How advertisers track you across the web (and what you can do about it)

0
254

[ad_1]

Ar_TH/Shutterstock.com

Advertisers use a variety of tricks to track you across the web, including tracking your IP, using cookies, identifying your browser fingerprint, and even headers injected at the network level by your ISP. It’s almost impossible to avoid this entirely, but using a VPN and a secure browser will restore some privacy.

Online privacy is a myth. Whether you know it or not, the internet is serving you daily tracking cookies, device fingerprinting scripts, internet service provider super cookies and more tricks designed to get you to hand over as much data as possible. This is how these tools and schemes work.

Common methods used to track you

There are a multitude of ways advertisers can track you across the web. Advertisers cast a wide net and use many different techniques at once to collect information about you, even when you’re browsing incognito or using another device like a smartphone or tablet.

Your IP address identifies you on the web, such as when you log into your email account or visit a shopping website. It’s the numeric address associated with your current connection, whether it’s your home Internet connection or a mobile device connecting via cellular. IP addresses can and are used to track you, both as a security measure (for example, in Gmail to list recent device logins) and to identify patterns that can help identify you as an individual.

Perhaps the best known tracking technique is the tracking cookie. These are small files that live on your device and identify you across different websites, allowing advertisers to identify you even if you’ve never visited a particular website before.

URL trackers are used to collect information about how you reached a destination. If you click on a link in an email such as a newsletter or promotion, URL trackers can be used to learn if the email campaign was successful and to create a larger picture of how visitors arrive at your site.

Tracking pixels are commonly associated with email clients, but can easily be implemented on the web for similar purposes. A unique pixel may be served to each visitor, which is used to collect their IP address. Although you can block cookies and ads with your browser settings or extensions, blocking tracking pixels is much more difficult since your browser cannot distinguish them from standard content.

More advanced tracking techniques

A more advanced technique known as device or browser fingerprinting uses the unique impression or “fingerprint” created by your device to make you stand out from the crowd. This includes your operating system, browser and version, screen resolution, what extensions you are using, your time zone, preferred language, or even technical specifications like your computer hardware or driver versions.

This is how canvas fingerprinting (and WebGL fingerprinting) work. A script running in the background of a web page tells your browser to draw an invisible image. Since each device draws the image in a unique way (depending on the variables used to collect your fingerprint), the image can be used to link your data across websites, without needing to store anything on your device.

If you’re not sure if your personal device isn’t unique enough for an advertiser to make you stand out from the crowd, visit AmIUnique to see for yourself. The large volume of data left behind when visiting a website can work against you in identifying you as a unique user.

AmIUnique Browser Results

Finally, there are so-called “super cookies” that do not use local storage, but are injected at the network level by your Internet Service Provider (ISP) as a Unique Identifier Header (UIDH). This information can be used by your ISP to track browsing data, but it can also be accessed by third parties to identify you on the web.

You cannot remove super cookies as they exist at the network level. Super cookies can be used to restore cookies you’ve already deleted by providing another identifier for advertisers to use. Ad blockers or privacy-conscious browsers can’t stop them either, but you may be able to opt out at the ISP level. In the US, Verizon customers can opt out by logging in and selecting “No, I do not want to participate in relevant mobile advertising” in the privacy settings.

How your data is used

Own trackers often collect information related to their own services. These could be preferences that determine what you see when you use our website, such as your location, language, etc. This type of data makes your experience more convenient.

Third parties, such as advertisers, track you around the web to collect as much data as possible about your browsing habits. Data is the new gold, and a lot of money can be made by understanding a user’s browsing habits from a marketer’s perspective.

This information is ultimately compiled into a database to understand how you behave, what your interests are, where you live, etc. This can include intrusive information like political beliefs, health conditions, or anything else you wouldn’t feel comfortable with if an advertiser found out about you.

The most common use of this type of third-party data is to serve ads. The more an advertiser knows about you, the more likely they are to be successful in displaying an ad that appeals to you. Instead of showing an ad for a product that has no relevance to you, advertisers can show an attractive product that is relevant to your region at a convenient time of day to entice you to click.

These preferences make up an important part of the core product used to sell advertising. The more data points an advertiser has, the more they have to offer potential customers. This allows clients to limit ads to selected cohorts, which should result in a better click-through rate and repeat business for the ad company.

Is the data collected really anonymous?

There are potentially more nefarious uses for this data. Advertisers often convey that the data collected is anonymous or anonymous, but this is not strictly true. Common practice dictates that collected data is stored under a pseudonym (as a random string of letters and numbers) rather than a real-world identifier. The possibility of this data being linked to your identity, email address or telephone number is not outside the realm of possibility.

Consider what might happen if an insurance company could see your advertising profile or search history. Your premiums could increase if you perceived increased risk simply because you researched a symptom or condition on the web (even if that condition is unrelated to your own health). Sure, this is a nightmare scenario, but as long as a summary of your online activity exists within a private company’s database, then the threat is there.

Dynamic pricing could also be affected if a business understands more about you. In the same way that using a VPN to access a travel website from a different country could be used to save money on flights, a travel website that understands circumstances like your financial situation, owner status, or habits of travel could be used against you to increase prices. .

What you can do about it

Advertisers don’t rely on a single technique to track and identify you, which means you should take a multi-pronged approach to avoid tracking as much as possible. The easiest thing to do is enable Do Not Track in your browser preferences. This depends on third parties fulfilling your request, but it’s a start.

Better yet, switch to a browser that provides more control over your privacy. Safari and Firefox block third-party cookies by default, and Safari will even tell you how many trackers were blocked using its Privacy Report feature. You can tell almost any browser to block third-party cookies with a little work.

You can use a tool like Ghostery (available as a standalone browser or web extension) to block trackers and anonymize your browsing experience as much as possible. Go a step further and use Tor at the expense of browsing speed, not only to defeat trackers, but also to combat surveillance and censorship.

DuckDuckGo also has its own browser now, complete with tracking protection and a more private search engine. For search purposes in other browsers, please switch to DuckDuckGo instead of Google to prevent the world’s largest search engine from crawling your queries.

Email is another dripping faucet when it comes to online privacy. DuckDuckGo’s @Duck.com email protection removes tracking pixels and offers aliases that you can disable at will. Apple Mail already includes strong privacy protection, and iCloud+ users get access to Hide My Email.

Apple’s Private Relay promises to anonymize your web requests in a way that even Apple doesn’t know what you’re accessing. Alternatively, use a VPN across the board to encrypt all your browsing data. Using a VPN and Private Relay are two different things, so make sure you understand the differences when trying to choose between them.

Enable private broadcast in iCloud+ settings

You can prevent super cookies (UIDH) from working by using exclusively HTTPS websites with valid SSL or TLS certificates. Alternatively, establishing an end-to-end encrypted connection using a VPN will also prevent super cookies from working.

Tracking is here to stay

The privacy implications of online tracking are concerning, to say the least. While it can block your browsing experience to a great extent, at some point you have to decide between privacy and convenience.

If you are concerned about privacy, we recommend using a VPN (as one of our top recommendations), reviewing privacy policies, and using a search engine that is more respectful of your privacy.

[ad_2]