Digital Hygiene Part 3: Tracking Mechanisms, What’s really going on?
There’s a huge compilation of connected parties and organizations that are sharing information and tracking your online activity: A lot of it is heading for automation and machine learning.
Be Aware of How Commercial Organizations Share Information and Track You
Tracking cookies are being developed and shared by websites to which you often have no direct connection to when surfing the Internet. This strategy aims to share analytical data, user behavior, and re-target Internet users for marketing and advertising purposes. All of this isn’t negative, and it can be to your advantage. The point is that as an individual, you need to always be aware that you are being tracked. The ARPANET (look it up) didn’t originally intend for this.
The Internet tracking industry is known for First and Third Party Cookies (the Second Party Cookies remain a mystery…). First Party Cookies are the ones that help us remember our login information, and what we have put in our virtual shopping cart. Then come the Third-Party Cookies. Technically, a Third-Party Cookie is connected to it’s Domain (simplified, – a domain is a website’s address on the Internet that you type into your browser’s address bar instead of a long sequence of digits); I figure that there’s no essential difference between a First-Party or Third-Party cookie (unless you actually read T&C’s and let’s get real, did you understand the language your apps’ last T&C’s communicated to you?), other than a random domain that you have connected to at some point in time.
Have you ever found that item you wanted and bought online? The next day, your browser is offering you similar products as you surf seemingly unconnected sites.
Your Private Digital Footprint is Reflected in your Region’s Digital Footprint
The splintering/cyber-Balkanization of the Internet is one of the results of this. Nations today are taking control of, and creating their own Internet regulations and tracking tactics. Countries and organizations have an internal motivation to eavesdrop and control all communication that spreads via the Internet. Balkanization is real and it represents a double edged sword that splits what is going on and being allowed on the Internet. How much freedom should be allowed on the Internet, and to what degree should the Internet be controlled by autonomous nations (i.e. via initiatives like the Yekaterinburg Treaty or the Shanghai Cooperative Organization) that lean on cyber treaties between countries. There is a growing concern of cyber security warfare between states and how it stunts Internet freedom of activity. Today, we are looking at increased usage of Firewalls and Gateways to prevent access to certain IP addresses, IP blocking, Routing, DNS filtering, URL and Packet filtering, as well as blocking a general web feed. Perhaps we are looking at a new emerging Internet with a multilateral top-down model where ICANN or the Council of Europe Convention on Cyber-crime is one of the several regulatory bodies. Kind of like the real-world military.
Your computer and cell phone is unique, and the way you use it is also unique. Fingerprinting basically looks at a user’s browser, device setup and configuration; things like resolution, fonts, screen size; algorithms can even figure out what finger you use and how you look at the screen.
I’ve heard people in the industry say that browser fingerprinting can be between 95% and 99% accurate. So even if you delete your cookies and cookie trackers, there are other alternatives to track you. All of this information is stored as a means to match you, and un-match you, and to confirm individual Internet user profiles.
There is even evidence to suggest that digital phenotyping based on user behavior can be used to predict the health of an online user – there are proven examples of algorithms being able to predict whether a user is showing early signs of Parkinson’s disease based on keyboard patterns and mouse movements. How amazing is that?
– As a side note, and some food for thought that is worth considering, don’t trust your cell phone. I.E. the cell phone you use has an IMEI number (International Mobile Equipment Identity) that is specific to that phone and can be tracked even if you remove your SIM card. It will follow you while you carry it. It’s kind of like a license plate on a car. It is unique to you. Tracking requires a power source, and that’s why I suspect more phones today cannot have their battery removed. If you think Flight Mode or turning off your phone makes you untraceable for whatever reason, think again.
One tracking initiative revolves around ultrasound beacons (can you say Alexa or Siri?). This method authorizes your device to send out high-pitched sounds when you visit a site that has this type of beacon installed (you’ve probably already accepted this when you last clicked on a random T&C promt). The ultrasound makes other devices around you react and allows the sender to identify what other devices are around you, like tablets, cell phones, …screens, etc. The marketing industry calls it ultrasonic Cross-Device Tracking (uXDT). This helps organizations track what devices you own and use, as well as other devices in your immediate surroundings; but you obviously already know this from when you last accepted the Terms & Conditions regarding access to your personal devices’ microphones. I’m guessing you didn’t think about this, and were somehow busy and not interested in your personal privacy.
