Are Tracking Cookies Stalking You on the Web?

Learn how internet ads figure out what you like or do by tracking your web browsing activity, and how to avoid them.
We receive compensation from the products and services mentioned in this story, but the opinions are the author's own. Compensation may impact where offers appear. We have not included all available products or offers. Learn more about how we make money and our editorial policies.

Cookies are convenient and useful because they allow you to easily log back into a website and pick up where you left off. But a certain type of cookie, the tracking cookie, is controversial because it follows your digital footprint around the internet without your knowledge and may feel like an invasion of your privacy. 

Continue reading to learn about tracking cookies and how to keep your online privacy safe from them with the best VPNs, ad blockers, secure browsers, and other methods.

In this article
What are tracking cookies?
What are some tracking cookie examples?
What data do tracking cookies collect?
How to prevent internet sites from tracking you
Tracking cookies FAQs
Bottom line

What are tracking cookies?

Tracking cookies keep track of what you do online and collect information about you. Most of the time, marketing, advertising, and search engine companies use them to show you ads based on what you do on the internet.

Companies such as Facebook (Meta), Google, Adobe, and Twitter, to name a few, are well-known for doing this. (However, Apple prioritizes privacy and may use cookies for functionality while using its Intelligent Tracking Prevention (IPT) feature to block third-party cookies and prevent cross-site tracking in Safari.)

Some companies even use Google Analytics’s advertising features that allow them to collect data from other websites with Google’s advertising cookies or tracking cookies. This allows them to retarget you with ads based on your specific behavior, demographics, and interests.

Tracking cookies is one of the main reasons you see so many cookie pop-ups online now. This is mainly because some places, like the U.K. and the European Union (EU), have cookie laws that say websites have to get permission from visitors to collect their information. The websites must also tell visitors how their data is used in order to comply with the EU’s General Data Protection Regulation (GDPR).

Canada and the U.S. don’t have any cookie laws. However, the states of California and Virginia have the strictest laws that govern cookies.

  • California Consumer Privacy Act (CCPA): This law requires companies that use cookies to inform website visitors how they will collect and use their data and provide opt-out options.
  • Virginia Consumer Data Protection Act (VCDPA): Signed into law on March 2, 2021, this law takes effect on Jan. 1, 2023, and requires companies to give consumers the right to make decisions with their personal data and opt out of targeted advertising.

So, how do tracking cookies get onto your device? When you go to a website that uses tracking cookies, your browser talks to the web server and the web server sends a tracking cookie back to your browser, which is then stored on your device.

Each tracking cookie is given a unique identifier (ID) that’s used to recognize you and the device you’re using. By identifying you, tracking cookie data lets advertisers show you ads that are relevant to your interests based on how you use the web.

Tracking cookies are often third-party cookies, but sometimes they’re first-party cookies too.

First-party cookies

First-party cookies are associated with a file that you request from the same domain as the web page you are viewing. When you visit amazon.com, for example, your browser stores several cookies associated with the *.amazon.com domain name.

First-party cookies typically only collect data from your browser activity, such as your login information, the type of device you use, what pages you viewed, and language settings, in order to create a personalized and pleasant user experience on a website.

Third-party cookies

If a cookie is associated with a file requested from a different domain, then it’s a third-party cookie. For example, if you visit amazon.com and Amazon requests files from facebook.com and they include *.facebook.com cookies, those are third-party cookies.

Tracking cookies are often third-party cookies, which advertisers and marketers extensively use.

You can disable tracking cookies on your browser

If you don’t want tracking cookies to track your digital footprint, you can disable or clear them in your browser settings. To do this, open up your browser and select Settings, then Privacy and Security or similar section, and look for a Cookies option.

To learn how to disable cookies, clear your browser cache, or get rid of tracking cookies data, follow the instructions for your browser:

Where did cookies come from?

In 1994, Lou Montulli, a 24-year-old computer programmer for Netscape at the time, invented the first cookie. He made it so that online stores didn't have to store customers' shopping cart information on their web servers, which was taking up too much space. Instead, a user's shopping cart information is stored on their computer.

Today, almost all websites use cookies, and some websites contain hundreds of them. Most of them provide the benefits of convenience.

Many tracking cookies on the internet belong to advertising networks. You may have recognized at least one of them as cookies for advertising purposes. Here are some examples:

  • googleleads.g.doubleclick.net
  • amazon-adsystem.com
  • demdex.net (Adobe uses this)
  • c.bing.com
  • quantserve.net
  • analytics.yahoo.com
  • addthis.com
  • TrackingCookie.Statcounter
  • TrackingCookie.Yieldmanager

Does Facebook use tracking cookies?

Yes. When you visit the Facebook website and log in, it places a tracking cookie on your browser. That means when you visit a website or social media site that has Facebook integrated (such as Instagram), it can determine whether you have a Facebook account.

