Online tracking is done through digital tools.
We heard about cookies in Step1, from John Oliver’s 10 April 2022 HBO show ‘Last Week Tonight’ exposing Data Brokers.
Cookies: Cookies are small pieces of data that websites store on the user’s device. Sites often use cookies to remember user preferences and deliver a personalized experience, as well as to gain information for advertising. Once a website has dropped a cookie on a user’s computer, the cookie provider can continue to access it. This is how sites can use cookies to track users from page-to-page or from site-to-site. How long a cookie can track a user depends on the type of cookie. For example, Sessional, Persistent, First-party; Third-party (Crawford, 2020).
Fingerprinting: Fingerprinting is a form of website tracking that uses the attributes of the user’s device or browser to build a profile of a user. Information fingerprinters use include your device, the operating system you have on the device, screen resolution, browser and browser version, language, and time zone. Crawford (2020) states: “On its own, each piece of information isn’t that valuable. However, when it is all put together, it provides an incredibly accurate way to identify users. The Electronic Frontier Foundation ( EFF) runs a site ‘cover your tracks’ that tests your browser to show how unique your fingerprint is in relation to others the site has tracked.”
Email tracking: Email tracking software places an invisible image pixel in your emails that can detect the exact time and date you opened an email. The reason for email tracking is so that companies/retailers, etc., save time and learn whether a company’s first email was interesting enough to you to open. If not, you might be unlikely to open future follow-up emails. By preventing unnecessary follow-up emails, email tracking saves time both for the sales rep and the email recipient. Similarly, if a company notices a contact is clicking on the links sent and viewing a cover letter or a proposal that was attached, the company knows that you're currently at the top of their minds. Reaching out to you at that point, when you’re thinking about a company’s proposal, say (e.g. purchase an item of clothing) makes the conversation much more relevant, and timely for the company/retailer.
Sivan-Sevilla et al.’s (2020) study found that “companies we may never have heard of are collecting data points on every aspect of our lives – our interests, purchases, health condition, locations, and more”. IAB (2019, quoted in Sivan-Sevilla et al., 2020) “These data points are then combined into exceptionally revealing behavioral profiles, exposing intimate parts of our identity and fuel the multi-billion-dollar advertising industry that claims to predict what we are likely to .consume in order to target us with ads”.
Sivan-Sevilla et al.’s (2020) further report that when advertisers cross information about users’ medical problems, educational interests, and news consumption habits they are in a position to better know when a user can be turned into a consumer and make purchasing decisions that advertisers would not be able to predict otherwise. Studies showed how data from different websites is aggregated and used to infer about the demographics and interests of users, exposing them to manipulative practices that try to make them click on the ‘right’ (personalized) advertisement at the ‘right’ (personalized) time … The advertising industry had defined these moments as ‘prime vulnerability moments of consumers’ …in which users are ‘uniquely receptive’ …”.
Srinivasan (2020) enlightens that: “The rise of electronic ad trading, widely known today as “programmatic advertising,” paralleled the rise of electronic trading across various sectors of the economy…. early advertising technology company Right Media launched the RMX “advertising exchange,” the first-ever electronic trading venue for ads. ….. Today, a single company, Google, simultaneously operates the leading exchange, as well as the leading middlemen (i.e., intermediaries) that publishers and advertisers must use to trade … Google not only sells ad space belonging to third-party websites, it sells ad space appearing on its own sites, Google Search and YouTube”.
Srinivasan (2020) reports that “The business of advertising has changed drastically over the last two decades. Today, the largest category of advertising, online advertising, is rarely negotiated by people at all. Advances in technology allow ad space to be bought and sold electronically through centralized trading venues at high speeds, without people ever meeting face-to-face. When a user visits a website, the ad space on a page is instantly routed into one or more of these venues. There, the space is auctioned in real-time to the highest bidder. At the conclusion of these auctions, the advertisers’ ads return and display to the user in time for the page to load and before the user has noticed anything has occurred. The user just sees ads targeted to them, say one for Barclays bank.”
You may now understand that a lot of data is increasingly captured, observed and inferred by those you have a direct relationship with, not just to provide basic services you request, but increasingly to ‘personalise experiences’ whether you ask for them to or not and/or to target you with advertising on and off their websites, apps and services. But your data isn’t just captured, observed and inferred by those you have a direct relationship with, but also with third party entities in the advertising ecosystem who may be embedded in the websites you visit or the apps you use, in order to target you with behavioural advertising for example. Your data may be used to follow you around the web and apps for behavioural targeting purposes such as real-time bidding that allows advertisers to automatically bid in real time to target people based on specific criteria – for example, of a specific age range and gender or type of mobile device or location.
So, data about YOU can be very personal indeed revealing intimate aspects of your life. It can impact in ways that you never considered and that breaches your expectations to privacy and that fails to respect and protect your privacy. For example, the Grindr app was found to share information with a “large number of third parties” involved in profiling and advertising. Data shared “included IP address, Advertising ID, GPS location, age, and gender.” This led to an investigation by the Norwegian data protection authority who fined Grindr the equivalent of £8.6 million (100 million krone).
All of the data types of discussed above are personal data protected by data protection laws such as the GDPR and the EU’s electronic privacy law (the ePrivacy Directive ‘ePD’) we’ll discuss in the next step (step 4) of CSI-COP’s informal learning course. These laws place obligations on private and public sector organisations that capture, observe and infer data about you and give rights over that use. Again, this will be discussed in Section 4 of the course.
But take a moment and think about what your data says about YOU and OTHERS that you’re connected to.
Do also note, if you use ‘free’ Wifi, you have to provide information about you to access the Internet. See the image below on what is collected.
