None Of Your Business!

[XFool]

Privacy group targets website 'cookie terror'

BBC News

A privacy group has lodged hundreds of complaints against what it calls "cookie banner terror" online.

"Noyb, headed by well-known Austrian privacy advocate Max Schrems, is targeting companies which it says deliberately make it hard to opt-out of tracking cookies."

[1nvest]

Invisible (1 pixel) images installed in adverts/web-pages can equally track a IP around the web.

Fundamentally majors such as Google employ all sorts of tracking methods, even down to playing inaudible tones that other devices within the vicinity might hear and report as being heard. Plain and simple spying, illegal, but where the state refuses to address such practices, because seemingly money talks and MP's represent those that bribe them over those that elected them.

[Lanark]

Invisible (1 pixel) images installed in adverts/web-pages can equally track a IP around the web.

Fundamentally majors such as Google employ all sorts of tracking methods, even down to playing inaudible tones that other devices within the vicinity might hear and report as being heard. Plain and simple spying, illegal, but where the state refuses to address such practices, because seemingly money talks and MP's represent those that bribe them over those that elected them.

In an advert you don't need a 1 px image because the whole ad is a jpg or similar, the EU cookie law was written by and for the advertising industry via a bunch of EU lobbyists, they want to track people across the internet and they want a legally solid proof that you agreed to that, to avoid any possible class action lawsuits in the future. What they use to track you is irrelevant, what matters is the consent.

If any of the tech companies cared about privacy on the web they would provide some mechanism to change your IP address every few hours.

[UncleEbenezer]

If any of the tech companies cared about privacy on the web they would provide some mechanism to change your IP address every few hours.

Dynamic IP is still the norm: generally you pay extra (or use an upmarket ISP) to get an IP address that doesn't change (which you need for many purposes - like running a server). If your IP doesn't change whenever you reconnect, it's 'cos your ISP is responding to customer demand and giving you a lease on it.

Find a cheap and nasty ISP that doesn't serve people who care.

[GrahamPlatt]

Can someone explain this to me. Ok, I think I understand IP adresses, VPNs and MAC addresses. But how does a pixel or two on a web page track you?

[BigB]

Can someone explain this to me. Ok, I think I understand IP adresses, VPNs and MAC addresses. But how does a pixel or two on a web page track you?

Each web page is made up of numerous individual http requests, each recording an IP address and the "thing" requested - adding a tiny invisible img to any web page page generates one of these requests with your IP address and some other info about your requesting client (browser, app, OS etc) written to the web log files.

[Lanark]

Can someone explain this to me. Ok, I think I understand IP adresses, VPNs and MAC addresses. But how does a pixel or two on a web page track you?

One pixel images are often added to junk emails, if the image is loaded they can tell you opened /read the email and that verifies the email address is valid.
There is no reason to use the technique on a web page, you can just use the referrer info for the page itself.

[Mike4]

I find these huge dialogue boxes that pop up and obscure the web page content a few seconds after clicking a link intensely annoying. The temptation to just click "OK" instead of ploughing through a load of "cookie options" or re-loading in an "Incognito" window is strong.

If some company wrote a programme to run in the background automatically denying all cookies except from my whitelist websites, I'd buy it!

[UncleEbenezer]

Can someone explain this to me. Ok, I think I understand IP adresses, VPNs and MAC addresses. But how does a pixel or two on a web page track you?

One pixel images are often added to junk emails, if the image is loaded they can tell you opened /read the email and that verifies the email address is valid.

... and that the spam has been opened.

This is one reason you should never[1] let your mailer (automatically) load remote contents.

There is no reason to use the technique on a web page, you can just use the referrer info for the page itself.

On the contrary, the pixel is what tracks you! The site you're visiting isn't tracking you, the pixel comes from a site that is. Adblockers and other browser privacy options maintain lists of sites that use pixels, or can refuse to load them (at least automatically).

I find these huge dialogue boxes that pop up and obscure the web page content a few seconds after clicking a link intensely annoying.

I have a sneaking suspicion that's precisely the intention. A protest against an ill-considered cookie law.

