Tracker Blocking

What are trackers?

Trackers come in many forms. Generally, regardless of what form of tracking is used, trackers are designed to either 1) track you across different websites, web services, and web apps or 2) collect identifying information about you and your device(s).

Frequently, they do both.

Trackers - or rather, tracking techniques - have existed since the internet was conceived. They're nothing new, per se.

However, especially in the last decade or so, tracking techniques have evolved tremendously.

They have become more sophisticated, becoming harder to detect while collecting increasing amounts of information. Consistently we see that the tracking techniques of Big Tech, Big Data, Ad companies, and even state-sponsored organizations have become downright invasive.

Tracking Cookies

I'm sure that in this day and age, you're aware of what browser cookies are. You've no doubt seen countless banners across many websites that talk about "Cookie consent," right?

Well, in case you don't know, cookies are bits of data that get stored on your web browser by websites. Some cookies are essential for certain websites to function. Some websites have many cookies; others, like avoidthehack!, have very little.

But did you know that there are specific types of cookies? Not every cookie is made the same - some are placed on your device for tracking purposes. Enter the tracking cookies.

Tracking cookies are stored on your device to typically track you across the different websites you visit. They don't do the active tracking themselves, but they store information that websites can retrieve (read) later on.

Arguably, they're what got hammered the most when GDPR went into effect in 2016. That doesn't mean they don't exist anymore, though - they just have more hoops to jump through nowadays.

Remember when I mentioned those Cookie banners on different websites?

Well, typically, when you click "I accept" (or its variation), you should be aware that many sites will take that as consent to place tracking cookies (in addition to any essential cookies) on your browser.

Not all cookies are necessarily bad, but you'll want to block known tracking cookies and only let cookies from websites you trust be stored on your device(s).

Additionally, you should be aware that even cookies that are "benign" can be read by the different websites you visit, which can be used to create/add to a shadow profile of you and your browsing activity. This is especially true if your browser isn't set up to keep cookies in "containers."

Social Media Trackers

These trackers don't necessarily have to identify you if you have an account. (Don't get it twisted though - they'll still track you.)

What they typically do is link data collected about the websites you visit to your established account. This is on top of the information you share directly on the platform and with the platform itself.

Let's take Facebook - the "top social media network" - for example...

They've been at the "top" for so many years because of their extensive data collection - all courtesy of their ever-expanding tracking network. This is in addition to Facebook's overall unfriendly stance on fair competition .

Facebook pixel is a part of this tracking network. Facebook pixel is an analytics tool that webmasters can place on their websites via code. It will track the user's interaction with a website that's completely off Facebook's platform: clicks, page scrolls, length of time on page, timestamp of page accessed, exact exiting links, etc.

So, in addition to what Facebook knows about you on its own platform, it now has access to what you do completely outside of its platform too via social media tracking.

Fingerprinting

In general, fingerprinting is kind of a "catch-all" when it comes to tracking techniques.

It's also a heavy hitter when it comes to web tracking because it uses the information found on/sent by your device to identify you and subsequently track you.

Fingerprinting takes into account your entire device - what browser you have, operating system (and exact version) you are running, browser settings, browser add-ons/extensions, Do Not Track preferences, and more.

Frequently, you'll find that websites fingerprint your browser through the likes of scripts written in a common web language such as JavaScript. These scripts are usually executed silently, without user knowledge.

For example, a website can use a script to silently pull your IP address via WebRTC (which you should disable) without your knowledge. And that's just one bit of information a website can gather from your device and browser.

Fingerprinting has evolved so much so that it is next to impossible to simply "block all fingerprinting" techniques. In fact, it has been demonstrated that on some defvices - such as smartphones - some fingerprinting attacks are not possible to block.

What data do trackers collect or store?

Since trackers come in different forms, the data they collect varies. Because of this, you'll find that many different websites out there use a couple of different tracking techniques to collect as much data on users and visitors as possible.

Tracking cookies can store (for collection by the calling websites):

• What sites you visit
• How long you stay on a site
• How you interact with a site (ex: how many page links you click on)
• Information you put into web forms
• Location data
• Personal information you give to a website

Social media trackers can collect:

• Precise location data
• Ads (within the Ad network) that you've clicked
• Click-throughs on websites
• What sections of a web page you interacted with; did you place an item in your cart?
• Length of duration on a site
• Browsing habits
• Information within stored cookies on your device; are you signed into another service?

Browser/device fingerprinting can collect:

• Information in your browser's referer header; typically the exact URL of the website you were on previously
• User agent string (browser, operating system, device type and/or brand)
• Browser settings (ex: is Do Not Track enabled?)
• Cookies settings
• Device information; this can go as far as pulling device IP addresses
• Precise location data
• Connection header of browser
• Session storage configuration
• Local storage configuration
• Screen resolution
• Operating system of your device (to include exact build/version)
• Browser plugins (including modifications made by add-ons/extensions)
• Timezone
• Fonts (size and type)
• Network information (are you using Wi-Fi or cellular data?)
• Data stored via autofill (otherwise known as autofill attacks)

What is this data used for?