This is one of the reasons why, when you use Instagram and follow a lot of accounts associated with dogs, for example, you’ll start seeing targeted ads showing dogs all over your feed when you log into your Facebook account.

What data do tracking cookies collect?

Tracking cookies may pose a privacy risk by collecting data about you all across the web. Here is a list of data that could be collected from your browsing activity:

  • Google search history
  • Purchases
  • Clicked links
  • Liked pages and posts
  • Genres followed
  • When and where an advertisement was viewed
  • Geographic location
  • Browser and device attributes

Are tracking cookies an invasion of privacy?

Yes. Because tracking cookies are used to gather information about you and keep track of your activities across various websites rather than to improve your experience, they may pose a serious threat to your online privacy. As a result, it’s important to update your online privacy settings.

How to prevent internet sites from tracking you

Even the most cautious digital citizens may find it difficult to avoid tracking cookies. The first step to prevent websites from tracking you is to be careful what you click on.

You can also hide your browsing history or prevent tracking by disabling cookies and using a VPN, privacy-focused web browsers or remote browsers, or ad blockers that identify and block cookies. Read on to learn the various ways to do this.

Disable browser cookies

To avoid cross-site tracking, disable and delete browser tracking cookies. Check out the links below for further instructions on how to get rid of cookies on computers and browsers.

Install a VPN

A VPN, which stands for virtual private network, lets you hide your internet protocol (IP) address to protect your online identity. Although it doesn’t prevent tracking cookies from Google, a VPN may hide your browsing history to an extent and secure your internet connection on public Wi-Fi.

Here are some VPN recommendations for boosting your privacy:

  • NordVPN: Nord is one of the best-known names in VPNs, and it's privacy forward. It has an audited no-logs policy, passed our DNS and WebRTC leak tests, and it comes with bonus privacy features like multi-hop and Onion over VPN servers. 

    Get NordVPN | Read Our NordVPN Review

  • ExpressVPN: ExpressVPN is a premium provider with premium privacy standards. It also has a strict no-logs policy that's been independently audited, a headquarters not subject to data retention laws, and a Threat Manager feature for blocking apps and websites from tracking your online activity.   

    Get ExpressVPN | Read Our ExpressVPN Review

  • Surfshark: If you're looking to boost the privacy on multiple devices in your home, Surfshark has you covered. Surfshark allows for unlimited simultaneous connections and it's compatible with most operating systems, smartphones, routers, and even smart devices. 

    Get Surfshark | Read Our Surfshark Review

  • CyberGhost: CyberGhost is the most affordable VPN on this list, but it doesn't skimp on privacy. It has a strict no-logs privacy, provides quarterly transparency reports, and is headquartered in Romania, which is not subject to data retention laws.

    Get CyberGhost | Read Our CyberGhost Review

Customizable Coverage That is Simple to Use
4.9
Editorial Rating
Learn More
On NordVPN's website
VPN
NordVPN
Up to 66% off 2-year plans + 3 months extra
  • Ultra-secure, high-speed VPN complete with malware protection and automatic blocking of intrusive ads and third-party trackers
  • Other benefits include a premium password manager, dark web monitoring, and access to IP-restricted content
  • 3 plans to choose from for custom protection on up to 10 devices
  • Too many confusing plans

Set up an ad blocker

The best ad blockers help protect your privacy by blocking third-party trackers, pop-ups, malicious ads, and annoying banners. They also have extra features like custom ad-blocking rules, whitelisting, and many more.

You can download and install compatible ad blockers as software or browser add-ons.

  • Total Adblock: Total Adblock passed its Cover Your Tracks tests with flying colors, so you won't have to worry about tracking cookies. It's also compatible with multiple browsers (Chrome,  Edge, Firefox) and has apps for Android and iOS.

    Get Total Adblock | Read Our Total Adblock Review

  • Nord Threat Protection: From the makers of NordVPN, Nord Threat Protection is an ad and malware blocker designed to further enhance your online security. Its tracker-blocking functions allow you for whitelisting and blacklisting, and it keeps count of the ads blocked so you know you're being protected. 

    Get Nord Threat Protection | Read Our Nord Threat Protection Review

  • uBlock Origin: One of the best ad blockers, uBlock Origin is completely free and open-source. It passed two out of three of its Cover Your Tracks tests, so you can rest assured that tracking ads and invisible trackers will be blocked.

    Read Our uBlock Origin Review

Best Basic Adblocker — Including YouTube Video Ads
4.5
Editorial Rating
Learn More
On Total Adblock's website
Ad Blocker
Total Adblock
Special deal: Save 75% off
  • Instantly blocks distracting ads on millions of websites, including YouTube video ads
  • Blocks third-party trackers to protect your privacy and information
  • Improves page load times and enables faster browsing
  • Free version excludes top 15,000 websites

Use a secure browser

Privacy-focused web browsers provide options to safely browse the web and block, prevent, or automatically delete cookies. Using a remote browser is another highly secure way to browse the web. These are the top five recommended web browsers that help keep your online privacy secure from tracking cookies.