If you want to hit back, you can vanquish them with your adblocker as an alternative to engaging in the dialogue. Though that can get you into an arms race.

[1] For values of "never" in normal life. Within a closed group someone might (foolishly) insist on different rules.

[GrahamPlatt]

OK, so what I think I’ve just learned is that if you open a page containing such a pixel, because it’s loaded from a particular site, that site receives info that your email address/ip address has loaded it. That gives the “tracking” site info for that particular instance. And yes, it’s bad enough if it informs “them” that your email address is a) valid and b) you open dodgy pages. But it will not leave anything permanent such as a cookie, so if you then open another web page, “they” can’t know that - so it’s not what I’d call tracking. A matter of semantics perhaps. Or I’ve not understood...

Edit. Ah, unless those pesky pixels are on pretty much every web-page, and thereby there’d be a “track”.

[gryffron]

Edit. Ah, unless those pesky pixels are on pretty much every web-page, and thereby there’d be a “track”.

Exactly, and because just a small handful of companies (particularly google) serve adverts to the vast majority of internet sites, they can track a huge part of your internet activity, so they have a very good picture of both your habits and interests.

But it will not leave anything permanent such as a cookie

Oh yes it will. Often it will anyway. Not a 1 pixel jpg. But a 1 pixel html request can. These are called 3rd party cookies. There are browser settings to explicitly block them if you want to.
And what's more, because ALL the ads come from the same server address, they can all access that same cookie.

Gryff

[UncleEbenezer]

OK, so what I think I’ve just learned is that if you open a page containing such a pixel, because it’s loaded from a particular site, that site receives info that your email address/ip address has loaded it.

Not email address[1]. IP address at the time, yes, but bear in mind that IP addresses regularly change, so that doesn't track users beyond a session either. The tracking comes from the 1px image setting a cookie (which browser privacy options can also prevent).

Edit. Ah, unless those pesky pixels are on pretty much every web-page, and thereby there’d be a “track”.

It's a matter of scale. Sites that specialise in it (often with names less familiar than google or facebook) have lots of clients signed up. Never mind every web page, the scale is such that 0.01% of the right pages is a huge dataset.

[1] Unless you're talking about people dumb enough to load remote contents in email. Email has more effective things: for example individualised tracking links you click to get somewhere.

[1nvest]

Java/script is another thing to be aware of, in giving permission to run scripts you in effect allow strangers to run their code on your device. Again the likes of google have made it awkward to refuse. So even if you've not already installed Chrome (spyware) directly, then they can still run code to do all sorts of things, such as perhaps forwarding your wifi password etc.

Much of the 'click to accept' as others have said is simply a disclaimer .. evidence that you wilfully opted to let others spy (own) you. The failure of the EU/UK/others is to permit such spying instead of protecting their citizens.

[88V8]

In what way does all this matter?
I have an adblocker.
And I browse in a Private window.

Moreover, the govt has decreed that ISPs have to retain my snail trail, so ultimately I can't prevent Nanny State seeing where I've been.

So why does it matter?

V8

[XFool]

If any of the tech companies cared about privacy on the web they would provide some mechanism to change your IP address every few hours.

Dynamic IP is still the norm: generally you pay extra (or use an upmarket ISP) to get an IP address that doesn't change (which you need for many purposes - like running a server). If your IP doesn't change whenever you reconnect, it's 'cos your ISP is responding to customer demand and giving you a lease on it.

My IP address is definitely "fixed" (have been saying so for years!) despite people explaining to me that "it isn't really", my ISP settings saying I am not on a fixed IP address, and I am not paying for one.

[Lanark]

In what way does all this matter?
I have an adblocker.
And I browse in a Private window.

Moreover, the govt has decreed that ISPs have to retain my snail trail, so ultimately I can't prevent Nanny State seeing where I've been.

So why does it matter?

Because private companies are not part of the state.

[XFool]

In what way does all this matter?
I have an adblocker.
And I browse in a Private window.

Moreover, the govt has decreed that ISPs have to retain my snail trail, so ultimately I can't prevent Nanny State seeing where I've been.