The general answer is that it depends.

But you can safely say that your data is used one of two ways (or both)...

1. Generating profit: whether that is by using your data to improve ad targeting, to recommend things to buy, to manipulate you into consuming more content, or to simply sell your data to the highest bidder... you can bet it's usually to do with someone's bottom line. Typically this is a goal for the private sector.
2. Surveillance: beyond "surveillance capitalism" for profit... some nations/states want to know everything you're doing online. Think 14 eyes, Russia, China, North Korea, or (insert your country's government organization here) who have an interest in tracking you and conducting mass surveillance online.

Ways to block trackers

Typically, there are two basic ways of blocking trackers (and ads, for that matter): on the browser (or device level) and on the network level.

Browser/device level

When it comes to blocking ads and trackers on the device level, how you go about it varies slightly depending what device you're working with.

For example, you may have some sort of advertising/analytics options specific to the device and/or operating system you're using.

In general, though, blocking trackers usually means blocking them via the device's browser. And even with the use of a properly configured privacy browser, you'll more than likely need the help of trusted privacy preserving extensions to help get the job done.

You can change the DNS settings for your device for more robust tracker protection, but that requires you to either set up your own DNS with appropriate blocking lists or to put effort in researching trustworthy DNS servers.

The biggest plus to blocking trackers on the device level is that wherever you go, you generally have that same level of protection against trackers. Additionally, especially nowadays, setting up tracker protection on devices is relatively easy.

The biggest downside opting to only block trackers on the browser level is that protection for one device isn't extended to others, even on the same level. Furthermore, you're really only protecting yourself from the "frontend" so to speak (assuming you haven't touched the device's DNS settings).

View Tracker Blocking Software Recommendations

Network level

Blocking trackers on a network level is far more complicated than configuring a browser and downloading trusted add-ons or extensions. It can be even more complicated than simply changing the DNS settings on an individual device.

Generally, blocking trackers on a network level includes changing DNS servers to more privacy-friendly alternatives and/or using the router itself to blacklist certain domains, such as those associated with known tracker and ad networks.

Some of what you can do also depends on the hardware (and operating system) you run; for example, if you use a router provided by your ISP, then you more than likely can't change what DNS servers it uses. This makes it impossible to use a privacy-friendly DNS alternative or to set up your own DNS server, such as a PiHole.

Furthermore, buying any type of new hardware required to run your own DNS and/or VPN may be impossible for some, due to any number of extenuating circumstances. For example, some users may not have direct acces to the router and/or network settings.

The biggest plus to blocking trackers on a network is that you provide protection to all devices on your network (assuming your router/home network settings are customizable enough to allow this and are configured correctly.)

This protection is often superior to just blocking trackers on the browser level because you can block devices, services, and applications from phoning home to remote servers.

The biggest downside is the probably the complexity for a lot of users... It is also an ongoing task, needing to be monitored in case something breaks.

Additionally, if you run your own "servers" that do the blocking, you must leave them on constantly or else the rest of your network collapses.

View Tracker Blocking Software Recommendations

Importance of blocking trackers for privacy

1. Reduces accuracy of targeted ads

Targeted advertisements and retargeting relies on the data that many trackers and tracking systems store, collect, and provide.

When trackers are allowed to run on your device(s) unchecked, you'll find that very targeted ads will follow you across many websites that you visit.

For example, if you were researching which whether you should buy the new Xbox, you'll find that many ads be about gaming - even more specifically, they may show you deals on the new Xbox from various merchants.

Want another, creepier example? Let's say you were researching plane tickets because you were considering a couple's trip to Jamaica...

Now, every time you log into your Facebook account, you see plane ticket ads to Jamaica. When you go to, Instagram, you see the ad type of ads. You go to your favorite news website and still see the same ad. You even start seeing ticket and lodging ads for Jamaica. You may start seeing ads for the "best things to do in Jamaica" or for "how to make the most of your trip to Jamaica."

The only way to stop this kind of creepy and uncanny advertising is by blocking the tracking methods and techniques that allow big data and ad companies to collect data about you.

You may also want to look into downloading and using a privacy browser and using private search engines to further reduce the accuracy of targeted ads.

2. Escape filter bubbles

You may have heard of filter bubbles.

Filter bubbles refer to the results produced by AI algorithms as we browse and search online.

These results are often produced based off data collected about you, to include both personal identifiable information you provide (either knowingly and unknowingly) and information collected by various tracking techniques.

Filter bubbles have become a large problem, and have gotten worse since the big push towards hyper-personalized marketing.

Ultimately, they manipulate what information you come across while remaining effectively invisible to many users... and the more tracking techniques that collect data about you, the more trapped in an "echo chamber" users become.

3. Helps you keep control of your data

This is probably the most important reasons to block trackers and tracking methods.

At the end of the day, tracking methods are designed to collect all sorts of information about you. This information can include personally identifiable information, and information on your device(s) and browsing habits.

Naturally, when you block various trackers, you limit what information websites, big tech, and big data can collect about you. This gives you more control over the data that you share (either knowingly or unknowingly) with web services, websites, and web apps.