The Quiet Way Advertisers Are Tracking Your Browsing

CREEPY COOKIES THAT TRACK ALL OF YOUR ONLINE ACTIVITY ARE BEING (SLOWLY) ELIMINATED. Major online browsers, such as Safari and Firefox, have curtailed the practice in recent years. Chrome has recognized that cookies are a Privacy Nightmare. Stopping them, however, just removes one type of internet tracking—others are potentially worse.

This category includes fingerprinting, which involves obtaining extensive information on your browser's or Phone's settings. The tracking mechanism is generally covert, there is nothing you can do to prevent it, and authorities have done little to control how firms use it to track you throughout the internet.

What is Fingerprinting?

Your fingerprints' precise pattern of lines and swirls is regarded to be unique to you. Similarly, your browser fingerprint is a set of information that advertisers may eventually trace back to you that is gathered from your phone or laptop each time you use it.

"It gathers information about your browser, network, and device and combines it to generate a collection of attributes that are primarily unique to you," explains Tanvi Vyas, a Firefox principal engineer. The data that makes up your fingerprint might include the language you use, keyboard layout, time zone, whether you have cookies enabled, the operating system version your device is running, and much more.

Advertisers can recognize you as you travel from one website to the next by merging all of this information into a fingerprint. Several fingerprinting investigations have discovered that 80 to 90 percent of browser fingerprints are unique. Advertising technology businesses that install their code into websites frequently perform fingerprinting. Hundreds of ad tech companies use fingerprinting code, which takes the shape of scripts like the FingerprintJS library, to collect data about your internet activities. Websites with fingerprinting scripts may be unaware of their presence. And the corporations' tracking methods are sometimes opaque and imprecise.

Once a fingerprint is established, it may be linked to additional personal data. Such as information from previous profiles or data that unscrupulous data brokers may have on file for you. "There are so many data sets accessible now, and so many more techniques to connect your fingerprint with other identifying information," says Nataliia Bielova, a research scientist at France's National Institute for Research in Digital Science and Technology CNIL, the country's data regulator.

The evolution of fingerprinting coincides with the growth of web browsers and has historical linkages to the web. According to Bielova, who has researched the evolution of fingerprinting, as browsers progressed, they exchanged more information about users' device settings with servers via APIs and HTTP headers. The Electronic Frontier Foundation (EFF) established fingerprinting at the beginning of 2010. Since then, fingerprinting has grown in popularity as businesses try to get around cookie limitations and ad tracking limits put in place by Google and Apple.

How awful is it, then?

Although little is known about the companies that use fingerprinting software, the practice is unquestionably widespread online. Your device will be fingerprinted by many of the websites you visit; according to 2020 research. 25% of the top 10,000 websites in the world are using fingerprinting software.

Additionally, new fingerprinting methods are being developed. Gaston Pugliese, a research fellow at Friedrich-Alexander-Universität in Germany who has looked into fingerprinting's long-term effects, asserts that "the current fingerprinting algorithms are not the upper limit in terms of trackability." For example, earlier last year, researchers demonstrated that they could construct GPU fingerprints to identify people. It is also feasible to track users across many browsers.

However, not all fingerprinting is harmful. According to David Emm, a chief security researcher at Kaspersky, the approach is frequently used to detect possible fraud, such as banks employing it to identify suspicious activity.

The extensive use of fingerprinting for targeted advertising and tracking people's internet movements, on the other hand, poses legal concerns. Across Europe, regulators have called for a crackdown on cookie banners. It shows on websites and asks visitors if they want to be followed. Because the ads are so common (and annoying), most consumers click Accept without realizing what they are consenting to be tracked. Not to mention the possibility that many cookie banners won't even deliver on their promises.

Elle Todd, a partner at the law firm Reed Smith who specializes in data and technology, claims that in Europe. Fingerprinting is subject to the same marketing and general data protection regulations as cookies. Todd asserts that many websites fail to warn visitors that they may be monitored by fingerprinting. Even though European authorities have warned that fingerprinting "presents substantial data protection concerns" since 2014. She continues, "I think many companies don't understand, and they think this is a great method to get past the cookie regulations.

How can it be stopped?

Fingerprinting is harder to eliminate than cookies. Your browser saves cookies, and you may clear your cookie history, prevent them, or turn them off. Emm says, "With fingerprinting, everything is invisible." "People do not see it; they are oblivious of it." The EFF compared fingerprinting to "a cookie that cannot be deleted" when it first explored the topic in 2010.

Numerous browser add-ons claim to help prevent or eliminate fingerprinting, however, the quality varies. A 2019 study by two US academics and a researcher from Snap found that many anti-fingerprinting tactics are useless. Using a browser with privacy-enhancing features that limit monitoring is the most crucial step you can take to protect yourself from fingerprinting.

"The technique of the Tor browser is the most promising solution that is also included in browsers nowadays," Pugliese argues. Tor attempts to unify all aspects of its browser to ensure that everyone seems to have the same fingerprint. Tor isn't always feasible; some websites may crash, and many businesses will not allow it on their internal networks. Other browsers, such as Firefox and Brave, use their anti-fingerprinting techniques. Firefox restricts third-party queries to fingerprint firms, but Brave adds noise by randomizing fingerprints.

"Browsers will have to develop in the fingerprinting domain," says Firefox's Vyas, adding that anti-fingerprinting technology must alter in a way that does not destroy portions of the web. More regulatory action would also aid in the abolition of tracking. "It would benefit us if we had legislation backing that indicated 'these fingerprinting technologies and scripts are illegal.'"

Tags: , , , ,