So why does it matter?

Apart from anything else, what matters - at least to me and presumably others - is having to click all those Agree/Do Not Agree buttons every bloomin' time you want to look at any website these days. Anything Google (e.g. YouTube) has become almost unusable. Plus having to clear up, block, delete loads of tracking stuff, if you are so inclined.

Long, long ago I advocated browsers rejecting ALL Cookies etc. by default. Allowing the user to choose the ones they needed or wanted. Now, as there are so many of the things, even this would likely be a trial.

[XFool]

OK, so what I think I’ve just learned is that if you open a page containing such a pixel, because it’s loaded from a particular site, that site receives info that your email address/ip address has loaded it.

Not email address[1]. IP address at the time, yes, but bear in mind that IP addresses regularly change, so that doesn't track users beyond a session either. The tracking comes from the 1px image setting a cookie (which browser privacy options can also prevent).

Are you sure?

Decades(?) ago - I think when I was still using Netscape - I discovered my email address in a cookie.
My IP address hasn't changed in years now.

[UncleEbenezer]

OK, so what I think I’ve just learned is that if you open a page containing such a pixel, because it’s loaded from a particular site, that site receives info that your email address/ip address has loaded it.

Not email address[1]. IP address at the time, yes, but bear in mind that IP addresses regularly change, so that doesn't track users beyond a session either. The tracking comes from the 1px image setting a cookie (which browser privacy options can also prevent).

Are you sure?

Decades(?) ago - I think when I was still using Netscape - I discovered my email address in a cookie.
My IP address hasn't changed in years now.

In very early versions of HTTP, your email address itself was an (optional) header. By the time of Netscape (1994) it was basically historic, but because it was there they enabled it as a configuration option (this is all from distant memory, of course). But email addresses themselves didn't start becoming sensitive until the late '90s and the growth of spam and other nasties, so someone might well not have been guarding yours back then!

By (before) the turn of the century it would've been considered quite a bad bug if your browser revealed an email address other than because you yourself supplied it. But you may very well do that: for example, if you're logged in to google then your gmail address follows you around.

Your IP address not changing is your ISP taking the path of least resistance. Any ISP with techie (or aspiring techie) customers gets complaints from users whose IP addresses change.

There's another consideration re: IP addresses. The address you're seen to come from may be not yours, but somewhere on your network. Famously
when AOL first joined the 'net, they used large-scale proxy-sharing, so one AOL-owned IP address (as seen by a popular website) could be a million individual users. That led to problems such as ignorant site admins seeing the traffic as an attack from an IP, so they had to change it. Others didn't have that problem: for example (and this too is, um, ancient), some folks working for Ericsson in Rome were seen as being from Sweden, because that was the IP address seen by the outside world when they went online.

[88V8]

In what way does all this matter?

Apart from anything else, what matters - at least to me and presumably others - is having to click all those Agree/Do Not Agree buttons every bloomin' time you want to look at any website these days.

I just click Agree.
It seems to do me no harm.

Moreover, the govt has decreed that ISPs have to retain my snail trail, so ultimately I can't prevent Nanny State seeing where I've been.
So why does it matter?

Because private companies are not part of the state.

When we had Store Cards, the Stores knew what we'd bought. Watrose knows what we buy and asks me to review it before we've even eaten it.
So why does it matter?

After all, the notion that advertising works and targeted advertising works even better, is what powers the internet, is it not?

Patently, it doesn't work for me because I have an adblocker, but it does no harm to maintain the fiction, otherwise the internet would not be free at point of use.

And your phone tracks you all the time, if you have a so-called smartphone. And if you have a modern car, its built-in GPS does as well. Isn't there some EU bollox requiring that your car be able to dial 999 if something bad happens.

Tracking just seems to be a thing. Not saying I like it. I don't have a smartphone or a modern car, so I'm avoiding those two forms of tracking which you probably aren't. Not deliberately avoiding them, it's a side-effect of me not wanting to be moderne.

So, why does internet tracking matter? I mean, really matter?

V8

PS my supposed IP address as recorded by eBay is wrong by 100 miles.