Greetings. Pretty much since the earliest days of the Web, and the initial use of browser "cookies" for session state control and other purposes, cookies themselves have been controversial.

Cookies (the term in a compsci context goes back to the days of character attributes in serial CRT computer displays, and before that -- yes -- to Cookie Monster on Sesame Street), are simply tokens that contain arbitrary data and are planted and/or retrieved from users' computers by Web sites.

There is a great deal of unjustified paranoia surrounding the use of cookies, but legitimate concerns as well -- the latter mostly related to the ability of cookies to track users without their knowledge across multiple sites.

As Web browser technology has advanced, providing users with greater controls over how cookies are handled has been a significant aspect of Web evolution. Firefox has extensive per-site controls for this purpose. On the other hand, a gripe I have with Google's otherwise excellent Chrome browser is (the last time I checked) the lack of per-site cookie controls.

There are some situations where cookies are invaluable -- especially when dealing with complex sessions that pass through various operational states, sessions that require login or various other forms of authentication, and so on. I use cookies myself for such applications, though I restrict usage to so-called "first-party" cookies -- cookies that all are presented or retrieved to/from the same site with which the user is currently interacting.

Occasionally you run into situations where cookies are arguably being used inappropriately, but without any intended nefarious purposes.

Yesterday I noted a particularly ironic case -- the site TransparentDemocracy, which is focused on ballot and election transparency -- a laudable effort.

The irony is that currently it's impossible to access the site in any manner if you don't accept their cookies. I mean totally impossible. You can't reach the home page. You can't access contact info. You can't read their privacy policy (about cookies or anything else). All you get is a notice that cookies are required, and then the door slams shut.

I usually consider the fairly rare situation of sites that completely block access when cookies aren't accepted as being in the "red zone" of cookie misbehavior, and my concerns about this were forwarded to the site's administrators.

A response was immediately forthcoming, informing me that, indeed, the cookie
situation was the result of an attempt to expeditiously launch the site, and that they would now move to change their implementation in a manner that would likely address my concerns.

There's no denying that I was somewhat amused to see a site with the world
"transparency" in its name blocking access in that manner! Their quick response to the issue is to be congratulated.

My view is that simple viewing of sites and basic, non-logged in interactions should not usually require that cookies be accepted -- whenever possible.

Google is a good example of how to handle such a dynamic gracefully. Google does use a lot of cookies for various of their services. But you can still use Google Search, view YouTube videos, and use various other Google services even if you reject all associated cookies. True, you can't use services that require login, nor can you access most personalized services if you won't accept the cookies.

But the point is that if Google chose, they could require the acceptance of cookies to access any of their services in any manner, and they have wisely chosen not to do so.

Browser cookies are like seasoning in foods. Sometimes they are absolutely essential to an edible meal, but they can also be used gratuitously, overbearingly, and even antagonistically.

Like with so much else in life, the keys with browser cookies are appropriate choices and moderation.

And -- by the way -- the secret with Oreo cookies, even after all these years, is still to twist them apart and scrape the creme filling off with your teeth -- again with moderation, of course.

Cookie Monster knew what he was talking about.

--Lauren--

Addendum (May 12, 2009): Several readers have taken issue with my statement regarding the "secret" to eating Oreo cookies. They've suggested that dunking the cookies in milk is clearly the best technique. I had originally considered mentioning this alternative procedure, but decided at the time that I didn't want to, uh, "dilute" my argument that way.