Super cookies: definition and removal

What are cookies?

An HTTP cookie is a small piece of code that is left in your web browser by a website you visited. The cookie places information on your device so that the website could later identify you as a returning user.

They’re not necessarily a bad thing, as cookies can improve your online experience. The cookie contains a small text file that has information about you. This could be the last time you visited the website, your login details, or what you left in your shopping cart. The next time you visit the website, the information you previously provided will already be there.

However, cookies can also be used to learn your interests and target you for advertising purposes. You may not like them if you want to keep your online activity to yourself. It's important to note that due to the GDPR and many US state and federal laws, most websites are obligated to notify you that they use cookies. They need your consent to do so. It's your choice whether you are happy to use them or not.

Some cookies can crawl and track you to the websites you visit next, identifying your behavior patterns, and more. So what do super cookies do?

Cookies vs. Super cookies

The name is rather misleading because supercookies are not actually cookies:

• Supercookies don't use local storage as regular cookies do. Instead, they are injected at the network level as Unique Identifier Headers (UIDH).
• Supercookies are inserted by your Internet Service Provider (ISP) rather than the website itself.
• You may not be aware of their existence as the ISP might use them in secret.
• UIDH personal data can be revealed to any website and potentially sold to third parties. Verizon has previously told their partners that they use this type of tracking and have received a $1.35 million fine from the Federal Communications Commission (FCC).
• Supercookies allow third parties to track you too. They can independently identify tracking headers themselves and use the data to serve you targeted ads across the web.
• Supercookies can restore the data of your deleted cookies and link the data with new ones. They can access your login credentials, image and file caches, and plug-in data.
• Ad blockers can’t block them, and you can't clear them by deleting your browser history and cache data.
• You can’t simply delete supercookies. You only opt-out if your ISP allows you to.

Are tracking cookies bad?

Tracking cookies aren't harmful to your computer in the way that viruses and malware are. However, cookies threaten something more important than your device – your privacy.

ISPs can inject supercookies to improve their advertising revenue and share your data with other companies. The worst part is that internet users have no control over this threat to their privacy. Supercookies could lead to the leaking of private data, government surveillance, and exploits by cybercriminals.

How to block tracking cookies

Supercookies are mysterious yet powerful creatures – detecting and deleting them is close to impossible. The traditional cookie clean-up won't make them go away, and neither will setting 'Do not track' in your browser or browsing in private mode.

Supercookies depend on HTTP connections, so making an encrypted connection with a website stops tracking headers from functioning. Visiting only HTTPS websites (those that use SSL or TLS certificates) should help you avoid supercookies tracking you or catching them in the first place.

Alternatively, you can reroute your internet traffic through a secure network. Sounds like rocket science? It’s not – all you need is a virtual private network, or VPN. NordVPN encrypts your internet connection, making it impossible for the ISP to apply tracking headers and for super cookies to follow you wherever you go.

Protect yourself from tracking cookies with NordVPN. Try it now with a risk-free 30 days money-back guarantee!