Tip: The Brave browser uses its own search engine rather than Google by default. You can also use DuckDuckGo as a private search engine if you don’t want to change browsers.

Try remote browser isolation

WEBGAP, a zero-trust remote browser isolation (RBI) platform, costs $5 per month. It lets you use your regular browser without cookies and deletes all browsing activity after a session. WEBGAP isolates your local computer and network from your web browsing, protecting it from tracking cookies and malware. It also lets you use a different IP address without a VPN to hide your identity and browse anonymously. It is simple and easy to use.

Here is an example of how to use a remote browser isolation platform like WEBGAP.

1. You can log into WEBGAP’s remote browser isolation platform via https://webgap.me using your browser. (Safari was used for this demo).

You can log into WEBGAP's remote browser isolation platform with your usual web browser.

2. After successfully logging into WEBGAP, an empty search address bar will display at the top of your browser window, where you can enter any URL address or link to a website you would like to visit.

Once you log into WEBGAP, you'll see a search address bar at the top of your browser window.

3. For this example, we'll go to google.com and search for ‘affordable browser isolation.’

We used WEBGAP to visit Google and search for "affordable browser isolation."

4. Google was able to query the search results that were requested.

Google successfully searched for the term we requested, but without our cookies being tracked.

You can safely browse the web with WEBGAP using any browser without worrying about tracking cookies, malware, threats on the web, or your device and IP address being exposed.

Can incognito mode keep sites from tracking me?

Unless you use a VPN or remote browser platform, incognito mode doesn't hide your IP address, but it does hide your browsing history and prevent personalized ads and recommendations. There are numerous other advantages to using incognito mode.

Tracking cookies FAQs


+

Are third-party tracking cookies spyware?

No. Spyware is a type of malicious software, or malware, that secretly records your activities and infects your device. It’s usually installed along with adware. This can happen while browsing on a website and clicking on an unsuspecting ad or link that automatically installs adware on your browser without your knowledge.

Although third-party tracking cookies may seem to be what is a spy cookie and cause privacy concerns, they do not install malware that harms your device. That doesn’t mean that spyware or adware may not leverage third-party tracking cookies or ad cookies when they have the ability to, however.

If you're still worried about your privacy, there are ways to prevent third-party cookies from tracking you by turning them off or blocking them. You may also download antivirus or anti-malware software to protect yourself even more.


+

Are tracking cookies dangerous?

Tracking cookies are not inherently dangerous, but privacy-conscious users may be wary of them. It’s critical for websites to be transparent about their cookie policies, depending on their laws, and to respect the users’ choices when given options for consent.

Even though there are benefits to cookies, such as making the user experience better and more personalized, some cookie features, such as tracking, may make you feel uncomfortable. Once you understand how personal data collection and processing affects you, then you can make informed decisions about tracking cookies.


+

How do I get rid of tracking cookies?

You may get rid of tracking cookies by disabling, removing, or blocking third-party cookies. You can easily go to your browser’s settings and select an option that allows you to do this. Below is an example of how to block third-party cookies in the Chrome browser.

  1. On your computer, open Chrome.
  2. At the top right, click the three horizontally stacked dots and select the Settings cogwheel.
  3. Under Privacy and security, click Cookies and other site data.
  4. Select an option: Allow all cookies, Block all cookies (not recommended), Block third party cookies in Incognito, or Block third-party cookies.

Google reports that it plans to phase out third-party cookies on its Chrome browser by late 2024, which may impact the advertising and marketing web landscape if it does.

Bottom line

Advertisers and marketers use tracking cookies to track your browsing activity and target or retarget you with ads based on your online behavior. They're not dangerous but may compromise your privacy.

To protect your online privacy, disable or delete tracking cookies and use a VPN, an ad blocker, and a secure browser or remote browser. For VPNs with the ultimate privacy, you can read our guide on the best no-logs VPNs

Customizable Coverage That is Simple to Use
4.9
Editorial Rating
Learn More
On NordVPN's website
VPN
NordVPN
Up to 66% off 2-year plans + 3 months extra
  • Ultra-secure, high-speed VPN complete with malware protection and automatic blocking of intrusive ads and third-party trackers
  • Other benefits include a premium password manager, dark web monitoring, and access to IP-restricted content
  • 3 plans to choose from for custom protection on up to 10 devices
  • Too many confusing plans

Author Details
Mars is a cybersecurity professional and writer based in California. Currently pursuing a B.S. in Cybersecurity, he serves as an Advisory Board Member for WEBGAP, specializing in browser isolation. With an interest in OSINT, ethical hacking, and threat intelligence, Mars enjoys writing security content and has experience as a Security Researcher, Cybersecurity Analyst (WEBGAP), and Editor-in-chief (Secjuice).