What is web tracking, anyway?
Web tracking, or internet tracking, refers to the techniques used by websites and web services to monitor their users’ activity, thus gathering valuable information about them.
Although they might have other connotations in the field of information technology, those expressions are used interchangeably in many cases, as well as website tracking.
After all, websites are the most common medium for web tracking. That’s why this article focuses primarily on that particular type of internet tracking.
Who is tracking you on the internet?
Virtually everyone is tracking you on the Web. Websites, mobile apps, web applications, and every other service or tool connected to the internet is probably tracking your activity.
Here’s a non-exhaustive list of web services keeping records of your actions:
- The websites you visit;
- The mobile apps you have installed on your devices;
- Your telecommunication carrier;
- Your internet service provider (ISP);
- The browser you use to access the internet;
- The social media where you maintain personal accounts;
- The search engine where you type your queries;
How do companies track you online?
Companies use modern software called “web trackers” to monitor visitors’ activities throughout their websites. Trackers apply different profiling methods to collect and store data from users as they interact with the content on the watched web pages.
To give you a clearer idea of who is tracking you, it’s essential to distinguish between first-party trackers and third-party trackers. But first, we need to know what a tracker is.
What is a web tracker?
Web tracker is a type of software specifically designed to allow web usage tracking. Those are the tools that permit applications and website owners to collect users’ data.
The most popular internet tracker is Google Analytics, used by almost 65% of the top 10,000 sites with web analytics technologies [1].
Like most of Google’s tools, Analytics is free to use. But, for people like you and me, it means the big G is getting enormous volumes of data from the web properties it monitors.
First-party trackers vs. Third-party trackers
In this scenario, websites are first-party trackers, as they are in direct contact with the visitor. Google Analytics and other tracking software are third-party trackers, therefore.
While you can have some control over your “relationship” with the companies whose websites you visit, that’s hardly the case with third-party corporations.
How does web tracking work?
Internet tracking works in many ways. Unlike other situations where you voluntarily share information, websites have constantly been tracking visitors in the background without their consent.
Modern tracking solutions can provide cross-device tracking and record a person’s web activities across different devices and web services. There are many web tracking techniques. However, those are the most used ones:
HTTP cookies
Internet cookies are pieces of data placed on peoples’ devices by websites to help identify visitors and keep track of their activity. The essential visitor tracking method deployed by websites is the use of HTTP cookies in web browsers.
Cookies can last only a few minutes (session cookies) or through extended periods (persistent cookies) before expiring. While active, those snippets of code can store numerous personal details based on visitor’s behavior.
Some tools use more advanced mechanisms, like supercookies and zombie cookies, that are more difficult to block and erase. For that reason, they represent higher privacy and security risks.
IP address identification
Every device connected to the internet has a unique identifier or address. This is required so machines can communicate with each other appropriately.
Through this number, though, it’s also possible to recognize the device, monitor its activity individually, and point its geographical location.
The most effective way to hide your actual IP address is to use a virtual private network (VPN).
Digital fingerprinting
Digital fingerprinting is the technique of collecting data about a device’s underlying hardware and software to identify its uniqueness. Simply put, every device has particular configurations and settings that make it unique in most cases.
By retrieving details like the device model, browser version, time zone, language preferences, active browser extensions, screen resolution, it’s possible to create an accurate machine profile with possibly no equivalents.
The Electronic Frontier Foundation (EFF) provides a free tool to test if your browser has a unique identifiable fingerprint [2].
This method is commonly denominated browser fingerprinting, as the profiling information is usually obtained through interaction with the device’s browser.
In addition, however, it can also be called canvas fingerprinting, when data is retrieved through the HTML5 Canvas element, used to describe image rendering preferences.
Web beacons & tracking pixels
Web beacons or web bugs are digital tags embedded in a web page or email to log visitors’ actions. Usually, these bugs consist of a small 1 square pixel image and a script.
When a person accesses the designated content or page, the tracking pixel is fired, sending data back to the Tracker.
