Online Tracking More Detailed Than Thought
It's no secret that advertisers and other groups buy and sell data about people's Internet use. But a new report says the information is far more detailed and specific than realized.
The Irish Council for Civil Liberties (ICCL) says it's much easier than people realized to identify specific individuals, in some cases threatening national security. The data isn't hacked or stolen, but rather made available to people bidding for online advertising slots and trying to reach a particular auction.
The basics of how this work are well known. Legitimate online businesses track users online but don't sell individual records. Instead they'll label them as likely fitting particular groups, such as fans of a football team or new parents, based on their browsing history.
Advertisers can then target these groups, for example people who are likely golf fans, live near a specialist golf store, and appear to buy high end goods. In principle at least, tech firms try to balance the categorization so that groups are narrow enough to allow effective ad targeting, but broad enough that identifying any individual is difficult.
Blackmail Made Easier
However, the ICCL investigation found that advertisers have more categories, covering more specific characteristics, than widely assumed. That means the available information about any individual is much greater, making it easier to cross-reference with other details to identify them.
Some of the categories in ad data revealed by the ICCL were highly personal, including information about potentially embarrassing health conditions. Other categories were potentially a major security risk not just for the individuals but for companies.
These included people being categorized as a judge, elected official, national security worker, military personnel, military family, or counter-terrorism worker. If identified, some of these people could be threatened or blackmailed.
Russia Among Customers
The report also claims Google sends ad data to a Russian broker that tries to identify people who regularly visit websites politically opposed to the Russian government. (Source: iccl.ie)
Google and Microsoft both responded to the report saying they protected individuals' privacy when handling ad data. Microsoft said it complied with all laws, while Google said the way it makes data available to potential advertisers "simply [doesn't] allow bad actors to compromise people's privacy and security. (Source: ft.com)
What's Your Opinion?
Are you surprised by the reports? How easily do you think a bad actor could gather information about you and identify you? Is it possible or desirable to have tougher laws on how tech companies share and combine data about online activity?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
TikTok owned by Chinese
This is slightly off-topic, but related. Tiktok is owned by a Chinese firm (Bytedance), and it's been suggested that the algorithms which determine what a user is "most likely interested in" are being tweaked to stir up unrest in countries like the USA. For example, it's been reported that millennials are likely to see show pro-Hamas propaganda on Tiktok, rather than support for Israel. Check out the article below for more info:
https://www.vice.com/en/article/wxjb8b/tiktok-its-not-the-algorithm-teens-are-just-pro-palestine
Online Tracking
I'm not surprised. One need only to run the NoScript browser add-on to be able to see the long list of third-party scripts coded into many web pages. People don't see these scripts, and even if they do they don't know what these scripts are doing. A single, innocent looking web page can have 2 or 3 dozen third-part scripts hidden behind the photos and graphics, many of them tracking scripts and data mining scripts from sift, adobe, browser-intake-datadoghq, owneriq, crazyegg, m2.ai, brightcove, amplitude, pushnami, beehiiv, Liadm, go-impulse... oh, Jesus... I could go on for days.
I use Hosts file blocking and my Hosts file has over 20,000 tracking and advertising domains in it that I bar from accessing my browser. When all of these data miners aggregate the data they collect, they know more about you than your own parents. There are scripts that literally track your mouse movement around the web page. There are so many minute details the data collectors can pick up that, when aggregated, paint a very detailed picture of who you are, what you do, what motivates you... and all of this data is used against you, to manipulate you. 95 percent of more of the people who use the their browsers daily have no clue what going on behind that pretty web page. But, I can promise you this... there is a big question mark on my data profile. ;)