Every day through the computer, mobile phone, and other digital devices, people leave behind hundreds of digital traces (also called data traces). Bits of information about the users are created, stored, and collected through the interaction between our digital devices and the internet or related technologies.
When your digital traces are put together to create stories about you or profiles of you, these become your digital shadows. These can give others huge insight into your life, and they can also be totally wrong. Either way, once they’re out there, they are almost impossible to control.
When you visit a website, third-party trackers (cookies, web beacons, flash cookies, pixel tags, etc) get stored on your computer.
How many trackers exist on any given website depends on how many the website owner has decided to include. Some websites will have over 60 trackers, belonging to a multitude of companies, while others might have only one – perhaps to track visitor numbers, or see where these visitors are coming from, or to enable a certain functionality. Some might have none at all.
Not all trackers are necessarily tied to companies tracking your browsing habits – but when you ‘accept cookies’, you’re saying ok to all the trackers that are there – including those feeding information back to companies.
What is being collected, and why?
Trackers collect information about which websites you’re visiting, as well as information about your devices.
One tracker might be there to give the website owner insight into her website traffic, but the rest belong to companies whose primary goal is to build up a profile of who you are: how old you are, where you live, what you read, and what you’re interested in. This information can then be packaged and sold to others: advertisers, other companies, or governments.
The companies tracking you are unrelated to the website you’re visiting. Called “data brokers”, they tend to have stock-market sounding names like DoubleClick, ComScore, and cXense (though DoubleClick is actually owned by Google). Their entire business is built on the selling of “customer data”.
They are also joined by more well-known companies. Some of these are even visible: Google’s red G+ button, for example, is a tracker; Facebook’s “like” thumb is a tracker; Twitter’s little blue bird is also a tracker.
How can a company track my devices across the web?
Most companies will probably fingerprint your browser, which will then enable them to identify you across the internet.
Trackers are able to collect a lot of information about your device, including Your IP address, browser history, screen size, time-zone, plug-ins, and operating system. The special constellation of all these elements in your ‘browser fingerprint’.
You might be surprised to see how unique your browser is. To test your browser fingerprint, go to EFF’s Panopticlick tool and click “Test Me“. When we tested the browser of a random mobile phone, only one in almost 3 million other browsers had the same fingerprint, from the vast Panopticlick database of tested browsers.
If a company has trackers in lots of different websites across the internet, they can recognise you by this fingerprint.
You can also be tracked across the internet over time by way of special trackers that “stick” in your browser – instead of disappearing when you leave a website.
How do companies connect my devices to me?
It’s really not so hard. If you log in to websites or your email or use social media, that’s enough.
The myth of ‘anonymisation’
Most companies claim that they don’t identify you by name when they hand over a profile of you – but what does that really mean, when you can be identified easily through all the other information included?
All of this might look harmless if you’re just browsing the internet for, say, a new jacket – but what if you went to a health website for advice on living with HIV or depression or a forum on dealing with chronic debt? Where is this information going to end up?
SEE FOR YOURSELF WHO IS TRACKING YOU
Lightbeam is an add-on for Firefox that shows you which third parties are present when you visit a website. If you then go to a new website, Lightbeam will show you not just which third parties are active on that site, but which third parties have seen you on both sites; and so on as you visit more websites.
You can install it through Firefox’s main menu, or go to Lightbeam –> add to Firefox
To start it up, click on the Lightbeam icon at the top of your browser → browse the internet for a while → check the visualisation.
Trackography (Tactical Tech project)
News websites are a great source of information about you. What newspaper you read, and which articles, can say a lot about your political views, general interests and even things like your sexuality or religious affiliations.
Trackography allows you to see who is tracking you when you read the news online – among other things, like which countries your data travels through along the way.
Seeing how wrong these profiles can be
Getting hold of your data allows you to see not only how much personal information – a lot of which you have assumed was private – a company is keeping on you, but it also allows you to see how inaccurate their portrayals of you can be.
Researcher Eve Ahearn, for example, was surprised to discover that “they think I am my own child. Or somehow, that I have a 16-17-year-old female daughter I didn’t know about”. The company she requested her profile from had tracked her over time but recorded two people living in the same house. In fact, both were her – just her at different ages.
Note: when you request your profile, companies will ask for personal information to confirm your identity. This will give these companies more data, or confirm existing information they have about you.