The most well-known example of that kind of tracking mechanism you’ve likely heard about is the Facebook pixel.
Why do companies track you online?
Companies track you because they need your data. Obtaining insight about its customers is critical for any enterprise, no matter its size or industry.
There are many specific reasons why they track, store and share people’s personal details:
Advertisers use data to craft segmented and personalized messages to their audiences, thus, increasing conversions and revenue;
Web analytics software use data retrieved from traffic and interactions to understand users’ behavior, thus, improving content and sales;
Website performance may be directly tied to some particular user setting. For example, language preferences can be used to redirect the visitor to the most suitable page version. A cookie can also be implemented to maintain the user logged in between sessions;
Usability testing for prototypes and newly created products can be helpful to get insights for better design and user experience (UX).
Those are understandable reasons for web tracking, especially from a business perspective. But it can be pretty beneficial for individuals in many situations, as well. Think about parents having the ability to monitor their children’s browsing for safety.
But the problem is what limits we can impose on that practice, so web tracking doesn’t harm your right to privacy and, potentially, your personal life.
Why is internet tracking bad?
To a reasonable extent, it’s not really a primary concern for customers. But it all begins to be a huge problem considering almost every website tracks its visitors and shares the collected data with third parties. That means other companies you have no clue about are also following you and storing your digital fingerprints.
We’re living in the Information Age. Today, nothing has more value than data. Tech companies like Google and Amazon early envisioned the importance and power of data. Google has intentionally built its foundations on free services to gain access to its users’ personal and behavioral data [3].
“These programs were never about terrorism: they’re about economic spying, social control, and diplomatic manipulation. They’re about power.”
Edward Snowden, NSA’s surveillance whistleblower [4]
Each move you make online leaves pieces of information behind. These traces allow the owners of those web properties (sites, apps, web services) to gather information about any person online.
The free services people constantly interact with online know a lot about them. E-commerce stores, for their turn, have much more information on their customers than purchase history and account details tell.
In addition, governmental agencies track individuals’ activities to, allegedly, prevent and solve crimes. Massive surveillance programs have been operating for years with the collaboration of those same giant companies [5].
Is web tracking an acceptable practice or a privacy risk?
Cumbersome volumes of data about internet users are being collected, stored, shared, processed, and used daily. Although the websites you visit are the most apparent snoopers, there’s always third-party software running in parallel, mining data and sending it elsewhere.
As a result, there’s plenty of personally identifiable information (PII) about you available to many other corporations besides those you are directly dealing with. With thousands of data points linked to each person, it’s possible to build pretty complete profiles of internet users.
All that knowledge may represent a considerable risk on several fronts. As the phrase says, “Knowledge is power.” Therefore, massive amounts of personal private data available to governments and companies can create unfair and potentially dangerous advantages.
That was clearly the case with the scandal involving Cambridge Analytica and Facebook [6] in the context of the US election, for example.
What information do websites collect about visitors?
Websites can collect a lot of personal data. It all depends on your device’s settings, the privacy protection tools you use, and the actions you take while browsing. As soon as you land on a page, a website can instantly retrieve your IP address and, as a result, your geographical location.
While your interact with its content, it starts to collect and store data about your behavior, interests, and preferences. Trackers can gather information to build a pretty accurate user profile based upon evidence like views, clicks, searches, and browsing history.
Is web tracking illegal?
Web tracking is a legal practice. But a controversial one. Thanks to digital rights advocates, whistleblowers, and privacy-conscious representatives, the subject has fostered intense public debate over the years.
Governments have been pressured to address these issues in many countries, and their actions have resulted in regional data protection laws in some cases. As a result, what used to be a virtual wild west is a much more regulated environment these days.
Internet privacy laws and digital rights
Privacy laws such as the California Consumer Privacy Act (CCPA) [7] and the European General Data Protection Regulation (GDPR) [8] have offered hope in this scenario. Now, websites need users’ consent to collect and store data, at least in theory.
Websites defend web tracking as a necessary measure. Some cookies are simply labeled as “necessary” and cannot be removed by the users. They are usually associated with user experience and site functionality.
