Most people do not like to have their online internet history being tracked by either government or private entities, but it is now an accepted part of life. Trackers that come to mind are typically Google or Facebook, but there are also thousands of known marketing companies with tracking networks.
How most tracking operations work is by installing cookies on users’ web browsers as a method of marketing them for their internal networks. When users visit other websites, even if they are completely unrelated, their browsing history will be recorded if each website is affiliated with the marketing company.
This information is often shared (for a price) with other companies to create a well-detailed profile of each person. This allows companies to serve ads to meet the users’ interests and needs. It can also be used for more sinister purposes, such as selling profiles to scammers, bill collectors, or even governments.
Why Tracking Should be Discouraged
- Lack of Transparency – Most websites that include third-party tracking cookies will not disclose the fact to their users. Many websites that actually do disclose the fact will have it tucked away in their privacy policies.
- Invasion of Privacy – Advanced linked networks are being built to create user profiles, which can possibly be used to link data to real-life identities. If such data is used by oppressive governments, it can mean much more than spam emails.
- Breach of Security – Websites that surrender their users to tracking affiliates will also give the networks access to embed code on their page. There have been cases where the malicious code had been embedded within ad networks, like cryptocurrency miners or ransomware.
Hidden tracking cookies are not only found on shady websites and spam blogs. Many top e-commerce, news, or social media websites also use such tracking tactics without being transparent with users.
For example, a popular sweatshirt e-commerce store (which the name will not be disclosed) has a very clean appearance without banner ads in sight. Upon inspection using a tracker-exposing browser add-on, there are third-party cookies from 25 different domains. These domains include both top-level advertising trackers like Google or Bing while also including some unfamiliar names.
Online banking websites have the highest standards for security to protect the accounts of their clients, but the same is not necessarily true for privacy. An inspection of a client login portal of an unnamed international bank shows tracking cookies for Webtrekk and Google Analytics embedded into the page.
Being exposed to a number of trackers on such innocent looking websites is eerie should be considered a violation of one’s privacy. Unfortunately, it is legal in most places and most websites (approximately 68%) toss users out to the advertising sharks.
How to Block Trackers
Identifying trackers is not all that useful if they are still tracking you. This is why you must block them within your web browser, which can be done in a variety of ways.
Blocking third-party cookies is easily done in the options of most browsers and can mitigate the tracking methods of most networks. Trackers can still bypass this by fingerprinting UID information from the web browser. Ghostery 8 has a UID removal option that can thwart this method completely.
The majority of the websites online will include third-party tracking cookies, but it is still easily mitigated thanks to the contributions privacy advocates. Although many of the top tracking companies prefer to remain within the legal limits, there are still many gray-hat companies developing exploits to take it to the next level. Keeping up with the latest security news and keeping your anti-tracking extensions up-to-date is the best that an end user can do to mitigate it.