Web Hosting Reviews

That’s why you’re tracked online – and that’s how you protect yourself

Facebook and Cambridge Analytica. Swedish Pharmacy that forwards sensitive customer data. Companies that ignore GDPR. No, it is not difficult to find examples of events where your and my data have been mishandled or leaked. It is tracked like never before. What do you do to protect your data?

Read our big guide to online privacy for practical tips to get you started – apps, browsers, add-ons, settings, vpn and more.

Therefore, you are tracked

The more data a company has about a user, the more targeted advertising it can sell and make more money. In other words, it’s not that hard to understand why companies want to know everything about your habits.

The problem (if you think it’s a problem) is that so much information is collected that behavioral profiles of you, at companies around the world, are so huge (yes, huge profiles) that far more conclusions can be drawn than what gadgets you want to buy. Political views, sexual orientation, and other things you might not want any company to know about.

With large companies such as Google and Facebook, it is of course in their interest that no information about you leaks out, as they make a lot of money by selling ads that are as targeted as possible with information about you that the competition lacks. But data leaks happen every now and then, and there are less serious companies that resell your information without blinking an eye.

Tracking cookies

How you are tracked (cookies are old news)

By now most people are probably familiar with cookies. Cookies have been around since the 90s and are used to make websites work properly, such as logins and what you put in your shopping cart when you shop online.

And then ad tracking, of course.

With a file saved in your browser, various sites and companies can create an ID that follows you around the web. On one and the same site, there can be hundreds of different companies that all place a cookie on your computer.

However, users can clear cookies themselves and many browsers have recently made it easy to simply block cookies from third-party companies. So does this mean we are free from tracking now? Far from.

As the pie seems to have reached the end of the road, advertising companies are working feverishly to come up with other methods.

– Google themselves have realized the unreasonableness of the tracking that is going on on the web now. They are smart and therefore want to create new solutions before the old ones stop working, says Karl Emil Nikka, founder of the IT security company Nikka Systems, which works with training companies in IT security.

Google themselves have set themselves the goal of phasing out third-party cookies sometime in 2023. Instead, they are now working on something called “Topics”, which is part of the company’s “The Privacy Sandbox”, which should be less privacy-infringing than today’s cookies (read more about Google Topics here).

– At the same time, we should be grateful that Google, Facebook and others are experimenting with new advertising solutions. A significant part of the web’s services are ad-financed. If we want to continue taking advantage of free services, the services need working advertising solutions, says Karl Emil Nikka.

Canvas fingerprinting

Your device has a unique fingerprint

But there are already today alternatives to cookies that are significantly scarier than the technology they replace: Here we find, for example, “Browser fingerprinting” (read a detailed article about the technology here). When you visit a certain site, it can retrieve a lot of different parameters, such as operating system, screen resolution, battery level, installed browser extensions and many, many more.

Individually, these parameters are innocent, but when collected and linked to a user, suddenly a unique profile of your device has been created. Neither vpn nor blocked cookies protect against this. In fact, no file, like a cookie, even needs to be placed on your computer. It also means that you cannot delete anything collected about you, unless you submit a formal GDPR request. But then you need to know which site to send it to.

On amiunique.org you can test and see how unique your own browser fingerprint is.

Stopping, or at least reducing, the tracking of you can feel like an overwhelming task, but it is possible with relatively simple means to at least protect yourself from the most obvious tracking.

– The battle is certainly not lost and it is definitely possible to protect yourself. Those who run today’s websites can send whatever tracking code they want to our browsers, but they can never force our browsers to respect the tracking code. Our browsers interpret the data they receive and render the web pages according to our instructions.

In mobile it is more difficult.

– Unfortunately, we don’t have the same opportunity in apps, but luckily many of today’s services are available in both web and app versions, says Karl Emil Nikka.


VPN not a one-size-fits-all solution for privacy

VPNs are often sold as the ultimate solution for privacy protection, but that’s far from the truth.

A vpn protects you from having your ip number tracked, which of course is good, but that’s also pretty much all it does. This means that just because you have a vpn, Facebook, Google and other companies will not stop tracking you.

– If you are logged in to web services or do not block tracking cookies and tracking scripts in your browser, you will be tracked as much as before. The advertising networks thus have more effective ways of tracking you than your IP address, says Karl Emil Nikka.

So when do you need a vpn?
A VPN service broadly fulfills three functions:

1. Bypass geographic restrictions.
For example, if you want to see content on streaming services that is blocked in Sweden, but available in the US, you can use a vpn to trick the service into thinking you are in the US. However, many services work hard to block vpn services, far from all of them work for this, and others can suddenly stop working. Netflix has also blocked accounts that use vpn.

2. Hide your surfing habits from the internet provider.
When you use a VPN, your ISP can no longer see which pages you visit. What’s important to know though is that what you’re actually doing is moving that information from the provider to the vpn company, who can now see what you’re doing. Therefore, it is very important to choose a serious vpn that does not save logs or resell your information, something that can be easier said than done.

– We have seen several examples of vpn services that promise a “zero logging policy” but still save information. For example Ufo VPN which claimed not to log anything but still happened to leak 1.2 terabytes of logs. It is better to ignore a vpn service than to use a questionable one.

Read more in our privacy guide on how to choose the right vpn service

3. Surf on unprotected networks.
When you browse unprotected networks and sites without https (no padlock in the browser), both the ISP (and others on the same wifi) can see not only which sites you visit, but also everything you send to or download from the sites.
– But that need is much less today. Without a vpn service, the person should just double check that there is always a padlock in the address bar and never connect to a website if the padlock is missing.

– Another solution is to share the internet from the mobile phone and completely ignore connecting to the public Wi-Fi network

Read more: Our big test of vpn services

Internet security

As a casual surfer who still cares about privacy, it feels almost insurmountably difficult to know where to start and how to protect your data from the worst data collectors. What are the steps to take that will give one fair privacy protection, without having to set up your own servers and other “advanced” methods for that?
– You will go a long way by leaving Google Chrome. Also take the opportunity to change the standard search engine to a privacy-protecting one, for example Startpage or Duck Duck Go, advises Karl Emil Nikka.

– You also protect yourself by being restrictive with which information you share. Reject all tracking and data sharing requests. Do not share your phone number or email address if you are concerned about being tracked through it. If you need to enter one
e-mail address, you can register so-called alias addresses with, for example, Simplelogin or Firefox Relay. There you get a unique email address for each account you register, so that email address cannot be used to track you between websites.

So what does the future look like? More privacy or uncontrolled surveillance? Karl Emil Nikka nevertheless views the development positively:

– We are the ones who decide! If we show our displeasure about tracking, the web services that want to survive will adapt. To get there, the world first just needs to be made aware of the problem. Apple helped us a step along the way when they started forcing apps on iOS to ask if the user wanted to allow data sharing. In addition to more users opting out of data sharing, it also made more users think about what it is they are actually agreeing to.

Read our big guide to online privacy for practical tips to get you started programs, browsers, extensions, settings, vpn and more.

Leave a Comment

Het e-mailadres wordt niet gepubliceerd. Vereiste velden zijn gemarkeerd met *