However, the main driver for businesses, as usual, is actually revenue. Therefore, it became common to see disclaimers stating that those practices are essential to keep the content “free” to the user.
Despite the recent improvements in regulation, it’s still challenging to find viable and ethical solutions considering all the interests involved. Aggressive marketing, unscrupulous advertising practices, and global surveillance alliances still represent considerable risks to digital rights, especially to privacy.
Frequent data breaches and personal information exposure scandals endorse there’s still a lot to be done in that regard.
How to stop internet tracking?
There are several actions you can take to stop web tracking and protect your privacy. Those actions range from simple settings tweaks on your browser, like blocking cookies, to more advanced tactics, such as using a VPN service to hide your IP address.
Clear your browser cookies regularly
It’s a minor measure to the extent of the problem, but still a good start. Although it might not eliminate more complex cookies, it will help clean up the mess right off the bat.
You should also clear your browser’s cache frequently. Doing so every week may be a significant improvement for your privacy protection.
If you don’t know how to do this, you can find one of the many easy-to-follow tutorials online [9] to help with the process for your particular browser.
Adjust your browser’s privacy settings
All major browsers have built-in settings that allow you to control your privacy preferences better. Just spend some minutes understanding the settings and options at your disposal. You can configure it to send websites a Do Not Track message, for example.
Again, you can take advantage of how-to articles as references. But be aware that some mainstream browsers are more beneficial than others in terms of privacy protection. That’s the case for Mozilla’s Firefox [10], for example.
Switch to a privacy-focused browser
Better yet than adjusting your privacy settings is to use a dedicated browser to protect your data. This type of software provides safe and private browsing, guarding you against tacking scripts.
Browsers like Epic [11] are well-suited for that task as they are privacy-concerned by design.
Manage consent for cookies
Dedicate a few seconds to tweak your preferences before accepting every website’s privacy policy. I know it’s tempting to click the button right away; after all, they are meant for it.
However, if you don’t have time to read their terms, at least you should take a look at the settings.
In theory, websites have to offer a straightforward and easy way for you to consent or opt-out the first time you visit.
To make it easier and give you a head start, install the Ghostery extension to your browser [12]. It’s a pretty handy browser extension. Through its simple interface, you’ll be able to see who is already tracking you and remove unwanted cookies.
Use proxy servers
A proxy is an intermediary machine between your device and the website server. It can disguise your IP into a different one. It’s an excellent way to give trackers the wrong breadcrumbs to follow.
Proxies have some limitations, though, making the next option, VPNs, a better-suited solution for your privacy concerns.
Use Virtual Private Networks (VPNs)
VPNs are powerful tools to help with your privacy and security online. Like proxies, VPNs can easily spoof your IP address, making it much more difficult for trackers to follow you around and sniff in your life. Actually, some VPN providers also offer free-to-use browser extensions that act as proxies.
Among several other benefits, they also encrypt your traffic data, assuring higher security while limiting the information trackers will collect. A good VPN can also offer you workarounds to surveillance technologies deployed by shady corporations and governments.
Many VPN services also come with additional features like Ad and Malware blockers. All those functionalities together make VPNs a great choice, as they can handle most of the modern web tracking methods.
References and additional resources
- SimilarTech. Web Analytics technologies market share.
- Cover Your Tracks. Electronic Frontier Foundation (EFF)’s Tracking and Fingerprint testing tool.
- My Google Activity. What Google recorded from your browsing activities.
- Edward Snowden. An Open Letter to the People of Brazil.
- NSA Prism program taps in to user data of Apple, Google and others. The Guardian, 7 Jun 2013. Website.
- Facebook–Cambridge Analytica data scandal. Wikipedia article.
- California Consumer Privacy Act (CCPA).
- European General Data Protection Regulation (GDPR).
- How to Clear Cache and Cookies. WikiHow how-to article.
- Mozilla’s Firefox Browser. Free download.
- Epic Privacy Browser. Free download.
- Ghostery browser extension. Add-on installation page.