How can I protect my privacy online?

By Jack Schofield, The Guardian


Some websites now use software that can identify visitors by name, using tracking cookies (small text files websites store on your hard drive), internet addresses, and forms filled in at other sites. (See, for example, You're not anonymous. I know your name, email, and company, and Nowhere to hide: Advertisers can now stalk you across multiple devices.)

Google is the web's biggest advertising company and one of the most obvious trackers. It uses a huge network of ads that are shown across millions of websites, DoubleClick ad-tracking, the Play marketplace on Android phones and Google Search on Apple iOS devices – unless you opt out. It also looks as though the main purpose of its Google Plus website is to get users' real names and other accurate data, which Facebook has but won't provide to Google.

Facebook has also extended itself across much of the web using Facebook Connect and Like buttons. Users can log on to participating sites using their Facebook identity, and this gives these sites access to some information from their Facebook profiles. This is handy but less private than using different IDs for different sites, or using throwaway IDs and passwords from Bug Me Not.

The latest Web Privacy Census by the UC Berkeley Center for Law and Technology found the most popular 100 websites dropped thousands of cookies (6,485 on 24 October), and that 84.7% of them were third-party cookies. In other words, most cookies were not used by the site you visited (Amazon, Twitter etc) but by advertising and tracking companies such as Google's doubleclick.net (the biggest, dropping 69 cookies), scorecardresearch.com (54), and bluekai.com (41).

So yes, there's a whole host of "automated watchers" waiting to see if you use Amazon/your bank/hotel booking sites etc, and they may "spam" you with targeted advertising or perhaps legitimate email offers. (The companies argue that it is better to show you ads about things you are interested in, and they have a point.) Given that there are several hundred tracking companies, it would be surprising if there wasn't some "leakage" into less legitimate approaches, though I've not seen any evidence of this happening. However, hacking is always a possibility.