The New Frontier of Artificial Intelligence
As a slider to a more fundamentally important development that is very exciting is Artificial Intelligence (A.I). A.I. has huge positive and universal potential; but In terms of this specific article, A.I. introduces a huge tracking potential which will eventually be connected to the Internet and like most things, can be abused, either on purpose, or not on purpose. The world’s largest companies like Amazon and Microsoft see a myriad of possibilities in applying this to their commercial outlet on the Internet, but there is a risk involved.
I initially didn’t understand how the inception of A.I. would fall into every day life (machine learning). A.I. will introduce amazing technology. Airbnb (the innovative home renting facilitator), I’ve been told can apparently identify, track and interpret your online activity in order to determine whether you are a potential guest that falls within their defined T&Cs. That’s both amazing and really scary. Have you considered the concept of your online compatibility to what organisations are looking for?
The future application of the Internet is being gradually fused with A.I. and it will likely morph into Internet of Things (IoT) applications and subsets of data science to solve problems that most people don’t even realize exist. Things like your fridge telling you when your are running out of milk, or your car driving for you, or your email account automatically answering your emails on your behalf.
Here’s another potential ice-cream headache: Amazon (I have used them for years and think they are great, but they sometimes scare me) is introducing an identification and authorization process that revolves around you swiping your hand across a panel to complete your online purchase in a physical store. I’m guessing this will hit my laptop as a biometric solution at some point.
I wonder what the next unforeseen bridge will be between A.I. and bio-metrics?
What can You Begin to do to Protect Your Privacy Today?
These are just a few random possibilities. It is important to remember that not all cookies are detrimental, but most of them do not benefit you as a private person exploring the Internet. You can tell your browser to accept some sites and not others, or you can choose to block all cookies. You can also choose to block all third-party cookies. Go ahead and consider this option.
Try using Panopticlick or Am I Unique to see what Trackers are checking your Internet activity. You will be surprised…
There is a Do Not Track setting in your browser that will request a site to disable tracking you (yes, it is a request that won’t necessarily be honored but it’s worth applying the option).
Choosing Privacy Mode in your browser will not necessarily stop all attempts at tracking you but it should block a site’s storage of information about you.
Your online activity is often tracked via your IP address. A Virtual Private Network (VPN) will route your Internet usage through a server of your choosing that generally masks your device’s physical location (for the most part). I.E. if you are based in the U.K., you can choose a server in the U.S. Your IP address then becomes connected to that US server and not the physical location of the communication device you are holding. If you want to get really James Bond undercover, check out the Tor browser (https://www.torproject.org/).
Cleaning up Your Digital Trail
Clean up your Digital Trail. Remember to delete your Cookies in your Internet browser (the first application you most likely use to connect to the Internet ). If you don’t delete Cookies, you might be tracked for months, years, or the rest of your life. Trackers and, especially Third-party Cookies, have been known to have data leakage and fraud. Delete all of your Cookies from time to time, preferably every 2 weeks to once a month (you will need to re-enter your passwords, but at least you are then proactively maintaining your digital hygiene). Deleting Cookies should help to remind you to change and update your passwords.
Take the time to look at your cell phone and laptop’s privacy settings (and advertisement settings). Network expansive companies like Facebook and Google track you in numerous ways (it’s not all bad), but you have given up most of your data privacy by accepting their Terms & Conditions without reading them. You can still restrict the amount of data collected on you by exploring your privacy settings and allocated options regularly. Take control of your own data and privacy. Do it. And do it often.
As of 2020, I figure 60% of global Internet users use Google Chrome as their default browser. I recommend taking the time to explore your Google Chrome and other browser alternatives. In most browsers, you can clear your search history and data activity. Visit My Activity and Click All time to delete all of your historical activity ever, or so they say.
