Have you ever stopped to think how you're being tracked online? Ever wonder which websites are tracking you and what they're looking at? Well the answer is just about all of them and everything. Hacks and security incidents are more commonplace than ever, security and privacy issues are slowly being brought into the spotlight and as users it's time to wake up and take control. Understanding what's going on is step one and taking proactive measures is step two, get started today.
We heard from our friends at Abine.com that we neglected to include their free plugin called Do Not Track Plus in this infographic. While our infographic was never intended to be a comprehensive guide we know a bunch of Veracoders have used DNT+ and liked it, so check that one out too. Sorry for the oversight, Team Abine!
Add this Infographic to Your Website for FREE!
The Effect of a Single Click on the Web
1.When you visit a website, tiny tracking files record what you do online.
2.Tracking companies use these records to build a profile of your behavior
3.Often, the tracking company sells this information directly to advertisers
4.Your data is also made available on exchange networks where quite literally anyone can purchase your profile.
5.Your data can be combined with other sources of your personal data.
6.This is then sold to advertisers looking for consumers with your interests.
7.Advertisers buy ad space from websites at auctions.
8.Automated bidding is then conducted real-time as you browse the web.
1.A user visits a web page.
2.The visit is auctioned to the highest bidder.
3.The bidder is usually a technology broker acting on behalf of an advertiser.
4.If the user had browsed for Hawaii vacations, that person will see ads for hotel companies.
Websites you visit show you ads or other content based on the description of you in the dossiers that tracking companies have built and analyzed.
How BIG is the Online Advertising Business?
Annual Revenue, in Billions
2002 - $6.0
2003 - $7.3
2004 - $9.6
2005 - $12.5
2006 - $16.9
2007 - $21.2
2008 - $23.4
2009 - $22.7
2010 - $26.0
2011 - $31.7
CAGR - 20.3%
Where the $$$ are Spent
*Amount spent on ads each year
So Who is Tracking You on the Web?
The New York Times
The Huffington Post
Nearly every major website tracks you in some way!
*The sites listed are just a small selection of sites that track their visitors and sell or partner with companies that sell their information.
How They’re Tracking You
Cookies - A small piece of data sent from a website and stored in a user’s web browser while a user is browsing a website. Types of Cookies:
Strictly Necessary Cookies - Essential for the website to work
Functional Cookies - Social sharing and behavioral
Targeting Cookies - Full user tracking.
Pixel Trackers - A process that involves placing small 1x1 images on specific pages, so site owners will know when visitors load that specific page.
Deep Packet Inspection - Enables advanced network management, users service, and security functions as well as internet data mining, eavesdropping, and internet censorship.
Supercookies - Supercookies have the ability to re-create users’ profiles after regular cookies have been deleted.
Who Uses Which Methods?
Enterprise Companies Service Providers and Governments.
Google, Facebook, Youtube, Yahoo, Amazon
E-commerce sites, Affiliate Websites
What are Affiliate Sites? - Affiliate websites are the pitchmen of the Internet. They create websites that generate targeted traffic from search engines and social networks which they send to a merchant website selling a product of some sort. Tracking codes ensure that any sales made from these referrals generate a commission for the referring affiliate site!
What’s Next For Tracking Technology
Web Broswer Fingerprints
- a new tracking method.
Consumers and privacy advocates are forever concerned about the ways consumers can be tracked online. But it looks like one effective method has not gotten much attention to date: the browser.
The EFF’s Panopticlick projects analyzed 470,161 browsers
83.6% had an “instantaneously unique fingerprint”.
The number jumped to 94% for browsers using Adobe Flash and Oracle’s Java plug-ins.
In addition, only 1% of plug-in users’ had fingerprints that were seen more than once.
Privacy and Security Issues
Seven rights that the White House is calling for:
Respect for Context
Access and Accuracy
“Do Not Track” button - Federal Trade Commission issued a strong call to U.S. commercial data collectors to implement the button in web browsers by the end of the year.
European Legislation on Privacy and Cookies
The U.K.’s amended Privacy and Electronic Communication Regulations (PERC) Act 2011 was brought into force on May 26, 2011. The law stated, amongst other things, that companies operating in the E.U. and the U.K. must obtain consent from its website users to store information on a user’s equipment such as their computer or mobile device.
For the cookie law, the ICO - Information Commissioners Office - has the power to fine up to £500,000 ($780,000)!
5 Steps to Get Pro-Active About Privacy
install a browser plug-in like Collusion to see which and how many companies are tracking you over the course of a normal day.
Delete your browser cookies everyday.
Install plug-ins that block trackers like Ghostery, Disconnect, or Peer Block.
Use a Virtual Private Network (VPN) to add another layer to your internet use.
Voice your concerns to your local representative when Internet privacy issues are up for vote! Site like Privacy.org will keep you up to date.
Neil is a Marketing Technologist working on the Content and Corporate teams at Veracode. He currently focuses on Developer Awareness through strategic content creation. In his spare time you'll find him doting over his lovely wife and daughter. He is a Co-Owner of CrossFit Amoskeag in Bedford NH, his favorite topic is artificial intelligence, and his favorite food is pepperoni pizza.
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
Veracode is a leading provider of enterprise-class application security, seamlessly integrating agile security solutions for organizations around the globe. In addition to application security services and secure devops services, Veracode provides a full security assessment to ensure your website and applications are secure, and ensures full enterprise data protection. Application protection services from Veracode include white box testing, and mobile application security testing, with customized solutions that eliminate vulnerabilities at all points along the development life cycle.