Researchers have developed a technique that allows websites to track visitors that use more than one browser to access the internet, a key defense employed by the privacy conscious against sites that seek to identify visitors’ “digital fingerprints” – and a cyber privacy expert has said it could spell the end of anonymous browsing.
Web-savvy individuals have long sought to prevent websites accessing their “digital fingerprint” by using different browsers, and while the technique is unsophisticated, it has hitherto been entirely effective. Web user are moved to shroud their “digital fingerprints” as they can be used by websites to track an individual’s entire internet usage, across multiple websites.
Websites have long-sought to circumvent this trick, employing covert strategies such as monitoring the way visitors type on their keyboards, and embedding imperceptible sound in online ads and websites.
Website to find out your digital fingerprint, compare global stats and info on how to protect your privacy online https://t.co/iGzCh3qGy1
— Paula Minelgaitė (@PaulaMinelgaite) August 25, 2015
However, the technique stumbled upon by researchers allows any website to easily and effectively track an individual’s activity works across multiple browsers for the first time, and is also even more accurate than previous single-browser fingerprinting.
(Cross-)Browser Fingerprinting via OS and Hardware Level Features: https://t.co/OvOcKoL0Ia (pdf)
— Binni Shah (@binitamshah) January 13, 2017
The researchers tested the new application by collecting 3,615 fingerprints from 1,903 users over a three-month period — it successfully identified 99.2 percent of users.
Alex Walker, chief technology officer at UK cybersecurity firm Hook.ee, believes that while the average net user doesn’t necessarily change their browser with much frequency, the technique still means an individual’s online life will be considerably less private in future.
“It’s definitely harder now to protect yourself, as you may have multiple browsers, but not multiple machines. This will be a goldmine for sites that rely on targeted advertising — I believe Amazon make 30 percent of their sales based on recommendations — and with 99% accuracy, it’ll increase advertising revenue a tiny bit. It also shifts the cost of advertising to the consumer — using a digital fingerprint, they can get your computer to perform a variety of tasks, each one costing battery power, and therefore electricity,” Mr. Walker told Sputnik.
Mr. Walker believes there’s not much users can do to beat the technique either. Moreover, the ultra privacy conscious, who use the Tor browser — repeatedly endorsed by Edward Snowden — to access the web may not be safe from its reach, either.
“If a user hits targeted advertising while using Tor, then change to their normal browser, that advertiser could know that it was the same person — that’s not so cool,” Mr. Walker added.
“Parties who wish to process device fingerprints generated through the gaining of access to, or the storing of, information on the user’s terminal device must first obtain the valid consent of the user,” the EU’s data regulator group wrote.
In a statement, Jim Killock, executive director of the Open Rights Group, said that while many companies had “little interest in being transparent about their use of customers’ data,” building profiles to deliver personalised content and adverts “clearly” falls under e-privacy and data protection laws, and should be governed by the same restrictions as cookies and the like.