May 4, 2012
Being involved in research on user modeling and adaptive systems, I know a bit about the techniques of identifying users and tracking user behaviour. At this point most people will be aware that some websites set so called http cookies through which your browser can be re-identified and information can be stored for future sessions. There are many scenarios where these cookies come in very handy: forms may be pre-filled with the data you inserted the last time, settings or other personalisations may persist across sessions. So when I go and book a flight with Aerlingus, Dublin will be selected as my home airport, before I ever log in. I don’t think they have ever asked me explicitly whether I want to store this information, but their website has left this little textfile with my browser with “homeAirport: DUB” in it. I don’t really mind and find it convenient.
However, it gets more tricky when my behaviour is tracked across websites. Some websites will set third-party cookies (unless you block them from doing so). This means a third party (usually involved in ad serving) will be able to see that I visited both site A and site B.
As I said, I was aware of that fact anyway and even deleted certain cookies from my system at times. However, I was not really aware of the extend of this cross site tracking until I came across this TED talk by the CEO of Mozilla Corporation Gary Kovacs. In this talk he introduces a Firefox add-on called Collusion which visualises the sites that track your behaviour. I installed it immediately and just half-an-hour and a couple of clicks later my Collusion looked like this:
Each circle represents a website. I have actually visited those with with a halo, but the grey ones have set a cookie and “know” that I visited site connected sites. After this quick session, a website that I had never visited called turn.com (“we help you to make marketing decisions”) had seen me indirectly visiting about a third of all the pages I visited! At that point I decided it’s time to re-visit those privacy settings in my browser.