We are all concerned and debating the rise of online privacy in the wake of the Facebook scandal. Here is my attempt to explain how web tracking works in a nutshell.

What is web tracking?
Web tracking is the practice by which websites identify and collect information about users. This is usually in the form of some subset of web browsing history.

How does this work?
Every time you use the Internet, you leave a record of everything you click on, including the websites you visit. To track this information, many websites save a small piece of data, embed invisible objects, or use your user accounts and hardware configuration.

More about this is described in the “Tracking mechanism” section below.

Why is this done?
From the point of view of website owners and trackers, it provides desirable functionality including personalization, site analysis and targeted advertising.

Without trackers, an e-commerce website would have to treat each user as a stranger and would be unable to present personalized content.

Is web tracking bad?
Web tracking isn’t 100% bad, but its workings are poorly understood. After you switch websites, ads for products you just viewed, or products you viewed a few weeks ago, will reappear! The biggest concern involves the trackers of third party websites.

This Twitter thread describes how much of our information is being collected by Google and Facebook.

First-Party vs. Third-Party Web Tracking
Say for example, you go to nytimes.com. The New York Times knows you’re gone and knows what article you’re reading. In this case, the New York Times is a “first party”.

Since you choose to take a first-party visit, we are not particularly concerned about what first-party knows from your visit. A third-party tracker such as doubleclick.net — embedded by nytimes.com, for example, to provide targeted advertising — may log a user’s visit to nytimes.com.

The number of trackers present in any website depends on what the website owner has decided.

What is third-party tracking?
Third-party web tracking refers to the practice by which an entity (tracker), other than the website directly visited by the user, helps to track or track a user’s visit to the site.

Third-party trackers are creepy.
Once a third-party is on a page, that third-party has the ability to rotate and invite any number of other third-parties to the first-party’s webpage.

Your personal information is valuable, and you have a right to know what data is being collected about you – your age, income, family age and income, medical history, dietary habits, favorite web site, your birthday … the list goes on.

The trick is to take this data and work with third parties to help them come up with new ways to persuade them to spend money, sign up for services, and more. It would be fine if you decided to omit this information for a tangible benefit, but you may never see a benefit aside from advertising, and there is no one to include you in the decision.

tracking is not anonymous

You may think that this tracking is anonymous, as your real name is not associated with it. But many third-parties know your real identity.

For example, when Facebook acts as a third party tracker, they can know your identity as long as you’ve created a Facebook account and are logged in – and maybe even if you’re not logged in.

It is also possible for a tracker to anonymize a user by algorithmically exploiting the statistical similarity between their browsing history and their social media profiles.

Visible Third-Party Trackers
While most third parties are invisible, visible page elements such as the Facebook Like button, embedded Twitter feed and many other commercial widgets are all methods of third-party tracking.

Cookies are the most widely known method for identifying a user. They make use of small pieces of data (limited to 4 KB each) kept in browser storage by the web server. When a user visits a website for the first time, a cookie file with a unique user identifier (can be randomly generated) is stored on the user’s computer.

Subsequent visits to the Facebook page do not require you to login, as your details will be remembered by the browser via a cookie stored during your first login.

Browser fingerprinting is a highly accurate way of identifying and tracking users when they are online. The information collected is quite extensive, and often includes browser type and version, operating system and version, screen resolution, supported fonts, plugins, time zone, language and font preferences, and even hardware configuration. Huh.

These identifiers may seem generic and may be used to identify personally identifying information.

Leave a Reply

Your email address will not be published. Required fields are marked *