5 Private Things Websites Learn About You Without Your Knowledge
Browsing the internet seems like such an innocent activity, doesn’t it? You search Google, visit a few websites, and read interesting information. Would you be surprised to know that websites are collecting lots of information about you as you read?
The following five things websites can learn about you when you visit may shock you. In every case, you should understand what your browser is sharing with the owners of those sites, and how you can prevent it.
1. Where You Live
One of the easiest pieces of information a website can learn about you, is where you live. This is because the identity of every computer on the internet is recorded via an IP address.
Website owners install tracking scripts throughout their site to scrape that information from your session. These aren’t malicious scripts. People who run websites just want to know as much as possible about the people who visit their websites, so they can offer content that’s most relevant to the majority of their users.
One of the most relevant pieces of information is your location.
With your IP address, website owners can analyze where in the world the majority of their readers come from.
To see this in action, just go to Google and type in: “What is my IP address?”
The result should look something like this.
To take this a step further, you can see how this translates to a geographic location by going to IPLocation.net.
You don’t even have to type anything in. The website will instantly show you your IP address and eveything it’s able to figure out about you from that, including your geographical location.
- Your internet service provider (ISP)
- The town where you live
- Your GPS coordinates
This information is also commonly collected by most commenting apps on many websites. For example, one of the most popular commenting services, Disqus, provides website owners with the IP address of every person who makes a comment on their blog.
This information is very useful for moderating comments. As you can see by the “No issue detected” status on the comments above, the Disqus platform uses a commenter’s IP address to identify them. This is useful for identifying people who spam, or are otherwise abusive on the platform.
Website owners can then blacklist those IP addresses so those people can’t comment on the site anymore.
How Do I Hide My IP Address?
This information is the easiest to hide from websites. In fact, we offer a frequently-updated list of the best VPN services because so many people use them to keep their location private.
Some of these services are even free. For example, you can go to hide.me and choose what country you want websites to think you’re from.
This free service will tunnel your traffic through servers located in that country and makes all websites you visits think you’re located there.
There are plenty of free services like this for masking your IP address . If you want a more permanent solution, then you’re better off subscribing to an inexpensive VPN service and using it consistently for all of your web browsing.
Just keep in mind that not all VPN services are created equal. You’re still giving up your IP details to the VPN service you’re using. So keep in mind that you also need to protect your privacy from bad VPN providers .
2. System Information and Demographics
Most websites use either an ad script or an analytics script on every page of their site to gather as much information about you as possible.
Many people don’t realize just how much information their web browser provides to websites. Website owners can gather your browser type, operating system, screen resolution, and even the version of Flash that you’re using.
Going a step further, if you remain logged into your Google account while you’re browsing the internet, Google even tries to guess your age and gender based on your search patterns.
This information is also provided to website owners via Google analytics, and used for better ad displays as well.
One thing that’s important to note is that there is absolutely no sensitive information gathered by these scripts. That’s because they don’t actually have access to any sensitive information about you.
All they can gather is what they can “see”, which is basically very general information about the software and hardware you’re using to connect to the internet. The rest, like age and gender, is just based on guesswork and not always accurate.
How Do I Hide My Demographics?
Many people have decided that to hide information like this, they’re going to use an ad blocker, which essentially prevents those scripts from working properly.
There are several big problems with these ad blockers.
- Most ad blockers stop useful web-based applications from working properly
- Ad blockers are leading to the loss of some wonderful free content as website owners are forced to shut down
- Free access to news is disappearing as news publishers fight back by putting up paywalls
- Ad blockers don’t distinguish between malicious ad scripts and safe ones
If you’re concerned about your privacy, there are two things you can do that will work better than using ad blockers. One option is using a VPN as mentioned above. Another is not logging into Google when you browse the web. Many people consider using Google services a major risk to privacy . Or, as an alternative, use a privacy-focused search engine like DuckDuckGo.
If you’re concerned about malvertisements (advertisements that infect your computer), ad blockers are a poor choice. They are only programmed to block the display of advertising, but won’t protect you from all of the threats that are out there. There are simple steps you can take to protect yourself.
- Disable Flash and Silverlight since those are the security weak spots that malvertisements exploit
- Install one of the best antivirus applications out there
- Install a good browser antivirus plug-in
3. Your Family and Friends
One source that many websites have to gather information about you is social app integration. Many people give very little thought to providing a site or a web service permission to access their social account data.
