145 Top Web Sites Track Users despite “Do Not Track” Restrictions
Nearly 1.5% of the Internet’s top websites track visitors without their knowledge or permission, even when they have explicitly enabled their browser’s “Do Not Track” option, according to new research into the practice known as device fingerprinting. Also called browser fingerprinting, it is a process that collects the screen size, list of available fonts, software versions, and other properties of a visitor’s device to create a nearly-unique profile of that device that can be used to track them across the web.
But the researchers found the websites used device fingerprinting to track visitors even when they explicitly request not to be tracked by enabling the Do Not Track HTTP header, and that few sites informed visitors of the practice.
Not content with purely academic analysis, the researchers developed a tool called FPDetective that analyzes websites for suspicious scripts to help visitors evade device fingerprinting.
Although the researchers followed legal advice in not listing the websites it found using device fingerprinting, researcher Gunes Acar of KU Leuven University in Belgium told Ars Technica that they included orbitz.com, tmobile.co.uk, pokerstrategy.com, anonymizer.com, westernunion.com, and t-online.de.
To Learn More:
FPDetective: Dusting the Web for Fingerprinters (by Gunes Acar, Marc Juarez, et al., KU Leuven) (pdf)
Top Sites (and maybe the NSA) Track Users with “Device Fingerprinting” (by Dan Goodin, Ars Technica)
- Top Stories
- Unusual News
- Where is the Money Going?
- U.S. and the World
- Appointments and Resignations
- Latest News
- Principal Deputy Director of the United States Mint: Who Is Rhett Jeppson?
- Coordinator of the Bureau of International Information Programs: Who is Macon Phillips?
- Acting Under Secretary of the Veterans Benefits Administration: Who Is Tom Murphy?
- Director of the American Institute in Taiwan: Who is Kin Moy?
- Acting Under Secretary of the National Cemetery Administration: Who Is Ronald Walters?