Update: Google is planning some changes to its Chrome browser that reflect some of the user concerns discussed in my post. For more information: https://techcrunch.com/2019/05/07/googles-chrome-will-soon-get-new-privacy-features-with-better-cookie-controls-and-anti-fingerprinting-tech/


The average American adult spends 11 hours a day on some type of digital media. A lot of that time is spent watching videos through platforms like Amazon Prime or Netflix, or reading content on news sites.

And then there are social media sites:

  • Approximately two thirds of American adults use Facebook, most of them daily.
  • 75% of American adults (and 94% of those in the 18 to 24 age bracket) use YouTube.
  • 50% of Americans with a college degree use LinkedIn.

But this post isn’t a lecture about how much time we spend online. I threw the statistics out there to set the stage for my main point: The more you use the internet, the more you feed the internet gods that follow you around, track your activity, and analyze it in a gazillion different ways. So I want to chat about online privacy and raise your awareness of what’s going on behind the scenes while you’re clicking away at home.

How the internet knows you better than you know yourself

The internet basically launders money (in the form of data) for advertisers. The more data a platform like Facebook or Instagram has on you, the more they can charge for highly targeted ad space. They have a myriad of ways of getting that data, and the general public is sadly unaware of many of them.

So let’s catch up, shall we? Here are a few of the ways the internet tracks your online activities:

Cookies

Most of us are so used to cookies that we click right through those notices that pop up on websites. But I think it’s time for a refresher on what cookies are really about.

Cookies are tiny pieces of data stored on your computer by the sites you visit. They help the site “remember” that you’ve been there before and what you did while you were there. Cookies help sites display suggested items based on what you’ve looked at or clicked on before.

Browser fingerprinting

Any time you visit a website, the device you’re using hands over a whole bunch of information: your operating system, your browser type and version, whether you have any active plugins, your timezone, your browser history, etc.

What’s the big deal? Well, the odds of two browsers having exactly the same configuration is approximately 1 in 286,777. All that’s left is to match that data to a known individual. If you’ve ever logged into a website that asked for your name, phone number, etc. (and who hasn’t?), your so-called “fingerprint” is now associated with your identity. No more anonymity for you!

Tracking pixels

Also sometimes called “web beacons” or “clear gifs,” these one-pixel images record a user’s online activity and even notify an advertiser if the you open one of their emails.

Geolocation

geolocationWhile most of us would be justifiably alarmed at the thought of “men in black” from the government following our every footstep, we broadcast that information freely through our cell phones all the time. More than 1,000 apps reportedly track your location through your phone, and they’re so useful that we rarely stop to think about the tradeoff in online privacy. Apps like Around Me couldn’t function without knowing your location. Neither could apps that help you locate your friends or direct you back to your parked car.

But geolocation tracking can also be used for purposes that aren’t so pure. Would-be thieves who get their hands on location data can tell when you’re not home. Divorce lawyers love geolocation tracking because it can be used to prove infidelity. And would-be employers might factor your weekly visits to a cancer clinic into their hiring decision.

Big data inference

Here’s where it gets kind of scary. Even if you try to be careful about online privacy and security, the internet machine isn’t dependent on specific facts you post. Big data algorithms gather tidbits of information and put them together to draw all sorts of conclusions about you: your mood, your health, your intention to change jobs or get a puppy, your religious or political affiliations, etc. What most people don’t realize is that inferred data doesn’t just consider the things you’ve explicitly said or posted online. It uses machine learning to draw conclusions, and it’s surprisingly accurate. In 2017, for example, academic researchers were able to use data from 40,000 Instagram photos to accurately predict depression in a group of 166 users.

Inferred data is also used to group you with people like yourself. And that’s when it can get weird. There have been reports of Facebook making friend recommendations among patients of the same psychiatrist or, even worse, the person your spouse is cheating on you with.

A little help from your friends…

social media privacyHave you ever downloaded an app only to see a screen asking permission to access your friends list, contact information, etc.? When you click “Yes,” you’re feeding the hungry data gods with your friends’ information. The app, Facebook, and other social media outlets will try to match that information to a profile they already have, giving them even more insight into that particular user. If they can’t match it to a known profile, they’ll use the individual’s phone number (from your contact list) to assign the user a shadow profile. Together with tracking pixels, they’ll record the user’s online activity and, eventually, place them in a social circle of people with similar online habits.

Third-party trackers

If I haven’t scared you away from your computer yet, hold on to your seat! Third-party tracking is when someone other than the site a user visits tracks the user’s activity on that site and, possibly, across the entire internet. If you have a favorite news site, for example, you probably expect that it tracks your activity across the site. What you may not know is that it’s made a deal with a third party to either sell them that information or for the third party to add its own tracking pixel that, from that point on, follows you everywhere you go.

But what about online privacy and security?

privacyAs users realize just how revealing their online activity is, demands for privacy are increasing. Laws like the EU’s General Data Protection Regulation and the California Consumer Privacy Act have made great strides by restricting the type of data that can be collected (there must be a demonstrable business need) and by requiring businesses to get explicit consent for each use of a person’s data. Other countries are working on similar laws.

In the U.S., it’s still buyer beware. Even if a business’s Terms of Use explain in detail how they gather, use, and store data, most of us don’t bother to read them. Of those who do, many will accept the terms if it’s the only way they can get the product or service they want.

While we’re still grappling with privacy laws, here are a few things you can do to maintain your privacy:

  • Use a tool like Firefox’s Lightbeam or Chrome’s TrackingObserver extensions to see just who’s tracking your online activity (first- and third-party).
  • Block any unwanted tracking. Start by making sure you have the most up-to-date version of your browser and reviewing your privacy settings. Some browsers have updated their options, giving you the ability to block third-party trackers, for instance. If you want even more protection, see what’s available in your browser’s extension store.
  • Take a course like this one from Udemy on how to protect your privacy online.

In 2019, it’s almost impossible to completely avoid the internet. Even if you could, the giant data machine can learn about you in other ways, like when a friend tags you in a photo. So until our laws catch up with our technology, my advice is to take these steps to protect as much of your internet privacy as you can and, other than that, just be aware of what’s going on out there. Don’t let the illusion of privacy make you too comfortable online.