An "Accept Cookies" Dialog over a field of flying cookies
Clari Massimiliano/

Let’s face it: Browser cookies are a part of modern life, and you need to accept them… Or do you? And why does every British website keep asking about cookies? We’ll show you why you actually have a choice.

Wait, What Are Cookies Anyway?

Browser cookies are small text files provided by different websites that your browser automatically downloads while visiting them. Cookies often contain user preferences that carry over between different pages of the same site, but they can also include identifying information that lets the site know who you are when you visit again later.

The drawback is that any website can read cookies written by any other website, so they can easily be used to track your browsing patterns across the web without your knowledge—and many online ad networks do this. Cookies aren’t always bad, but they can be misused. As a result, debates about cookies are often grouped in with other privacy issues on the web.

Cookie Pop-ups? Thank European Privacy Laws

A cookie consent pop-up on

In 2016, the European Union enacted the General Data Protection Regulation (GDPR), which came into effect in May 2018. In conjunction with the 2002/2009 ePrivacy Directive, websites hosted in the EU must obtain consent from visitors before tracking them with cookies. To comply with these regulations, EU websites must:

  • Ask for consent before using any cookies that aren’t strictly necessary.
  • Provide information about what each cookie tracks before getting consent.
  • Keep a record of consent received from site visitors.
  • Make it easy for visitors to withdraw their consent if it has already been given.
  • Allow visitors to access the site even if they decline the use of certain cookies.

As a way of complying with these laws, website designers created pop-up dialogs that alert you to their use of cookies and in some cases ask you if you want to accept or reject special tracking cookies.

If a site uses what the EU calls “strictly necessary cookies” that make the site function (like a shopping cart) but don’t track you between sites, they don’t have to obtain consent, but they should still warn you they’re using cookies anyway. This has led to pop-ups that say things like “We use cookies” without an accept or reject dialog.

RELATED: Why Do Some Websites Have Pop-Up Warnings About Cookies?

You’re Free to Reject Cookies!

As seen in the last rule in the list above, any website that complies with the EU regulations on cookies must allow you to access the site even if you reject their tracking cookies. If not, the site could be subject to penalties and fines.

That means that visitors to European websites don’t just have the illusion of choice (“accept this or too bad”). Instead, you have a legal right to refuse a site’s cookies and keep using the site.

So the next time a website asks you to accept cookies, feel free to say “no,” and you’ll browse the web just a little more privately than before. And while you’re also free to reject your neighbor’s freshly baked cookies if they bring them over, you can usually eat those and keep your privacy intact. Stay safe out there!

RELATED: Privacy vs. Security: What's the Difference?

Profile Photo for Benj Edwards Benj Edwards
Benj Edwards is a former Associate Editor for How-To Geek. Now, he is an AI and Machine Learning Reporter for Ars Technica. For over 15 years, he has written about technology and tech history for sites such as The Atlantic, Fast Company, PCMag, PCWorld, Macworld, Ars Technica, and Wired. In 2005, he created Vintage Computing and Gaming, a blog devoted to tech history. He also created The Culture of Tech podcast and regularly contributes to the Retronauts retrogaming podcast.
Read Full Bio »