If you think about this, providing access to your social accounts is one of those actions that opens up some of the most sensitive and personal information about yourself.
With even just read-only access, businesses can gather who your family and friends are, your likes and dislikes, and even how often and where you travel or take part in hobbies. It’s a gold mine for advertisers and marketers.
If you want to see just how many sites and services you’ve given access to your data over the years, log into your Facebook account, click on settings, then click on Apps and Websites in the left sidebar. There, you’ll see all of the sites you’ve allowed to see your social data.
If you’ve never looked at this area of your Facebook settings before, and you tend to allow this access without giving it much thought, the list here may surprise you.
If there are any on here you don’t recognize, click on the icon and then click on the Remove link at the bottom to get rid of that access.
Next, click on the Business Integrations link on the left sidebar, and review the businesses you’ve provided access to.
If there are any here that surprise you as well, remove them as well.
You can do the same on your Twitter account my clicking on your profile icon, clicking Settings and Privacy, and then Apps in the left navigation bar.
If there are any social integrations here that you don’t recognize, just click Revoke access.
Another important step to take is to lock down your social accounts so you aren’t sharing sensitive information publicly.
4. Your Address, Phone Number, and Email
Even though it seems very simplistic to say you shouldn’t type your email or mailing address into an online form if you don’t want that private information shared with other businesses, many people do exactly that without giving it much thought.
Consider how many websites or businesses you’ve “signed up” with where you’ve quickly filled out a form with your email or your mailing address. Many people realize that information is private and could be used in nefarious ways in the wrong hands, but the desire to use some online service or app often overpowers the desire for privacy.
Even forms that allow you to connect to the service via your social or Google account provide the same information to those businesses.
In fact, as mentioned above, using your social account provides a whole lot more than just your email and address.
This isn’t to say that you should never fill out any form online, but do so sparingly. Make sure these are major brands or businesses that you’ve done business with before and you know you can trust.
5. What You Like
Did you know that websites are able to discover what hobbies and interests you have whenever you visit their web page?
It’s true. By checking out your online browsing history, which your browser is more than happy to share with websites you visit, website owners are able to tailor their content more toward your interests.
But is this a good thing? Do you want the people knowing everything you’re interested in? And how does your browser know that, anyway?
The simple answer is: cookies.
There are a lot of misconceptions out there about cookies. Cookies are just strings of text stored in a small file, logged by your browser. They store information about the sites you visit, like session identification (so sites know it’s you the next time you visit), your preferences on the site, and other information.
This is used to customize a website visit so you don’t have to log in and set everything up all over again the next time you visit.
These are known as first-party cookies, and are generally very safe. The privacy concern comes from what’s known as third-party cookies.
What Are Third-Party Cookies?
Third-party cookies are usually cookies stored by your browser for companies that manage advertising or marketing for a website. These are services installed and enabled by the websites you visit, and those third-party companies are the same companies that track information for numerous websites.
There is no difference between how first-party and third-party cookies work and what they track. The only difference is that the third-party company that manages third-party cookies knows more about your browsing habits across the entire family of websites they manage.
This is how a company like Google can figure out what you like, because they have access to third-party cookies across all sites that use Google Adsense.
Technically third-party cookies aren’t dangerous, and only have access to information you willingly provide to websites. They don’t store your search history, they don’t store your social security number or credit card number, and they can’t spy on you through your webcam (yes, some people actually believe this).
If third-party cookies scare you, you can easily block them in every major browser. For example, in Chrome go into Settings, Advanced, click on Content Settings under Privacy and Security, click on Cookies, and then turn on Block third-party cookies.
This allows you to keep trusted first-party cookies active so you can still have a flexible and functional experience on the websites you enjoy. But it’ll prevent third-party advertisers, marketers, and other services from tracking you across different websites.
Keep in mind that in the case of Google, this only blocks tracking your visits to sites across their wide ad networks. It doesn’t prevent them from tracking your web behavior when you use the Chrome browser while logged into your Google account.
Take Control of Your Online Privacy
Everyone has their own level of comfort when it comes to what information you’re sharing about yourself when you’re on the web. Some people may not care who knows what browser or operating system they use.
But those same people may be quite concerned if a website has access to their geographic location or their email.
Understanding your own level of comfort with what information you’re sharing, and taking appropriate measures to protect that information , is something everyone who uses the internet needs to do.