Archiv der Kategorie: Personal Privacy

How companies learn which sites you’re visiting and how to prevent it

Today I want to talk about a general issue that affects us all every time we are using the web. That is: the protection of our personal data.

In the olden days when you visited a web site, your browser would connect to the server, receive an html document and render it for you. Today, with Web 2.0 and what not, your browser still receives an html document, but it looks more like a shopping with instructions on where to get the different parts of the site. So when you connect to a certain website, you are in most cases actually connecting to multiple web servers.

This image for example is actually located on a Wikimedia server, not on wordpress.com

Sometimes this is very obvious, for example, if the page contains a Google Maps frame, it is clear that it must be connecting to the Google Maps server. In other cases it is not so clear, because these third party elements don’t even have to be visible: A lot of websites contain hidden elements that send information about the visitors to Google Analytics or other statistic services. If you want to know more about that there is a neat little Chrome extension called Collusion that visualized which website send information to third parties.

Sites with a blue circle are the ones you actually visited the others are third party sites.

Collecting anonymous user data to improve websites or services is one thing.  It gets really creepy once the third party your data is sent to knows your actual name (and address, and favorite animals….). Why would they know that? Well this is where „social widgets“ come in, these small website elements that are currently spreading all over the web:

This thing sends the information, that you are visiting the page it’s on, to Facebook, Google and Twitter.

What happens is this: When you are logged into a service like Facebook or Google (chances are high that you are right now), you have a valid cookie of that service in your browser, so the site will still know who you are, if you leave the page and come back later.
Now when you visit a page with a social widget on it, your browser will send a request to Facebook/Google/etc to get the widget. It will also send your cookie information along. This basically means, that they now know that you, John Doe are currently looking at website XY. Since these widget are on practically every website nowadays the social network services can create detailed personal web usage profiles. It depends on your level on paranoia what you make of this, but it’s certainly not the most comforting of thoughts.

But wait! There is hope! Thankfully, the internet is not (yet) completely controlled by the data collecting juggernauts. There are a lot of plugins, tools and browser extensions that help you protect your privacy in many ways.
In the remainder of this article, I would like to present one example that I find very inspiring: Disconnect.me
The reason why it’s so inspiring is, that one of the founders of this start-up company, Brian Kennish, actually quit his job as a developer at Google, so he could make the „Disconnect“  Chrome plugin that keeps your browser from sending your data to all the major data collectors including Google.

The extension takes only two clicks to install and immediately starts preventing sites from sending your data to Digg, Facebook, Twitter, Google and Yahoo (unless you are on one of their pages). You can easily deactivate and reactivate the blocking of any of the five services. (There exist versions for Firefox and Safari as well).

Now go ahead, try it and enjoy a little more private web experience.

PS: If you would like to learn more about the topic, here is a talk by the above mentioned Brian Kennish: