The Uses of Cookies
Although there are no specific information requirements for how this information should be given, there is general agreement that categorising them according to their purpose is the best way of achieving this.
There are no agreed-upon standards for doing this, but the most common systems in use today were first proposed and developed by The UK International Chamber of Commerce (ICC). We adopted this system, and use it in our cookie auditing service as well as on the Cookiepedia site.
By building up an extensive knowledge base, the CookiePro cookie audit tool is now able to classify most cookies on a site automatically, making the process as painless as possible for site owners.
For more details on the criteria we use for categorizing cookies go to Cookiepedia, below we give you an idea of the privacy impact of each type.
Strictly Necessary Cookies are ones that are only used to enable a site to work and can generally be assumed to have negligible privacy concerns attached to them. They are therefore exempt from cookie regulations around the need for consent. Often they are generated automatically by the technology platforms running most websites. However, it is important to realize that these can be customized to perform additional tasks that can change their purpose.
Performance Cookies provide site owners with information like web analytics statistics, they are generally a low concern for privacy, even though they are not exempted from EU cookie compliance rules. However, some are third-party cookies which increase the level of privacy intrusion and may increase the level of consent required for their use.
Functionality Cookies cover a very broad range, and though generally bring visible benefits to users, can still carry privacy concerns. Where third party providers are involved, site owners should check the privacy policies or terms of service of the providers, to make sure they are not using data for other purposes.
Targeting or Advertising Cookies are generally considered the most privacy-invasive, and are themselves the target of many concerns raised by regulators and privacy advocates. This is because they are primarily used to create profiles of visitor behavior across many websites, which can have a broad and unknown range of impacts on visitors.