Privacy should be a human right. Nobody wants strangers to know the things they eat, the names of their contacts, or the feedback from their doctor, at least not unless they have good reasons to provide such information. So why have we stumbled into a situation where online privacy is virtually non-existent?
It’s a critical question for the modern age. When we use the web, we hand over data about who we are, and what we do – usually for free, and often without knowing it. There are ways to resist this, such as VPNs. But the scale of tracking remains somewhat under the radar.
In this blog, we’ll look at some key tracking technologies. But before we do so, it’s just as important to say a word about VPNs – and why they may not be the privacy cure-all that you think they are.
First off, let’s deal with a controversial issue in online privacy – whether users can be tracked by the tools that promise personal protection. Virtual Private Networks are definitely a good tool for anyone who wants to defeat online tracking because they encrypt your data and assign anonymous IP addresses. But there’s no doubt that they can be used as tracking tools by unscrupulous operators.
Recent analysis shows that many popular VPNs are owned by larger business groups, which conceal their identity. For instance, StrongVPN, IPVanish, and SaferVPN are all operated by the shadowy “j2 Global”, while AnchorFree owns HotSpot Shield, JustVPN, TouchVPN, and many other apps.
Is this a problem? Probably. If the owners of VPNs aren’t clear, there are few guarantees about how data is being used. Unless this is clearly spelled out, it’s reasonable to assume that users are being tracked and monetized.
Because of this, it’s essential to choose a reliable VPN. Check out NordVPN and ExpressVPN – two providers that take privacy seriously. Anyway, with that out of the way, let’s check out some of the privacy threats and tracking tools that make reliable VPNs so vital.
At the most basic level, websites can tell a lot about unprotected users simply by analyzing their IP address. This is the unique identifier that tells websites who you are and allows them to authenticate connections. Think of it as the digital equivalent of a postal address.
Like a postal address, IP addresses are connected to geographical locations. They aren’t precise, but IP addresses will betray your broad region (and usually the city you live in). That’s why they are the tool of choice for companies who want to lockout users from certain countries.
Cookies aren’t about to go away. These digital tools are used by around 45% of all websites, and delivered to users when they arrive (hopefully via a form informing visitors exactly how sites will use their data) and they can have constructive uses. For instance, cookies can store information about previous purchases, helping to streamline user experiences at retail sites. But that’s not the whole story.
Tracking cookies can also be delivered by third party marketing companies that persist when you aren’t visiting specific websites. These analytical cookies log the website’s users visits, and transmit this data to central repositories, where it can be organized and monetized for private gain. The main intention is to fine-tune targeted advertising, but the scale of data collection is vast, and potentially go way beyond linking Google users with relevant products.
Cookies are even more effective at gathering information when used in collaboration with other ways to track users, allowing external observers to really pinpoint who is using websites, and how they do so. One of the simplest methods of this kind is HTTP referral.
Although many everyday web users seem unaware of this fact, when you head to a website, the site you visit is provided with referral information, which tells it where you have come from (the “referrer”). You can almost always toggle this on or off via browser settings, but it comes as the default option with Firefox and Chrome. If outsiders have access to multiple links in your referral chain, they can build a detailed picture of your online movements.
Tracking pixels are even more insidious. As the name suggests, these tools involve a single “pixel” that is placed on the target website. You can’t see this pixel on the screen, but it plays a vital role in transmitting information about how you behave online.
Why? Because tracking pixels are linked directly to their owners, who tend to be third party marketing companies. And when you load up a website featuring a tracking pixel, these companies can receive a lot of valuable information.
This could include the operating system being used, your device type and browser, your IP address, and even data on your cursor movements while visiting the website concerned. By using multiple pixels, marketers can learn even more, essentially mapping the way you use a site – and it’s all very hard for ordinary users to detect.
These pixels aren’t a niche tool, either. Snapchat uses them routinely, and the Facebook Pixel is a core marketing weapon for thousands of companies who purchase ads on the social media platform.
Your web browser can also be used as a way to track online activity, and again, this is something that most users seem unaware of. When you log onto a website using a browser (which is more than likely), your browser has to introduce itself to the target server. So it sends a batch of information, letting servers know what version of the browser you are using and the OS being used.
This can allow sites to deliver optimized content, especially for mobile devices. However, it also beams across data that can be linked with other sources to build detailed pictures of individual users.
You can take this further, too. Sites can ascertain the plugins installed, whether you have ad-blocking or cookies enabled, and much more. Put all of this together, and it adds up to a “browser fingerprint” which is a strong identifier of each individual user.
The takeaway of this is clear: tracking is endemic and deep-rooted. So look into secure VPNs, but be careful when choosing a provider. They aren’t all as pure and ethical as they claim.