Microsoft STALKS YOU even more than supermarkets do, says dev

Hey, get your tracker kit out of my trouser browser


Web-tracking is rife on technology vendor websites, with Microsoft among the worst offenders. Tech sites serve up even more trackers than the average online retailer, say browser privacy plug-in devs.

Trackers follow surfers after they visit a website to serve behavioural ads elsewhere online. The technology started in the world of online retail but has recently moved into other areas, such as technology, travel and entertainment websites.

The developers behind ad-tracking browser plug-in Ghostery said they'd logged 137 different trackers on the Microsoft website and 107 on Apple's site, while they logged 66 on Samsung's site and 65 on HP's. Dell has 106. All of these tech sites make greater use of trackers associated with behavioural advertising than specialist retail sites such as Tesco (64), John Lewis (46) and Dabs (12).

Some trackers are associated with website analytics but others are more focused on delivering behavioural ads, and are therefore a bigger privacy concern. Higher numbers of web trackers (Ghostery only counts third-party tools) means more data is being collected and that a website is partnering with more third-party web marketing firms.

Andy Kahl, director of consumer products at the Ghostery division of software developers Evidon, explained that tracking tags collect information about users. Technology sites tend to make more use of tracking tags than retail or travel sites because IT firms have "greater exposure and familiarity" with web tracking technology, according to Kahl.

Tracking tags come in various flavours.

"Tracking tags work to measure a user's interests to help match advertising on other sites and/or to help the site's publisher understand the audience that is drawn to their page," Kahl explained. "Some trackers, which we call behavioural beacons and analytics scripts, do only that - you can't even see them (they take up only a single pixel on the page)."

"Other scripts actually deliver the ads you see (but still collect data in the process), and still others provide some sort of page functionality, such as a social network Like or Share button, or an embedded video. These are all provided by some other company than the site that you're viewing, and data about what you're seeing and sharing is sent back to these companies."

Ghostery is a free browser plugin that consumers can use to identify third-party trackers on the sites they visit, by keeping track of invisible tags on websites that track internet activity. The software is also available as either an iPad and iPhone app. The technology is broadly compared to AdBlock Plus, although Ghostery argues it provides more detail on trackers and more granular controls.

The technology gives its more than 16 million users a breakdown of the ad networks, behavioural data providers, web publishers, and other companies interested in their activity. Users have an option to block ad trackers on a case-by-case basis. Only half the users of Ghostery block any ad trackers at all, according to Kahl. "What tends to get blocked is annoying ads and bothersome pixels," Kahl explained. "What goes unblocked is Facebook Like buttons, Twitter tags and video links - trackers that people feel have some value."

The EU ePrivacy directive has brought attention to the existence of web-tracking, but consumers remain largely clueless about the extent to which their data is used. Ghostery aims to close this knowledge gap, making the web more transparent and giving consumers a way of controlling behavioural tracking.

The annual UK revenue from behavioural advertising is between £64m and £95m, according to figures (PDF) from the Office of Fair Trading.

The targeted advertising industry likes to compare itself to a friendly local shopkeeper who knows his or her customers but that analogy breaks down online, according to Kahl.

"When the local butcher shows familiarity with me, I understand how that familiarity was built and I'm comfortable with the relationship. But online, I don't know how a website knows which shoes or trousers I was browsing about earlier," Kahl explained. "The problem is not the data... the problem is that the process of collecting and using that data was not transparent, and I didn't have a choice about it."

"That's what tends to make consumers uncomfortable online - it's not so much that you know I was shopping for shoes, but that those shoes are somehow following me around the internet, even when I'm not looking at anything related to shoes," he added.

Ghostery has an infographic that describes the most common tracking technologies and tags

"Technology companies and the sites that partner with them need to do a better job of helping consumers understand how the process works," Kahl concluded. ®


Other stories you might like

  • Verizon: Ransomware sees biggest jump in five years
    We're only here for DBIRs

    The cybersecurity landscape continues to expand and evolve rapidly, fueled in large part by the cat-and-mouse game between miscreants trying to get into corporate IT environments and those hired by enterprises and security vendors to keep them out.

    Despite all that, Verizon's annual security breach report is again showing that there are constants in the field, including that ransomware continues to be a fast-growing threat and that the "human element" still plays a central role in most security breaches, whether it's through social engineering, bad decisions, or similar.

    According to the US carrier's 2022 Data Breach Investigations Report (DBIR) released this week [PDF], ransomware accounted for 25 percent of the observed security incidents that occurred between November 1, 2020, and October 31, 2021, and was present in 70 percent of all malware infections. Ransomware outbreaks increased 13 percent year-over-year, a larger increase than the previous five years combined.

    Continue reading
  • Slack-for-engineers Mattermost on open source and data sovereignty
    Control and access are becoming a hot button for orgs

    Interview "It's our data, it's our intellectual property. Being able to migrate it out those systems is near impossible... It was a real frustration for us."

    These were the words of communication and collaboration platform Mattermost's founder and CTO, Corey Hulen, speaking to The Register about open source, sovereignty and audio bridges.

    "Some of the history of Mattermost is exactly that problem," says Hulen of the issue of closed source software. "We were using proprietary tools – we were not a collaboration platform before, we were a games company before – [and] we were extremely frustrated because we couldn't get our intellectual property out of those systems..."

    Continue reading
  • UK government having hard time complying with its own IR35 tax rules
    This shouldn't come as much of a surprise if you've been reading the headlines at all

    Government departments are guilty of high levels of non-compliance with the UK's off-payroll tax regime, according to a report by MPs.

    Difficulties meeting the IR35 rules, which apply to many IT contractors, in central government reflect poor implementation by Her Majesty's Revenue & Customs (HMRC) and other government bodies, the Public Accounts Committee (PAC) said.

    "Central government is spending hundreds of millions of pounds to cover tax owed for individuals wrongly assessed as self-employed. Government departments and agencies owed, or expected to owe, HMRC £263 million in 2020–21 due to incorrect administration of the rules," the report said.

    Continue reading

Biting the hand that feeds IT © 1998–2022