Let´s play for "cookies"


We are all used to the fact that, in connection with the protection of our personal data (GDPR), windows pop up on the websites with a warning that the website operator uses cookies and that by staying on their website you agree to them.

The windows have different forms:

European project Citizen Scientists Investigating Cookies and App GDPR Compliance (CSI-COP), in which the BEAT department from our institute participates, is focused precisely on the digital footprint of the user during his activities on the Internet and compliance with the GDPR regulation. One of the goals is to motivate users through active engagement to realize that they have the right to know what data is being collected about them and that they also have the right to refuse tracking. CSI-COP explains to interested users who will become „citizen scientists“ how digital surveillance works and engages them in a general discussion related not only to society’s growing concerns about individual privacy, but also to questions about how to safely handle collected data.

WE ARE ANNOUNCING A CONTEST for the highest number of website analyzes of your choice!

  • Play the first and second episode of the „Cookie Mansion“ game and sign up for the competition by e-mail csi-cop@ciirc.cvut.cz, title „CONTEST
  • Get involved in collecting information about different tracking apps and their usage and send us your analysis by November 30, 2022 – downloadable table HERE
  • Be among the 25 participants with the highest number of analyzes and as a reward you will receive the third episode of the „Cookie Mansion“ game, in addition, we will invite you to a meeting where we will discuss cookies, digital privacy the influence of social networks on society and answer all your curious questions.

So download the „COOKIE MANSION“ game now – have fun, learn and send us your analysis!



The data you help us to collect will be systematically examined by the CSI-COP project consortium to propose a taxonomy of digital trackers in an online repository, which will then be made available to the general public as an open source of information about trackers used in cookies and tracking applications.

The resulting information source will be useful for a whole range of different types of users, from researchers dealing with data protection issues, to administrative workers responsible for GDPR compliance, journalists specializing in technology or software application developers, to parents, teachers and people responsible for the design of school curricula or organizations that equip computers in publicly accessible places, e.g. in libraries.

The European CSI-COP project wants to spread awareness about why personal data protection (GDPR) is important and collect a rich publicly accessible database of dangerous tracking cookies.

The project is open to all interested parties – it does not require any professional education or skills. Participants will learn everything they need from a short and understandable course.

You can find more about the involvement of our BEAT department in the CSI – COP project HERE.

_ _ _

A little more about „cookies“…
Cookies are short text files with unique information about the site visitor and their original purpose was to make the visitor’s stay on the site more pleasant – they got their name from the typical round cookies that were often given out to potential customers or clients in companies in Great Britain and the United States to create a friendly atmosphere.

These small packets of data are stored by the visited website in the browser of the mobile phone, tablet or computer from which the visitor views the website, and are sent back during the next visit. Thanks to this information, for example, e-shops can remember login data, display suggestions of relevant goods, pre-fill a form and also target advertising.

Through cookies, personal data are processed most often for the purpose of ensuring operation (technical cookies), analyzing traffic (analytical cookies) and displaying personalized advertisements (marketing cookies).

It may seem that cookies bring us only sweet and pleasant things, but they also have their bitter side. And this is the way in which they are processed not only by the owner of the given website, but also by any third parties. They can be used for purposes other than those for which the user has given consent. In addition, stored cookies are not protected in any way, which can pose a threat when an attacker gets into the visitor’s device. Nothing prevents him from abusing the data stored here and even stealing his identity.

For this reason, the consent to receive them must comply with the requirements set out in the General Data Protection Regulation (GDPR). Based on the amendment to the Electronic Communications Act, from January 1, 2022 it is also possible to store cookies only if the website visitor agrees. Compared to the past, the cookie bar has to meet a lot of requirements. One of the essential ones is that it can „allow all cookies„, at the same time it must also have the option to „reject all cookies„. Each user can set the management and use of cookies themselves in the settings of the browser they use. It is possible to enable/disable, delete saved files or block the use of third-party cookies.

And what awaits us?
The still unadopted but relatively fundamental European legislation concerning the respect for private life and the protection of personal data in electronic communications (so-called ePrivacy) should bring significant changes to the area of ​​cookies, and the cookie bars described above will not be enough. It is a response to the ubiquitous use of tracking cookies, where users are increasingly being asked to provide consent to their storage on their end device. Users are thus overloaded with endless requests for consent. It seems that consent to the use of cookies should then be incorporated by the developers into the technical settings of the actual browsers. Each user will thus be able to set cookies he/she would like to allow and which not in their browser. This setting will then be used for all websites that the user visits.

Previous articleMireia Diez Sánchez: Speaker diarization: automatically finding "who speaks when" in an audio conversation
Next articleCzechTrade and CTU to support Ukraine's reconstruction with a smart app linking supply and demand