Here is the data that websites collect from you (The complete edition)

online_data_collection

Online services and websites believe in the concept of no free lunch

We are here to tell people that unless and until they get themselves some sort of protection (like a VPN), they are likely to leave behind huge digital footprints behind them as soon as they launch that web browser of theirs.

The worst part is that, the majority of online websites that the user visits can and do track his/her activities and may even have enough data to recognize who a particular user is.

And no, this isn’t about that talk where we go on and on about how crazy various governments have become with regards to the scale of their data mining campaigns and operations.

The type of data collection that we are talking about here is the one that is currently totally legal.

This is above board online tracking that various online services and sites carry out as online consumers utilize the internet every single day.

The type of data that online services and sites collect include anything and everything from which links that the user is clicking on to whether or not the user is making use of a mobile device.

As our readers might have guessed by now, this is actually just the beginning of data collection.

Everything that the web browser reports on the user

It should not come as a surprise to anyone that the information leak essentially begins with the user’s web browser.

The web browser is the exact thing that reports all the various bits and pieces of all basic user data to all the sites that the user visits on a regular basis.

And it does that by default.

So as soon as a given online consumer actually connects to the online world, to take an example, the user starts reporting a unique IP address.

This is every user’s unique entry point to the infinite world of the internet.

Sites and services among other entities can use that information to approximate the actual location of the user.

Modern web browsers also report their own name.

This is the way websites can know whether the user is a Firefox user or a Chrome devotee.

Apart from that, the web browser also streams other information about the user’s computer system that the user is running it on.

That includes information such as the user’s mobile or desktop OS, the user’s GPU and CPU models along with display resolution.

Sometimes it can even broadcast information such as the current battery levels of the device that the user is on whether it be,

  • Phone
  • Tablet
  • Laptop

Users who want to see at least some of the data that we have talked about so far for themselves, they just need to open up the official WebKay website and then scroll down a bit.

The thing readers need to understand about this tool is that if the official Webkay site/tool has the ability to read and display any user information then so can all the other web pages available on the internet.

Websites also have the option of monitoring the user’s inputs a lot more closely.

In order to see just some of the online tracking that websites regularly involve themselves in, click here to go to Click.

This will report the user’s mouse clicks, and movements.

This page would also report all other web browser actions right back to the user who is initiating them.

Now, we would like to mention here that these are just nuggets of user data.

But these are enough to assist online services and sites to identify who the user is.

Some might think that it is no big deal if a given user’s web browser reveal information about the user such as the user running, for example, Microsoft Edge and accessing the web from a place that is located somewhere in the city of New York.

Perhaps they are right in the sense that websites can’t know much from the user’s web browser and location alone.

But the thing is, services and web pages can combine that information with lots of other points of data in order to pick the user out from a massive crowd.

shutterstock_1257158608

All that the user has to do is click here to open up the official Electronic Frontier Foundation Panopticlick test.

This tool will enable any user to learn a lot more about how his/her web browser can actually broadcast a rather unique digital fingerprint to the online world.

The fingerprint comes into existence with the help of a user-specific mix that consists of the user’s web browser software along with the default language, hardware and also the fonts that the user has installed.

This information is enough for most services and web pages to identify the user without needing any additional information.

To put it in simpler terms, it is very unlikely that another online consumer is actually making use of another online consumer’s special combination of,

  • Web browser plugins
  • Screen size
  • Monitor color depth
  • Lots of other things

Another thing readers should note here is that even if they have never ever typed up a single piece of personally identifiable information,  a given website still has the ability to make an accurate enough guess about whether or not the user is the same, or different, person who swung by the website last Tuesday.

It stands to reason that websites can use all such information to market the user some super relevant advertisement offers.

As mentioned before as well, the data that the user’s web browser reports to different websites and services is simply the beginning of the data collection.

Let’s talk about the next layer.

The second layer of data collection involves all that data which websites have the tools to gather on their own for their own business needs and requirements.

Data that sites collect

Readers probably do not need us to tell them that the majority of the sites that they come across on the internet are more than very keen to find out as much information about the user as is humanly/digitally possible.

