Most Internet users believe that their actions online are anonymous unless they have recently explicitly identified themselves. This is far from the truth. Two common techniques greatly reduce your anonymity online: computer recognition techniques and cross site trackers. With our website (forgetmysecret.com), Thaddeus Diamond and I created a simple game which illustrates how powerful these tracking techniques are. I recommend you visit the website to better understand privacy on the Internet.
A website can remember your computer using many techniques. The three most common techniques are cookies, flash cookies, and browser fingerprints. Cookies are very simple to erase. Most browsers include a “forget history” option as well as a privacy web-surfing mode. Both of these will defeat the tracking ability of cookies. Flash cookies, however, are much more difficult to erase. Flash cookies are stored deep in the computer’s file system, are shared between browsers, are not eliminated when a browser’s history is cleared, and are not effected by using a privacy mode. To clear this tracking information you must determine where these are stored on your particular operating system and manually remove them. Some browsers have third party plugins available which remove these cookies. Browser fingerprinting does not even rely on storing information. Instead, it captures lots of information regarding your computer system (such as font lists, plugin lists and software versions) to establish a highly unique “fingerprint” of your system. This fingerprint can then be used to identify you even if you clear all of the cookies stored on your computer.
Computer Recognition alone does not pose a large threat to privacy. However, when computer recognition information is shared between websites through “trackers” online anonymity is greatly reduced. Tackers allow for users to be followed between different websites. For example, your activity on website A can be shared and grouped with your activity on website B. This is primarily used to display personalized advertisements to users. You may have experienced this before when it appears that a certain targeted ad “follows” you around the Internet and appears at different websites. However, this technology can also be used to identify an otherwise anonymous user. If you identify yourself by logging in to website A, and then post an “anonymous” comment on website B (or visit a website you believe you are surfing privately), your identity can potentially be determined by website B through the use of such cross site trackers. Installing the Ghostery plugin from ghostery.com can show you how you are tracked at various websites.
It is crucial that web users become informed about privacy online. Misinformed surfers can accidentally expose their real identities while believed to by anonymous. Furthermore, a web user’s activity can potentially be aggregated into a single data source and sold for data mining. This greatly compromises our belief and desire of privacy for our online activities. I believe in the future it will be crucial for web browser developers to include many more tools to protect the privacy of their clients. By educating users and redesigning our browsers we will be able to recapture the true sense of freedom once enjoyed on the world wide web.
Yale Law Tech 