• United States



Have you protected your privacy by opting out of cross-device ad tracking?

Oct 06, 20135 mins
Data and Information SecurityMicrosoftSecurity

Your online behavior is tracked, without cookies, across multiple devices to form a single profile, but are you proactive about protecting your privacy by opting out?

If you don’t use the online anonymity network Tor, then you might not have more than a passing interest in the fact that the NSA sometimes uses ads, and cookies, to track and identify Tor users. To the NSA, you and your life may likely be yawnsville; you may be too “boring” to be a “person of interest” who is important enough to track (or maybe not). To an online advertiser, there is nothing too boring about your online browsing activity to track.

The marketing practice of tracking online behavior with cookies is certainly not new, but do you even see, nevertheless click on, ads? Many people haven’t seen ads while browsing for years and years thanks to extensions like Adblock Plus. Even if you don’t see those targeted ads, they can still be tracking you; so can social networks, something easily proved by using browser extensions like Abine’s DoNotTrackMe, Ghostery or Collusion.

While there is a chance a person could be tracked online via something like evercookie, created by Samy Kamkar, that persistent tracking cookie has been around for about three years. Much has changed in the last year alone and tracking people online via cookies is old school. Being able to identify your online behavior to track you across all your devices, without using cookies, is where it’s at now. Some people have suggested that cross-device tracking reached a “tipping point” in 2013.

Google is working on replacing traditional third-party cookies in Chrome with an “anonymous identifier for advertising, or AdID,” to deliver targeted ads based on browsing history. Although Chrome is currently the most popular browser, it might not be your mobile web browser of choice.

How many digital devices do you use per day to get online? A laptop, smartphone, tablet, work PC? One recent report found that “the average American consumer uses more than three devices to access the Web.” Studies suggest we share social media differently on mobile than we do on a desktop. We research retail products and shop differently on each device. Cross-devise advertising, tracking consumers across multiple screens, multiple devices, was a hot topic at the 10th Annual Advertising Week held in September. In fact, it’s been called the “hottest marketing topic of the year” [pdf].

“Drawbridge is one of several start-ups that have figured out how to follow people without cookies, and to determine that a cellphone, work computer, home computer and tablet belong to the same person, even if the devices are in no way connected,” reported the New York Times in an article titled “Selling secrets of phone users to advertisers.” If you want to see something creepy, watch the numbers fly by on the Drawbridge counter. It won’t be long before it rolls over to 800 million “devices bridged for precision audience targeting.”

“We’re observing your behaviors and connecting your profile to mobile devices,” said Eric Rosenblum, chief operating officer at Drawbridge. But don’t call it tracking. “Tracking is a dirty word,” he said.

Kamakshi Sivaramakrishnan, founder of Drawbridge, added that “its pinpointing was so accurate that it could show spouses different, personalized ads on a tablet they share. Before, she said, ‘ad targeting was about devices, not users, but it’s more important to understand who the user is’.”

Besides Drawbridge, numerous other companies like Greystripe, Tactads, Tapad can track and profile users across devices. But if you don’t know about it, then how can you opt-out to help protect your privacy?

Since privacy is important to consumers, Drawbridge reached out to Data Privacy Management company TRUSTe to offer “privacy-safe ads.” It doesn’t happen automatically. If you don’t want your online behavior to be profiled and tracked across multiple screens for targeted advertising, then it’s up to you to take action. How it works:

TRUSTe enabled mobile ads served by Drawbridge carry an AdChoices Icon. If a user clicks on the icon, they will have the option to avoid any interest-based ad targeting from TRUSTe partners, or to avoid any Drawbridge ads. Once opted out, that choice will apply across all the devices that Drawbridge connects to that unique user.

While it’s nice to have some choices about protecting your privacy across multiple devices, you must be proactive about it. Sadly, most folks are not. According to TRUSTe, “During July 2013, out of nearly 15 1⁄2 million impressions of Drawbridge mobile ads, just under 11,000 users chose to click on the AdChoices Icon. Of these impressions, just 8 users chose to opt out, representing 1 opt-out for every 1.9 million mobile ad impressions.”

It’s a world of big data and predictive analytics; you have to do some work if you want to protect your privacy.

Like this? Here’s more posts:

  • Wickr: Free texting app has military-grade encryption, messages self-destruct
  • IE zero-day attacks to ramp up: Metasploit releases module
  • Ctrl+Alt+Del ‘was a mistake’ admits Bill Gates, who said ‘no’ about returning as CEO
  • Report: NSA tracks and maps American citizens’ social connections
  • Researchers develop attack framework for cracking Windows 8 picture passwords
  • Microsoft warns of IE zero day in the wild, all IE versions vulnerable
  • Been groped by TSA agents? Former DHS official implied privacy advocates are to blame
  • F-Secure’s Mikko Hypponen: George Orwell was an optimist
  • Not even Microsofties trust Microsoft’s approach to privacy
  • Microsoft Research: Secret tags in 3D-printed objects, hooked to the Internet of Things
  • Gmail is the preferred email service of terrorists, claims former NSA chief
  • Are Bing it on challenge claims a bunch of bunk?

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.