Sunday, November 11, 2012

Privacy on the Internet: Tracking your browsing history

In a previous article, I gave an introduction to some privacy concepts. As always, it is important to know your enemy. Therefor in this article I will present a few tools and services concerning tracking browsing history. Do Not Track (DNT) tries to prevent tracking when cookies are enabled and Collusion shows you who is potentially tracking you with cookies, through web bugs, etc. Panopticlick demonstrates that it is even possible to track you on the Internet without cookies.


Do Not Track (DNT)

Do Not Track (DNT) is an option you can send with every request you make for a web page, asking web applications not to track you or not to track you cross-site. However, mind you: it is a request and does not oblige the web applications to obey this! Since Internet Explorer 10, it is enabled by default in that browser. If you want to activate it in your browser, you can find out how to do this on http://donottrack.us/.
Enabling this option might seem a good choice, but it also has adversary effects: it reduces the personalization of your Internet experience, since web applications that obey this will have less information about you (E.g. Google search history). Also, would you pay for your Facebook account? For informational websites? I guess not and while advertising on the Internet is sometimes seen as annoying, it provides many web applications with the means to offer us great services for free. Personalization of advertising might help to increase this revenue, although the exact increase remains unclear.

Collusion

Collusion for Firefox  - Collusion for Chrome

Collusion is a browser add-on that you can use to see who is tracking you across the Internet. With every website you visit, the add-on adds nodes to a graph, representing sites you have visited and sites that you have not visited. Edges in the graph show which site you have visited is informing other sites about your visit. This does not necessarily mean that the other sites are tracking you (e.g. a picture badge from another site shown on the website you visited is also noted in the graph), but if you have a closer look, it will be easy to make the difference: many websites inform the same advertisers, so these advertisers know the most about you: you will see many edges pointing to them and their nodes become larger in the graph.

Panopticlick


This website of the Electronic Frontier Foundation (EFF) shows that it is even possible to track your web history without cookies, as long as your web browser shares enough information with the web server. Information such as your web browser identification, screen size, available browser plugins, etc. can be useful and give you a better browsing experience, but if you give enough of this information (and most of us do!), the sum of all this information makes you unique and thus traceable across the Internet. Please visit their site and do the test to see it for yourself and to increase their sample size.

Conclusion

This article gives you some information on tracking on the Internet. With cookies it is very easy to do this, but many websites require the use of cookies, making it hard to just disable them. You can ask politely not to be tracked, but there is no guarantee that this request will be obeyed. On the other hand, even when you disable cookies it is difficult to completely prevent being tracked.
The best anti-tracking measure without technical knowledge is to use a different browser for activities you do not like to be tracked and to use stronger privacy in this browser. Delete the cookies after your session and let your browser ask before accepting cookies. Remember that even then you are not completely incognito!

1 comment:

  1. Thank you for such an informative post, I can really use this.

    ReplyDelete