And websites have their reasons for wanting to know so much about any given user.

They want to personalize and focus their services for the user.

Other times, they want to make sure that they only show those ads to the user that the user may have an interest in.

For that, websites need that.

Not only that, they also need help in order to log all of the data.

And this is where websites would usually drop a, what the community calls, cookie on the user’s computer system the very first time a user visits a given site.

Readers should think of these cookies as tiny little files which act as pointers or markers so that websites can identify individual users.

Pretty much like breadcrumbs in a forest, these cookies are able to tell any given site whether or not a given user has visited the site before.

Not only that, these cookies also contain other pieces of information on the user.

A cookie can even save the user the arduous task of going ahead and picking a specific city each and every time that he/she visits his/her favorite online weather service.

The only way a weather service can do that is if it has access to the cookie which tells the user the city the user picked the last time he/she came to the site.

Our research shows that a cookie has the ability to store different items that may be present in the given user’s shopping basket.

In this way, the items in the shopping cart are still waiting for the user when they come back to the e-commerce site days later.

As one can probably imagine with ease that cookies are very useful not just the for the website but also for users.
However, websites can sometimes make cookies go just a bit too far.
Sites can call on the help of cookies to add more and more jigsaw pieces to the overall puzzle of a given user’s personal profile.
We have already mentioned the fact how web browsers start the process of developing that puzzle related to the user by reporting some metrics to the sites that the user visits.
Furthermore, web browser security protocols essentially dictate to the sites that they can only make use of and access data that belongs to their own cookies.
Our thinking is that it is a reasonably fundamental safety measure.
However, users also have to give consideration to what the industry calls third-party cookies.
These are cookies which are not associated with a specific website.
However, these do tend to get injected across a multiple number of web pages via advertisement networks and various other online tracking technologies.
In simpler terms, these are the cookies that are responsible for showing the user advertisements related to gaming gear for a full week after the user may have opened up a gaming website a few number of times.
These are also the cookies against which Apple has launched a hard fight via the company’s very own web browser, Safari.
Of course, this has angered some advertisers.
Indeed, the fundamental reason why third-party cookies exist is that different entity wants to make use of the data that they contain in order to recognize who the user is on the web and then serve that user-targeted advertising.
Multiple entities now generate tons and tons of data from various website visits, web browser, cookies, and searches in order to put together their ideas and try to figure out the exact ads that the user may see and have an interest in.
Of course, there is the presence of some well-educated guesswork as well.
And that’s not all.
Princeton University recently came out with a study which found that various cross-site online trackers were actually embedded in a total of 482 sites of the top visited 50,000 sites in the online world.
All of these trackers were recording pretty much each and everything about the user’s web browser activity in order to further analyze the data produced by the tracking activity.
Ostensibly, all such recordings are for nothing but for the purpose of the given website’s optimization and management.
However, while it is true that supposedly the companies behind this collection of data redact sensitive information from them, but in the end, it just becomes another case where users have to put their full trust along with all their sensitive data into the invisible hands of various unknown third-party companies.
As it turns out, there is actually a new group of companies that are trying to add to the already huge pile of user data.
And that group is made up of internet service providers.
Internet service providers now have the opportunity to make a ton of money on their own by simply selling their customers’ web browsing history.

