage when visiting a site for the first time.

Concerns about online privacy and cookies began to be discussed in the 1990s, when cookies were increasingly being used to track user behavior on the internet. However, laws to regulate this did not arrive until 2002 in the European Union, with the ePrivacy Directive of 2002 (updated in 2009) and the General Data Protection Regulation (GDPR) of 2018, which establish strict rules on cookie usage and user consent.

With this 2018 regulation, the goal is for users to have greater control over their data and how their online behavior is tracked. Additionally, websites must inform users about cookie usage and obtain their consent before collecting data.

For advertisers, the regulation made it more difficult to target specific audiences based on their previous browsing behavior, leading them to seek alternative methods for collecting data and directing advertising. One such method involves informing users and requesting consent for data collection.

Another way to target advertising to the right people is "fingerprinting," which gathers information about the browser and device to create a unique user profile. In my view, this technique, although it does protect people's digital identity better, is not very different from using cookies.

For its part, within its Privacy Sandbox initiative, Google is developing technologies aimed at enabling personalized advertising without compromising individual privacy, replacing third-party cookies with solutions such as FLoC (Federated Learning of Cohorts).

What Can We Do to Protect Our Online Privacy?

The most important point is that there is growing awareness about the implications of sharing personal information at every moment.

If, like me, you want to start taking better care of your privacy, here is a series of habits I am trying to implement:

  • Configure privacy settings in your browser to block or limit third-party cookies and other forms of tracking. Configure privacy settings in your browser to block or limit third-party cookies and other forms of tracking.

  • Install browser extensions. There are some designed to enhance privacy, such as ad blockers, cookie managers, and anti-tracking tools. Install browser extensions. There are some designed to enhance privacy, such as ad blockers, cookie managers, and anti-tracking tools.

  • Keep your browser and operating system updated, because updates that improve security and privacy are constantly being released. Keep your browser and operating system updated, because updates that improve security and privacy are constantly being released.

  • Log out of websites after using them. I know it is very inconvenient, but this habit can help you prevent session hijacking. In fact, I try not to browse any site that requires a login on computers other than my own. Log out of websites after using them. I know it is very inconvenient, but this habit can help you prevent session hijacking. In fact, I try not to browse any site that requires a login on computers other than my own.

  • Be cautious with public Wi-Fi. Although we constantly hear about the precautions that should be taken with public networks, many people think "it will not happen to me" — I used to think the same way. We need to be aware of the security risks when using public networks and avoid sensitive activities, such as accessing your online banking through those connections. There is a lot of advertising for VPN tools that protect you in those cases, but I am not sure how reliable they are. If anyone has experience in this regard and wants to share it in the comments, it would be very valuable for everyone. Be cautious with public Wi-Fi. Although we constantly hear about the precautions that should be taken with public networks, many people think "it will not happen to me" — I used to think the same way. We need to be aware of the security risks when using public networks and avoid sensitive activities, such as accessing your online banking through those connections. There is a lot of advertising for VPN tools that protect you in those cases, but I am not sure how reliable they are. If anyone has experience in this regard and wants to share it in the comments, it would be very valuable for everyone.

  • Follow a technology commentator you enjoy to stay updated on safe online practices and to stay informed about security threats you may not be aware of. Follow a technology commentator you enjoy to stay updated on safe online practices and to stay informed about security threats you may not be aware of.

By Santiago Pennino, CMO of Quantik.

Santiago holds a degree in Advertising and has extensive experience in media agencies and the tourism industry. He currently serves as CMO of the Quantik group.

Throughout his professional career, he has held leadership roles at Despegar.com and various advertising agencies, focusing on assisting companies with their digital transformation and brand development.

Paysandu 926CP 11100MontevideoTel: +598 2902 1477

© 2025 Isbel S.A., a Quantik® brand

Av. Ana G. Mendez 1399, km 3PR 00926San JuanTel: +1 (787) 775-2100

Carmen C. Balaguer 10El Millon, DNSanto DomingoTel: +1 (809) 412-8672

Follow Us

Our Policies