This is the third in a series of posts that will break down Internet tracking, and let you know what it’s all about, why companies do it, and what you can do to prevent it.
“I don’t mind being tracked,” F-Secure Security Advisor Sean Sullivan often says. “I mind being overly tracked and targeted.”
The problems with over tracking are clear as we demonstrated in a recent experiment where we used Freedome to block trackers on popular sites: “Pages loaded 1.6x faster by average when Freedome was used to block tracking. Page load size decreased by an average of 14% when tracking was blocked.”
Sean put these results in relatable terms: “Trackers are practically recreating the ‘dial-up Internet’ experience. (Ask your parents, kids.)”
Excessive tracking wastes your time and bandwidth. Waste enough of both of those things and you’re wasting money.
But that doesn’t mean all tracking is bad.
“We use tracking on our site to find out more about the people visiting to make sure we’re giving them what they want,” Sean told me. “We don’t pass that data on to anyone else.”
This kind of tracking is known as first-party tracking. This kind of tracking is native to the kind of web experiences we’ve come to expect. It allows sites to remember us and allows us to log in to use services specific to us.
This kind of tracking involves a “cookie,” which is a bit of code a site places into your browser. The kind of targeting that Sean finds so annoying also involves a cookie, but this cookie follows you across the web.
MIT’s Technology Review took a look at a recent tracking study from Marjan Falahrastegar at Queen Mary University and found a murky world of tracking that results in users being monitored by trackers in other continents and by sites they’ve never even visited.
“And they found third-party trackers belonging to companies all over the world. For example, Google has over 40 third-party domains used all over the planet, Microsoft has 19, eBay 7 and so on. There are plenty of less famous names using many third-party domains, such as knet.cn, iponweb.net and sina.”
This is consistent from data collected last year by F-Secure Labs, which found that of the “top 100 URLS accessed by customers all over the globe shows that of the world’s top URLs only 15% were accessed directly. The remaining 85% were accessed by other websites or software on the users PCs. Of the 85% accessed automatically, 10% come from ad-serving domains, 35% are ad-serving domains with tracking components and 19% are purely tracking domains.”
These third-party trackers make it so the ads you see are “relevant” to you and follow you around the web, wherever you go.
Is being overly tracked and targeted the cost we pay for using the web?
Maybe, but these costs aren’t transparent and we have no idea what we’re giving up.
“How do these companies use the data they acquire, where is it stored and who has access to it?” The MIT Technology Review asked. “The law covering this kind of activity is a particularly murky shade of grey in many parts of the world so the answers are not at all clear.”
Since these trackers aren’t disclosing their methods or providing users a choice, the choice is yours. You can use a tool like Freedome that blocks nearly all third-party trackers and take more control of your data. Or you can let third-parties dictate how your data is used to manipulate your online experience.
This is part of a series of posts about what security experts think will happen…
December 30, 2015