When we go online or use apps, we are being tracked. Companies collect our personal data by tracking us across the web sites we visit. They build profiles on us based on our browsing history and online behavior. They want to sell us their products and services, and the more they know about us the better they can use this data to manipulate our behavior.
You know those ads that pop up everywhere after you looked up something? After you’ve looked up a new car, car ads follow you around all day. You research a vacation to Alaska, and travel ads show up everywhere. This is the result of targeted advertising, which is based on data they collected on you. Some call it surveillance capitalism, and it’s big business.
How it happens
– Cross-site tracking
Cross website tracking is the practice of tracking your online activity to monitor your browsing habits by advertisers, businesses, and other digital entities. When you visit a website, data is created by the web server and transferred to your browser via cookies, which are especially designed to track details about your browsing history and online activity. A cookie is set in your browser by third-party tracking apps via an analytics tool or embedded content, and it will follow you across the sites you visit. Information is collected about your browsing history, what you purchase, your interests and demographics. This is used for advertising purposes and to provide you with personalized ad experiences. It poses serious privacy concerns, because they don’t require your consent and you have no control over what happens to the data.
First-party cookies are less troubling, because you have some control over your data, and they can be helpful – it’s what keeps you logged in to your accounts and keeps items in a shopping cart, and enables weather updates for your specific location. Things that make our online lives easier.. This is the cookie consent banner that appears when you enter a website, where you decide what to allow. Companies will use these cookies to analyze website traffic and to improve user experience on their sites.
– Web Beacons
A web beacon also tracks your activity through a hidden element such as a banner, image or button on a web site. HTML elements like frames, style, script, etc. are also used as beacons. These tracking beacons are used by advertisers, web analytics companies, and social media sites. When combined with cookies, it can give companies detailed information about user behavior. Google Analytics for example uses web beacons to track you across the web.
Social media buttons embedded on websites you visit can contain beacons, which send data back to the websites to create user profiles for targeted advertising. The Facebook Pixel is one such beacon, which tracks almost every aspect of your web browsing activity and aids targeted advertising. Facebook can also track your activity while you are offline, without your knowledge.
Beacons can also be embedded in emails, which enables IP address tracking. It can log the exact time, date, and IP address when you open any mail with a beacon.
– Canvas Fingerprinting
Fingerprinting creates a unique image with information about your device, software, graphics card and hardware settings, This image acts as a digital fingerprint which can provide information about you when combined with other tracking data. A website and other third parties create unique profiles about you while they study your internet habits. They do this by deciphering how your browser responds to graphical instructions through HTML5, the latest version of the coding language HTML.
What it all means
1. Companies use your data to set higher prices, influence purchasing, and control content
Companies know when you’re interested in a particular product, and you’ll start to see targeted ads and product recommendations. If you’re repeatedly searching for flights to Alaska, they will use that data to increase prices at a future date because they know you are more likely to buy. Increasingly, companies use a scoring system to provide these targeted ads and individualized pricing. So you might basically pay more for something because they know you’re going to buy. Political campaigns use the same tricks for targeted advertising, by combining data from data broker companies with public voter lists to create a profile on you.
2. Companies use dark patterns
Dark patterns are intentional features on websites and apps that make it harder for you to do what you want. The motivation is of course profit either directly through a purchase or indirectly through sharing your data. They do this so subtly that you are not really aware of whats happening. They’ll hide certain things like the Unsubscribe button (hello, where is that darn button), or use color and big font to manipulate you into making a purchase. Big companies like Google and Facebook will disable their more protective privacy settings, and you actually have to opt in. Most of us don’t even know about the option, and find it time consuming and confusing. They hope you’ll give up so that they can continue to collect your data.
3. Social Media is controlling what you see
Social media uses algorithms to determine what content you’ll see. They monitor and track your behavior and your interests and know exactly what you like and what you engage with. The algorithms adapt and learn from your interactions in order to provide you with “relevant” and similar content. Facebook and Instagram will say that this enhances your experience. Maybe what is actually happening is that your online experience is narrowed, coerced and constrained. The goal of these algorithms is to prolong user engagement and to increase advertising revenue. Just think about how many ads you see when you scroll through your feed. Not to mention all the good stuff you’re missing out on because the algorithms think you’re only interested in (insert subject here).
