User tracking

From MozillaZine Knowledge Base
Jump to navigationJump to search

Websites may perform analytics on the user's browsing behavior, to figure out how and by whom they are used, and to present the user with more specific advertisements or product offerings. The issues related to user tracking are complex. This page is not intended to be complete but to provide the reader with some basic information on this topic.

Background

User tracking may be performed for various reasons and by various parties:

  • The website you are visiting may be interested to track your preferences to determine which pages are visited most (or least) in which contexts.
  • The website may want to figure out which products or services the user is interested in, thus to provide more specific offerings and increasing chances that he or she will buy or utilize that product or service.
  • Third parties like analytics providers and advertisers want to determine the user's interests and preferences to determine which advertisements are most likely of interest for him or her. Clicking on ads generates revenue for them.

Tracking by third parties is of special interest. While a given website can only acquire user-specific information about how that specific website is used, third-party services can generate complete user profiles from the user visiting multiple independent websites using the same tracking service.

While the user may certainly benefit from tracking by getting more interest-specific offerings for products and service (and may even get offers which otherwise wouldn't be presented to him or her), there are substantial privacy implications against user tracking:

  • Tracking of the user's browsing activity is not regulated in any way and usually performed without the user's consent.
  • Wide-spread user profiling may be considered intrusive and a violation of the user's privacy.

Methods of user tracking

Tracking isn't a single mechanism but rather a combination of one or more individual approaches:

Cookies

When the user visits a website for the first time, a random but unique string is created by that site and stored as a cookie. This serves as a unique identifier for the specific user (or, to be exact, the Firefox or SeaMonkey profile used). When returning to the website, this cookie associates that user with any previous visit to that site, even after a restart or change of location. This is a very effective and very direct form of tracking. Third-party services can collect data from multiple websites they have contracts with based on just a single tracking cookie.

Cookies are also used by certain plugin-related contents, specifically in Flash animations. Such Flash cookies [1] behave similarly to regular browser cookies but may be larger and are kept separately from the regular browser cookies. Special add-ons are needed to block Flash content (e.g., FlashBlock or NoScript) or to inspect and delete Flash cookies (such as Better Privacy).

Example: Using a Google or Facebook account (or any other social website for that matter), the service establishes cookies associated with that account. Now, any site with content from this provider (e.g., the "+1" or "Like" buttons for these specific companies) would expose your account-based identity to that provider as third-party cookies, thus allowing them to directly associate your browsing activity with your account.

Internet address

The IP address [2] is assigned by the provider the user's computer connects with and is a unique identifier for its location on that provider's network. It can also be used as a reference for the user's geographical location. Even if the user clears cookies between sessions, but stays connected from the same location, the tracking site can still associate multiple accesses to one or more websites with each other.

Example: You are using an e-mail account with Thunderbird and browse the web with Firefox, where one application doesn't know what the other does. However, if that e-mail account is coming from a company also engaged in tracking, the IP address can be used to indirectly link your account with the browsing activity from the same machine determined by advertisements or social-media inserts into those sites [3].

Browser fingerprinting

When connecting to a website, the browser reveals a lot of information, usually intended to make the website work properly with the given browser. This includes browser type and version, platform used, language preferences, and possibly installed plugins or add-ons [4]. This information can be used to identify a specific user, in addition to or as a replacement of tracking by cookies or IP addresses. There have been efforts by Mozilla since Firefox 4.0 and SeaMonkey 2.1 to reduce the amount of information presented to a website that can be used for fingerprinting [5]. The effectiveness of some of those measures taken is debated and has not been established, though.

Reducing user tracking

It is not possible to completely protect the user against unwanted tracking of his or her browsing activities. However, it is possible to at least make tracking more difficult:

Do Not Track

This is a technology and policy that enables users to explicitly opt out of or explicitly consent to tracking of their personal browsing behavior [6], [7]. Firefox and SeaMonkey support sending Do Not Track requests to websites as a global setting (i.e., currently not on a per-site basis). The "Do Not Track" settings can be modified in the Tools → Options → Privacy tab on Firefox, and the Edit → Preferences → Privacy & Security main tab in SeaMonkey.

Older releases have a single "Tell websites I do not want to be tracked" checkbox. This has been replaced with a new UI that also allows to explicitly consent to being tracked [8], [9]:

Firefox 21.0 and later:

  • Tell sites that I do not want to be tracked
  • Tell sites that I want to be tracked
  • Do not tell sites anything about my tracking preferences (default)

SeaMonkey 2.18 and later:

  • Tell websites about my tracking preference: (unchecked by default)
    • I do not want to be tracked (default)
    • I consent to being tracked

Notes:

  • An individual website is not obligated to honor a Do Not Track request, thus it depends on whether or not they intend to respect the request and whether or not they have already implemented that technology. If a website honors the Do Not Track request, it should automatically stop tracking of the user's behavior based on that setting alone.
  • The Do Not Track request should not affect handling of any private information for websites or web applications (such as login procedures or the contents of shopping carts). See a respective warning for switching off cookies below, though.
  • The user may see less specific advertising when the Do Not Track option is selected, given that personal preferences aren't considered when presenting ads. Keep in mind that stopping user tracking will not stop advertisements themselves, see Add-ons below if that's desired.

The purpose of being able to explicitly consent to tracking isn't obvious. If the user doesn't state any preference for or against tracking, it can be assumed that the website will treat this as an implicit consent and track the user's browsing patterns anyway. However, with an increasing number of countries interested in regulating tracking services, this feature may become more relevant, especially when applicable to specific websites rather than just as a global setting.

Cookies

Cookies persist across browser sessions. Thus, the identifying cookie won't be purged when restarting the application, and changing the location (IP address) won't impact the ability of the tracking website to identify the user either. One measure against third-party tracking is to prohibit third-party cookies altogether; another option is the restriction of cookies to the current session only. Some websites may no longer function correctly, but exceptions can be added for such sites.

Starting with Firefox 22.0 and SeaMonkey 2.19, acceptance of third-party cookies can be restricted to websites which the user explicitly visited before (i.e., for which cookies have been collected already). This behavior is the proposed default for future releases but still under discussion [10].

Some anti-virus software may be recognizing and removing tracking cookies, either in real-time or during a manually invoked or automatic scan. The extent and reliability of that detection depends on the anti-virus program used on a specific computer.

Disabling or deleting cookies may result in settings or preferences you have established with a site getting lost, thus you may need to re-establish those. Also, login tokens may be stored as cookies and thus deleted, in which case the site would prompt you for your credentials again.

Plugins

Plugins that are specialized enough that they are rarely installed increase the chances for browser fingerprinting to uniquely identify a specific browser. Thus, if a user needs such plugins for some specific websites but not in general, it is recommended to disable them in the Add-ons Manager until they are actually needed, thus to avoid that they are disclosed to tracking sites.

Plugins can be enabled or disabled in the Add-ons Manager from the Tools menu.

Add-ons

Extensions available for privacy & security support will either block unwanted content from advertisers or tracking services or provide more control on private data collected scripts or embedded content like plugins. Examples include: [11]

There is also an extension available to visualize the tracking process:

Related preferences

See also

Cookies

External links