How to Stop Others from Tracking Your Browser Activity
As you browse the web, your browsing activities may be monitored and aggregated by third-party agents with or without your consent. The phenomenon is known as browser or online tracking, in which websites and advertisers team up to gather your browsing data in order to build up a detailed profile of your interests for commercial gain. It’s so stealthily done that you rarely get to experience the uncanny feeling of being watched; the feeling you get when you suddenly realize that lots of strangers are peeping at you through your windows or that you are being followed around by lots of salespeople in a store.
Techniques commonly used
They use all sorts of techniques such as web beacons, server logs, tracking scripts, user agents, cookies, and browser fingerprinting to track your browsing activities.
Web beacons are tiny graphic images embedded on web pages that alert the server when the page is loaded. Ad companies use these beacons to tell who opened a web page or email and when. This is why most email applications will ask you if you trust the sender before it displays images.
Server logs is another browser tracking technique used to keep track of requests web servers receive from browsers such as what page was loaded and when, what site the browser was on before it came to that page (http referrer), and the internet address (for location tracking).
Browser user agents
Browser user agents are small applications that reveal information about the browser properties and the underlying operating system. This allows advertisers to gather intelligence about the identity of website visitors.
Cookies are the most prominent browser tracking technologies known to man. A cookie is basically a small string of text stored on your computer by the sites you visit that uniquely identifies your browser.
When a website sees the string of text is set in a cookie, it knows the browser is one it has seen before. Advertisers use this technology to monitor user browsing behavior in order to target ads.
As user awareness about the intrusiveness of cookies grew, browser developers responded by adding “private browsing” mode to their products. Independent developers also started creating privacy-preserving plugins, and users gradually regained control of their privacy by learning to clear or sidestep cookies.
Like a cat-and-mouse game, the ad companies, in turn, resorted to a new technique that hides information (cookies) in Adobe Flash, which can be stored or retrieved whenever a user accesses a page containing a Flash application.
Like regular cookies, Flash cookies contain information that uniquely identifies your browser and can survive the clearing of normal cookies. The data hidden in the Flash cookies would then be used to restore the deleted normal cookies. Ad agencies relied on this clever tactic for a few years until researchers busted their shady practices.
In recent times, advertisers have shifted to a new powerful form of tracking that has more enduring information about user identity even if cookies are turned off or completely erased. This new technique is called browser or device fingerprinting. It allows a website to identify devices or visitors to the site via user browser configuration settings or other discernible characteristics. For example, if you visited a website yesterday and visit it again today, you could be identified by your browser fingerprint even if you cleared all cookies and disguised your IP address.
Browser fingerprinting stems from the concept of human fingerprinting used as a unique long-term marker of human identity. The assumption is that it would also be possible to uniquely distinguish between all computers on the Internet, without the explicit consent of the users themselves.
This is done by obtaining information about a user’s browser environment such as screen settings, browser name, version number, installed plugins, fonts and other properties in order to create a unique “fingerprint” of a user’s computer. The combination of these properties is unique for the vast majority of browsers.
Fingerprinting isn’t always unpleasant though, it can be used to combat click fraud or for user authentication and fraud prevention especially in online banking and retail sites. However, fingerprinting also presents a potential threat to users’ online privacy as it represents another front in a long-running battle to track users browsing behavior which can be quite intrusive if tied to any personally identifying information.
In the past, browser fingerprinting was limited to single browsers. However, researchers in early 2017 developed a state-of-the-art fingerprinting technique known as cross browser fingerprinting that is more accurate and works across multiple browsers on the same device. The implication is that even if you switch browsers, the ad companies can still recognize and track you.
How you can protect your privacy
A more effective means of lowering the risk of having a unique fingerprint would be to ensure your browser configuration blends with the rest. The more your browser configuration settings closely align with others on the Internet, the harder it is to identify you.
This is already happening with mobile device browsers, which can’t be uniquely customized to the extent that computer browsers can. Tor browsers have also been found to be very effective against cross-browser fingerprinting. You may use tools such as AmIUnique (single browsers fingerprinting) and Uniquemachine (cross browser fingerprinting) to learn how identifiable you are on the Internet. The EFF’s Panopticlick tool can also show you how well your browser is protected against fingerprinting and tracking in general.
You can also use a VPN service to mask your IP address and encrypt your browsing data.
“CyberGhost” has an advantage in this context as it claims to have anti fingerprinting feature that when enabled can help mitigate browser fingerprinting. Although VPNs mask your IP address, they won’t necessarily protect you from invisible trackers and ads. To protect against ubiquitous ad tracking, use ad blockers such as uBlock origin or Ghostry and tracking blockers such as DoNotTrackMe, PrivacyBadger or Disconnect.
To sum it all, as long as advertising remains a vital element of the Internet business model, it is suffice to say that browser tracking in general and fingerprinting, in particular, are here to stay. You have no choice but to embrace privacy-preserving technologies (including VPN) if you really care about your privacy.