4. Data brokering is big business
Data brokers sell your data for a huge profit. They harvest, manipulate (and even misrepresent) consumer data and sell it to companies for marketing and advertising purposes. Data brokers are legit businesses but largely unregulated. Even many of the regular companies you interact with make extra profit from selling your data on top of selling you their products. Over 1500 leading brand companies sell data from their customer loyalty programs. Companies make it difficult on purpose to opt out of privacy policies, and they might not give you a complete picture of the information they collect.
5. Governments can see what you do online
In the US, the federal government collects personal information on individuals, for things like law enforcement, border control, and “enhanced online interactions” with it’s citizens. Your social media accounts have information that you have willingly shared, and with the use of AI algorithms, governments can quickly analyze a lot a data about us that may indicate certain behavior. Think locations, gender, religion, political views, etc. Governments can also request access to personal data held by private companies, such as Google and Apple. They can request information from ISPs (Internet Service Providers) like Comcast and Verizon, which can provide a very detailed view of your internet usage. We don’t really know what information is held on us, and there aren’t enough safeguards and regulation on personal data.
6. Data can be stolen
With all this personal data out there, it’s important to keep it safe. Keeping your personal information secure online is a great first step. Data breaches happen all the time, and there are always people out there who will try to use your information to scam you, steal your identity, or trick you into giving them money. Be proactive and take steps to protect yourself.
Increase your privacy and protect your data
1. Don’t overshare on social media
Be selective about what you share. Keep your profiles private. Locations, details about your life, photos of your home and your children all add up to create a clear picture of your life, your habits, relationships and property. All this information is gold and is monitored, collected and analyzed.
2. Don’t download shady apps or links
Some apps and links contain malware and spyware. Make sure you verify that an app is legitimate before you download, and don’t click on links that you’re not sure about. Hackers and scammers can gain access to your data through malware and spyware installed on your device, and track your online activities.
3. Incognito/Private browsing isn’t private
Private browsing and incognito modes prevent your data from being stored locally on your computer, but be aware that it only deletes your local browsing history. Websites continue to track you even in private mode. Your IP address and websites you visit are still visible to trackers. Websites, search engines, internet providers, schools and the government can still easily track you. (Google was sued for harvesting incognito data.)
4. Avoid IoT devices
Internet of Things (IoT) devices are devices connected to your home network such as Alexa and Google Home, smart thermostats, fitness tracking watches, and home security systems. There’s a lot of data about your habits and personal life that is transmitted to and from these devices, and it’s typically not encrypted. That means that not only can IoT’s constantly listen and record data about you, but this data can be intercepted by a third party or stolen in a data breach. You can put these devices on a Guest wi-fi network, and check the security and privacy settings on each device to help protect yourself.
5. Use privacy-focused browsers
Some web browsers have built in cross tracking prevention tools and anti-fingerprinting policies. Mozilla Firefox and Safari has fingerprinting blocking and defense modes, and Brave and Tor browsers also have settings for this. Adjust the privacy settings in your browser to manage tracking preferences. If you want to see what your fingerprint looks like, check out https://abrahamjuliot.github.io/creepjs/ and https://www.browserscan.net.
6. Use ad blockers
Install extensions to your browser that will block pop-up ads and help prevent web tracking. Privacy Badger, Adblock, DoNotTrackMe and others are free browser add ons. You can see how trackers view your browser here https://coveryourtracks.eff.org, a project by the Electronic Frontier Foundation.
7. Reject cookies on websites
Most websites have cookie notices where they are supposed to tell you what they use the cookies for, and get your consent to use them. You should be given a choice to Accept All or Reject All. Many sites make it difficult to reject all cookies by hiding the button. By making you go into a Manage Settings option, they hope that you’ll simply Accept All. Sneaky!
8. Manage cookies on your device
Configure your browser to restrict third-party cookies, and review and clear cookies. These files store your search history and will remain on your computer until you clear them out. Remember that clearing cookies will log you out of most websites and delete your preferences, but it might be a small price to pay for privacy.
9. Encrypt communications
Avoid transmitting sensitive information such as financials and personal details through unencrypted channels. This reduces the risk of data interception and adds another layer of security. Messaging apps that use end-to-end encryption (E2EE) can’t share user information with law enforcement or other third parties.
10. Use a VPN
A VPN, or virtual private network, protects your online activities by encrypting your data and masking your IP address. This means that no one can see your browsing activity, your location, and your identity. A VPN gives you more control over your privacy, and creates a safer and more secure online experience.
11. Secure your network
Make sure your router software is up to date, implement WPA3 or WPA2 and turn on firewall capabilities to protect yourself. Set strong passwords everywhere, and create separate networks for guests and your IoT’s.