I have to cringe when I see a fellow IT professional use their web browser, only to see the screen is populated with ads. It’s not the content of these advertisements that I dislike, well actually it’s that too, but the third-party tracking cookies that are part of the payload. I just feel my peers should know better. Aside from the tracking cookies that are often part of the ad, much like the soldiers that hid inside of a wooden horse to enter the city of Troy, these ads sometimes contain malware. But why should you care?
In 2020, The New York Times published a series of articles called The Privacy Project, and one such article highlighted this very issue, Why You Should Take a Close Look at What Tracks You. It happens in the physical world as well, with Bluetooth and WiFi beacons in stores and shopping centers, and automatic license-plate readers (ALPR) on our roads, parking lots, venues, and even our neighborhoods.
I don’t like being tracked. But it’s more than tracking, it’s a psychological profile being used to serve what they call ‘relevant ads’. I can’t blame them really. I mean, why serve an advertisement for Arby’s to a vegetarian?
Have you ever purchased something in a pharmacy, and then later that day you see ads on Facebook or other websites, for that exact same thing? Perhaps you thought your phone was listening? More likely what happened is that phone number you gave the pharmacy for reward points, is linked to your Facebook profile. Yes, Meta are involved in data collection here too.
The nothing to hide argument is also ridiculous so I won’t even entertain that here. The fact is that our data is being collected. Even the data we willingly hand over, perhaps for an online order, will invariably end up in a data breach at some point in time. I don’t want my personal information in the wrong hands, with scammers or identity thieves. If it’s being collected, then you must assume it will eventually be exposed. Did you know that insurance companies harvest and process this data too? And, depending on how they profile you it can increase your insurance premium.
This is just scratching the surface. Like security, achieving privacy online is a fine balance. If you go too far then it results in what we are trying to do, an impossible task. Not enough, and you may think why bother at all?
Now let’s explore our risk profile here. If you are online, then you are not anonymous. The Tor Browser goes pretty far towards anonymity, but it’s not foolproof. VPNs are great, but these are more akin to smoke and mirrors. Don’t ever think a VPN will make you truly anonymous online either. The nirvana we are trying to attain is just a good balance. We want to block ads, block malware, and make it more difficult for websites to track our behaviors. It really doesn’t have to be more complicated than that, for most of us anyway.
Disclaimer
The content on this site is aimed at practical privacy and security - the kind of privacy measures you’d expect the average internet user to adopt, not someone in witness protection or fleeing their country in danger of their life! Extreme privacy requires more than a VPN and well configured web browser, therefore it’s not in the scope of this article. I recently saw a Reddit post by someone fleeing a sex trafficking situation, in genuine fear for their life. If that is you, then look into using Tails on a bootable USB stick, erase and throw away your phone and SIM card, buy a burner phone with cash, and use a pre-paid SIM card in an alias name. Use cash only, gift Visa cards purchased with cash, or privacy.com. Always use a VPN. And, that is just the start.