Cookie
Definition
A small text file stored on a user's device by a website. Cookies can be first-party (set by the site being visited) or third-party (set by external services like analytics or advertising platforms). Third-party cookies are a primary mechanism for cross-site tracking and are a key focus of privacy regulations.
Legal Definition
US state privacy laws do not specifically define "cookie," but cookies that collect personal information fall under their scope. Under the CCPA, the unique identifiers placed by cookies constitute personal information (Cal. Civ. Code 1798.140(v)). Cookies used for cross-site tracking may constitute "sale" or "sharing" of personal information.
State Laws Using This Term
Practical Example
A news website uses a third-party advertising cookie that tracks the user across multiple sites to build a behavioral profile. This cookie collects personal information and may constitute sharing under the CCPA, requiring a "Do Not Sell or Share" opt-out.
Related Terms
Frequently Asked Questions
Do US state privacy laws require cookie consent banners?
Unlike the EU's GDPR, most US state laws do not require affirmative opt-in consent for cookies. However, they require businesses to disclose cookie usage and provide opt-out mechanisms for cookies used for targeted advertising or data sales. A consent banner is the most practical way to comply.