In the wake of the Facebook scandal where all of us are concerned and debating over the rise of online privacy, here is an attempt to explain how web tracking works in a nutshell.
What is web tracking?
Web tracking is the practice by which websites identify and collect information about users, generally in the form of some subset of web browsing history.
Is it evil?
Web tracking isn’t 100% evil, but its workings remain poorly understood. From the perspective of website owners and of trackers, it provides desirable functionality, including personalisation, site analytics, and targeted advertising.
Without trackers, an e-commerce website will have to treat every user as a stranger and unable to present personalised content.
What is the bad side?
After you switch websites, advertisements for products you’ve just looked at, or products you looked at a few weeks ago reappear! The greatest concern is when the trackers come from third-party websites.
This Twitter thread describes how much of our information is being collected by Google and Facebook.
Are you visiting just one site?
Say for example, when you go to nytimes.com, the New York Times knows you’ve visited and which article you’re reading – in this case, the New York Times is a “first-party”. Because you choose to visit a first-party, we are not particularly concerned about what the first-party knows from your visit. A third-party tracker like doubleclick.net – embedded by nytimes.com to provide, for example, targeted advertising – can log the user’s visit to nytimes.com.
The number of trackers that exist in any website depend on what the website owner has decided.
What is third-party tracking?
Third-party web tracking refers to the practice by which an entity (the tracker), other than the website directly visited by the user, tracks or assists in tracking the user’s visit to the site.
Third-party trackers are creepy
Once there is one third-party on a page, that third-party has the ability to turn around and invite any number of other third-parties to the first-party webpage.
Your personal information is valuable and it’s your right to know what data is being collected about you – your age, income, family’s ages and income, medical history, dietary habits, favourite web sites, your birthday…the list goes on.
The trick is in taking this data and shacking up with third-parties to help them come up with new ways to convince you to spend money, sign up for services, and give up more information. It would be fine if you decided to give up this information for a tangible benefit, but you may never see a benefit aside from an ad, and no one’s including you in the decision.
Tracking is not anonymous
You might think that this tracking is anonymous, since your real name is not attached to it. Many third-parties do know your real identity. For example, when Facebook acts as a third-party tracker they can know your identity as long as you’ve created a Facebook account and are logged in – and perhaps even if you aren’t logged in. It is also possible for a tracker to de-anonymise a user by algorithmically exploiting the statistical similarity between their browsing history and their social media profile.
Track the trackers!
Using Lightbeam, a privacy browser extension, discover who’s tracking you online while you browse the Web.
When you activate Lightbeam and visit a website, the browser extension creates a real time visualisation of all the third-parties that are active on that page. As you then browse to a second site, it highlights the third parties that are also active there and shows which third parties have seen you at both sites. The visualisation grows with every site you visit and every request made from your browser.
There is much more to web-tracking than what is written here. My curiosity for privacy started only last year when I interned with Outreachy – Mozilla for Lightbeam.
Stay safe and make the internet a healthier place!