Internet Tracking and How to Safeguard Your Privacy

Ever notice when you do a search for something – let’s say you’re evaluating office furniture – and suddenly you’re seeing ads for office furniture everywhere you go online? To many, it can seem very creepy, but internet tracking is something that’s been happening for years. These days, it’s common practice for websites and browsers to use tools that collect your online activity, including where you engage most, the types of products you’re interested in, the kind of entertainment you enjoy, etc. It’s also a way for websites to generate revenue streams by selling your data to online advertisers.

That last sentence is what gives people a lot of heartburn because who knows where their data is being sold. This creates a lack of privacy and can open the door to cybersecurity threats. That’s why it’s important to educate yourself on internet tracking, how it works and the risks it may bring. Read on to get the scoop.

How does internet tracking work?

When we browse the internet, we have a unique, identifiable address – our IP address – which is given to us by our internet service provider (ISP). When we ask our browser to retrieve information from a resource across the internet, such as a link to a website that sells office furniture, your IP address is required to access that website.

“Imagine a tiny operator inside of your computing device sending a message out across the wire: ‘This is IP address XXX.XXX.XXX.XXX asking for [office furniture website].com, which I understand to be at IP address YYY.YYY.YYY.YYY,’” said Mike Pedrick, VP of Cybersecurity Consulting at Nuspire. “That message, including source and destination information (in addition to other information as gathered by your browser, your ISP and other sources) passes through potentially hundreds of devices before it finds the server that’s responsible for sending back the content associated with the link you clicked.”

Each of those devices, owned by various groups, enterprises and utility providers, has the capability of recording that information. It isn’t too much of a stretch to imagine that there are entities that know every time your IP address asked for a specific website and at what day/time. Internet tracking can capture highly specific information, which we talk about next.

What information is being tracked online?

Some of the information your browser has the ability to reference seems innocuous – the operating system and basic hardware specifications for the device you’re using, for example. Other information, however, includes the configuration of your browser, such as location information (implied by your IP address, but your browser knows more), installed plugins and any settings you may have enabled to protect your privacy.

Ever wondered how online publications know you’re running an ad blocker? Your browser told them. Combined, these data points provide a unique profile from which the owners of the sites you browse can tie activities they see (e.g., what articles you clicked through to or purchases you have made) to your unique profile and draw conclusions accordingly.

“There’s a tremendous amount of statistical analysis occurring behind the scenes,” said Mike. “What’s presented to you is designed specifically to align with your interests based on what history has been gathered about you and people whose online behavior resembled yours.”

Internet tracking can be done in a variety of ways, but the most popular is cookies. Cookies are very small files that get saved to your system as you browse a site. Some cookies make sense. For example, if you sign into your bank’s website to review your account, a cookie is saved directly on the website to remember your identity and preferences. If the cookie is deleted, the site doesn’t remember your preferences and your experience reverts to a default state. Retailers often use cookies to provide helpful suggestions (e.g., “Based on what you recently looked at, here’s some other items you might be interested in.”). Cookies are quite popular, with more than 40 percent of websites using them.

However, some cookies store data in a separate location that’s accessible to third parties. This is why you’ll see office furniture ads on your social media after you’ve searched for and visited an office furniture website. Data suggests 80 percent of web traffic contain third-party cookies.

What are the cybersecurity implications of internet tracking?

Internet tracking collects personal data – information about who you are, what you like, what you do and where you go on a regular basis – and that’s a hot commodity to advertisers.

When you accept third-party cookies, that means you’ve agreed to have your user data given to a third party that’s charged with protecting it. The problem is, that third party may not have the cybersecurity maturity to keep your data safe, or could user your data to support shady business practices (the Cambridge Analytica scandal is a good example).

“Personal data isn’t just used to present you with a lighthearted video of someone spinning around in their office chair or the revelation of a new anti-anxiety medication, but also to feed corporations’ voracious data analytics appetites,” said Mike. “For as long as it is lucrative to collect data on you, that data will be collected.”

Recommendations to support data security and privacy

• Be diligent by blocking what you can and practicing good hygiene when it comes to your identity and contact information.
• Think carefully about what sites you visit, and even more carefully about what sites you create accounts on.
• Consider the use of browser plugins that block ads and the use of cookies, too – there are many browsers available that value privacy.
• Employ VPNs wherever possible but remember that the VPN provider still has access to information about you, so choose carefully.

Finally, remember that no one will protect your privacy FOR you. For more guidance, consult an information security/privacy professional.