In the realm of online browsing, a pervasive feeling of surveillance drives consumers to advocate for heightened privacy standards in their digital interactions. Keeping up with the various online tracking methods employed by advertisers and websites, along with the evolving landscape of online privacy challenges, has become increasingly complex.

At the crux of online tracking are technologies such as third-party cookies and fingerprinting, essential tools for websites and advertisers to collect data on users' online behaviours and combine it with other available information to build detailed user profiles. These profiles, enriched with algorithmic inferences, facilitate the delivery of highly personalised advertisements and content.

Historically, third-party cookies have been the most commonly used technology for identifying and tracking users across the web. However with the tightening of regulatory measures around their use and the restriction of their deployment by major browsers such as Firefox, Safari, and Chrome, alternative techniques have been gaining traction. One such method, known as fingerprinting, has established itself in the field of online user tracking.

Traditionally, online tracking has relied predominantly on cookies, small lines of encoded text placed by servers in users' browsers to assign unique identifiers. This enables individualised tracking of users' online behaviour, resulting in the creation of comprehensive user profiles.

In contrast, fingerprinting leverages digital traces to build user profiles through probabilistic methods, without storing identifiers in users' browsers. By analysing inherent device characteristics such as operating system version, installed fonts, languages, screen resolution and plugins, fingerprinting aims to identify users without leaving explicit traces in browsers.

Unlike cookie-based tracking, which leaves noticeable traces and can be managed by users by deleting cookies and configuring browser settings (e.g., blocking third-party cookies), fingerprinting operates silently, complicating detection and mitigation efforts. In addition, users have limited control over the data collected through fingerprinting, increasing privacy concerns.

Both tracking methods conflict with data protection laws, as they facilitate the collection of excessive amounts of consumer data without transparent disclosure of what happens to such data or valid consent. However, the covert nature of fingerprinting poses an even greater threat to consumer privacy, as it circumvents conventional user controls and operates with minimal transparency. 

Despite the discouraging nature of these privacy challenges, consumers can take proactive steps to safeguard their privacy online. By being informed about tracking techniques, using privacy-enhanced browsers, and staying up-to-date with evolving privacy solutions, users can exercise greater control over their digital footprints and mitigate privacy risks.

References:

• Michael Veale and Frederik Z. Borgesius, ‘Adtech and Real-Time Bidding under European Data Protection Law’ (2022) 23 German Law Journal

• Perry Keller, ‘After Third Party Tracking: Regulating the Harms of Behavioural Advertising Through Consumer Data Protection’ (2022)

• Reuben Binns, Tracking on the Web, Mobile and the Internet-of-Things (2022)

• The Quiet Way Advertisers Are Tracking Your Browsing, https://www.wired.com/story/browser-fingerprinting-tracking-explained/

• It’s Time to Switch to a Privacy Browser, https://www.wired.com/story/privacy-browsers-duckduckgo-ghostery-brave/

• ARTICLE 29 DATA PROTECTION WORKING PARTY - Opinion 9/2014 on the application of Directive 2002/58/EC to device fingerprinting https://www.dataprotection.ro/servlet/ViewDocument?id=1089