Web Tracking

It's been around three months now since I made my first foray into the wide world of web tracking. I think I've read around 20 papers so far on the topic, yet I still find myself regularly coming across new information to further deepen my knowledge on the topic.

I've always been a privacy advocate; we desire privacy in the physical world, and the digital world is no different. We don't all have the level of privacy that we desire in the physical world, though more often than not we're starkly aware of where such privacy is being infringed upon. The digital world is an entirely different landscape. Here are some things that have particularly stuck out at me:

  1. Tracking is everywhere.
  2. The vast majority of internet users are unaware of the tracking going on.
  3. Defending against tracking is not trivial.

There are two main branches of tracking: first-party tracking, and third-party tracking.

First-party tracking is when you visit a website, and that website tracks you as you navigate their website. The simple (and almost robust) way to avoid first-party tracking is to not visit specific sites. Don't trust the New York Times? Simply don't visit their site.

Third-party tracking, on the other hand, is where all the fun happens. Third-party sites are called constantly. Visit something like nytimes.com, and resources from two dozen other domains are loaded, providing tools such as sharing buttons, A/B testing, advertisements, analytics and more. They're not all trackers, but many of them are, and they're loaded silently without explicitly asking you and without specifically notifying you.

These third-party sites have at their disposal a number of techniques they can use to 'mark' you and watch you as you browse different sites that they are loaded on. That is what I'm investigating further. It's not easy, but it is supremely interesting, and for a privacy advocate like myself, it's something that needs to be understood and communicated to the public better. Here's to hoping.