shutterstock_1256317438Such internet service providers allow advertisers to know where the user has gone and what type of information the user is more likely to be interested in.
Readers need to understand that almost none of all this collected data has the capability to work on its own in isolation.
In addition to that, marketing agencies trade user details and combine user details in order to put together, what many would say, an extremely detailed user profile.
But hang on, things get a lot more detailed than what we have mentioned so far.
In this guide, we have, so far, only talked about information that websites and internet service providers are taking from you.
However, what we have not talked about is all the data the user is giving up and submitting voluntarily.
All the searches that any user runs while he/she is signed into services such as Google, the exact date of birth and other details that the user provides to Twitter and all the venues that the user checks into while he/she is making use of Facebook along with many other pieces of data that the user submits into various services, make up quite a bit of information that the user willingly allows others on the internet to know.
Now, with that said, it is true that different websites have different privacy policies.
And websites keep these policies in mind when it comes to how they can use the data that they have collected.
As mentioned before, most of the time, all that sites want to do with the user’s data is to target the user with better advertising.
Sometimes websites use the data that they have collected in order to enhance certain aspects of their products along with their services all at the same time.
Generally speaking, websites expect the user to understand the deal.
What is the deal?
The deal is basically the user putting up with all the data collection that is going on everywhere if he/she wants to have access to the service that is in question.
What we mean to tell our readers is that if they feel like they absolutely cannot live without having a Tumblr account, just to take an example, then they should know that they will have to essentially give the Tumblr platform the permission to monitor each and everything that they do on its network.
Most of what we have said here is common sense really.
Afterall, sites also have a responsibility to fix bugs and police customer behavior on their platform.
Whatever is the case, the fact is modern online consumers have to give up more and more of their data in order to use anything and everything on the internet.
If the user simply ads all of the personal information which sites collect on them and then takes that together with the additional data that services have already managed to harvest from all of their online sessions, it should not be hard to see the big picture that the likes of Facebook and Google probably know individual users better than they know themselves.
Just 12 months ago, Google actually amended its official privacy policy for the purposes of merging data from the company’s official Double Click advertisement network with the company’s other data that the company already knows about the user.
This is data such as the user’s name and the user’s favorite YouTube channels.
These services can then build an even more comprehensive profile of the user and the user’s tastes.
Of course, we are totally aware of the fact that not every technology company and/or otherwise has the scale and reach of Facebook and/or Google.
However, small companies do not need all that infrastructure to get the data.
Why?
Because they can buy that data.
They can also sell data.
There are actually firms that specialize in such kind of user profiling.
Just think about Facebook for a second.
For such a huge network, it should not come as a surprise to anyone that Facebook,  on its own, could very well know all of the user’s,
   • close friends
   • the regularity with which the user orders pizza
   • all the places that the user prefers to visit on a regular basis
   • all the greatest defenders and attackers, living or dead, that the user would want to pick for his/her dream team.
Facebook users can also thank all the data that they offer up to services such as Facebook and the data that Facebook collects on its own as they are browsing the service, Facebook actually knows things such as,
   • when a given user is planning to go on a vacation
   • which company the user has worked for in his/her past
   • which way a given Facebook user probably leans in terms of political ideology
   • All the times in a given day that a given user likes to browse the online world, not just      Facebook.
Users who want to know more about the information that Facebook takes the liberty of thinking that it knows about them should go ahead and click here.
No one is disputing the fact that the world’s biggest online social platform is an outlier if we’re talking about all the information and personal data that it has the potential of tapping into.
However, even the smaller sites work on the same principles.
It doesn’t matter what kind of site one is looking at.
Everyone collects data.
Shopping sites, travel sites, news sites.
In the end though, it really comes down to the actual privacy policies of the given individual service or website as to how all of them collect user data, how they log it and how they use it.
Some sites may not engage in any of this.
Perhaps this is also a good time to mention that while services and websites make it easy enough for users to access their policies, the document themselves are couched in reasonably broad terminology.
Services and websites use unclear data collection policies in order to afford themselves a lot of leeway in terms of how they handle their customer’s profiles that they have worked so hard to build up.



Conclusion


At its core, data collection is not really malicious.
Websites and services require data in order to make their offering more useful.
They also need it to sell users advertisements which keep them afloat.
With that said, we would like users to have more consciousness about what they give up and, more importantly, to whom they give up.
Of course, you can make all of this go away to some extent with a VPN service.

IPVanish is the best one at it so click here to sign up for it right now from the official website.

 

Zohair

Zohair

Zohair is currently a content crafter at Security Gladiators and has been involved in the technology industry for more than a decade. He is an engineer by training and, naturally, likes to help people solve their tech related problems. When he is not writing, he can usually be found practicing his free-kicks in the ground beside his house.
Zohair

COMMENTS

WORDPRESS: 0