Facebook generates a mind-numbing amount of profits from advertising and does not want you to reduce their income. I think FB is a great way to stay connected, but I’m also sometimes intimidated by it. You can opt out of ads if you value your privacy that is based on your browsing habits. Go to Settings on your FB account, then find “Ads” and go to “Ad Settings.” Here you can change the settings to “Ads based on data from partners” and “Ads based on your activity on Facebook Company Products you see elsewhere” to “Not Allowed.” This currently established trail of user tracking will likely be different in a year or two.
Facebook has an “Activity Log” that shows all of your activity (you can download and save all your activity before deleting if you want). Consider exploring and deleting all, or some, of your Facebook activity via your Activity Log.
I’m guessing most FB users don’t realize that if they ‘Like’ a random advertisement on their Facebook account, this gets sent to all their friends for weeks. Find “Ads that include your social actions”and consider changing it to be seen by “Only Friends” to “No One.”
There are browsers and browser add-ons dedicated to helping you limit tracking and surveillance. Browsers like Ghostery, Opera, Firefox Mozilla and DuckDuckGo are good alternatives to the major browser offers of today, like Chrome and Internet Edge.
Add-Ons like Ghostery, Privacy Badger, Privacyfix, Disconnect, AdBlock Plus, and unBlock Origin are relatively simple for ordinary users to add to their favorite browser.
I think Google is a great search engine, but they are also an organization that understandably want to record and track all your activities. You might want to consider DuckDuckGo, Qwant or Startpage as additional options as these do not track your IP address or generally log your digital trail.
What You Need to be Aware of and Partially Accept
As Internet users, we need to accept the fact that we will never be 100% sure of our online digital hygiene, but we can have an impact and influence on it.
I tell myself to never trust any organization that guarantees you 100% privacy or security. If they do, they are not being realistic and don’t truly understand their digital airspace. According to the Digitalguradian.com, in 2005, 157 data breaches were reported in the U.S., with 66.9 million records exposed (that we know of). In 2014, 783 data breaches were reported (think about the potential difference between officially reported and not officially reported breaches), with at least 85.61 million total records exposed, representing an increase of nearly 500 percent from 2005. That number more than doubled in three years to 1,579 reported breaches in 2017. God knows what’s happening today.
Understand that you can’t be sure of what you are seeing or reading online (or offline). Question everything current and new that is presented to you. Simulated videos, music, and voices are now commonplace and are possibly sending you fake news. It sounds dramatic and crazy. One of the newer words is ‘Deepfake’. It means that you can be copied and represented online as your own image and voice, even though it’s not actually you.
The EU is repeatedly developing a directive called the General Data Protection Regulation to help protect the privacy of EU citizens and their digital life. Basically, the EU recognizes and wants to give the Internet user more control of their personal data; To give you insight into who is tracking you; How you are being tracked; And why you are being tracked. It also wants to give you more control to stop being tracked. This is a good first step, but globally there is a long way to go.
Remember that yesterday, today and tomorrow, everything you send and receive on the Internet is being saved and registered, somewhere, by someone, and it will be connected to your personal digital footprint, most likely for the rest of your life. Have you looked into FB Legacy, and how you would arrange to delete your Google account on behalf of yourself and your family when you die?
I figure I’m like many internet users. I see a growing commercialization of our common Internet and a lack of a balanced regulation of the growing surveillance capitalism that is threatening the freedom of what the Internet was originally intended to facilitate: Communication and the freedom of information. I’m reminded of one of those wild life documentaries where a hoard of wildebeest are being tracked by a pack of lions in an African savanna. Once one of the lions goes into attack mode. and singles out a young and inexperienced target, the wildebeest make a seemingly random escape run, even though pound for pound, the herd could collectively crush that lion if they understood they could. There is strength in weight and numbers, just like how we all can potentially manage and control our digital privacy.
– The term “surveillance capitalism” was first published by Harvard Professor Shoshana Zuboff in 2014. A second 2015 article won an international award. Her January 2019 book bears the title, The Age of Surveillance Capitalism.
Credit to Ghostery for letting me mention them and give credit to their great mission of promoting and helping Internet users protect their personal privacy (https://www.ghostery.com/).