When the NSA tracking scandal broke out, the whole world raged about the privacy of common people. But the truth is that we have been silently giving out our personal details to online ad networks without any qualms.

Privacy activists are fighting against behavioral retargeting of ads by online companies. Europe’s latest legislation on the right to forget and the UK’s rule on “Do not track” notifications are steps taken in order to curb unethical online tracking by companies. But major ad networks are lobbying against these rules and calling for self-regulation of ad networks, which usually never happens. In fact, recently, companies like Yahoo have openly declared that they will not honour the “Do not track” option on browsers.

While these issues are unsolved, ad networks are moving into more sophisticated targeting method called “Device Fingerprinting”. Over the years, some companies have been collecting information from the browsers of various devices. Although every phone or laptop can have similar operating system and hardware, the clock setting, fonts, applications installed and browser settings are different. Based on these characteristics, each device can be uniquely identified without even placing a cookie on a browser. For example, Peter Eckersley of the Electronic Frontier Foundation demonstrated this technology on a specific website. He could track 94.2% of unique device ids from 2 million visitors of the website whereas cookies can give only 78% unique device ids. (Richmond, 2013)

While the legality of cookies is debated, device fingerprinting is considered legitimate as it was originally used for security purposes to prevent online fraud. It’s stateless, doesn’t need implicit permission from the user and will work even if the browsers are in ‘private’ mode. Interestingly, 145 websites out of the top 10,000 use flash based fingerprinting, while 404 out of the 1 million top websites use JavaScript based fingerprinting. (Richmond, 2013)

How does this change marketing?

1. Device fingerprinting is a universal solution as it enables cross-device tracking; the devices of one person can be tied up together to get more information. For instance, the browsing history on your PC can be linked to the books you read on a Kindle, thereby enabling marketers to create more personalised ads for books.

2. The marketing messages can be modified real-time. For example, Facebook can change the content of the ads based on what device you are using to access Facebook.

3. The accuracy is relatively high and the technology is a low cost alternative for the ROI it provides.

How will consumer privacy be affected and how can we modify it?

Device Fingerprinting is the biggest attack on individual privacy as it is anonymous. Regardless of the fact that companies like Blue Cava and Maxmind allow people to opt out from tracking, the websites that use their services don’t mention this explicitly, unlike the cookie policy. Ideally, there should be legislation to control the information that can be used but with web services companies lobbying for self-regulation even on the behavioral recruiting issue, this would be impossible.

As marketers, the responsibility lies on us to give adequate information to the users and it is preferable to use the “permission marketing” technique. We should track and market our services to the users when they opt-in for this service instead of putting the onus on the users to opt out. The question: is are we ready to do it?

List of references

1. Richmond.B (2013) How “Device Fingerprinting” Tracks You Without Cookies, Your Knowledge, or Consent. Available from http://motherboard.vice.com/blog/device-fingerprinting-can-track-you-without-cookies-your-knowledge-or-consent [Accessed 17 October 2014]

2. Julia.A and Devries J.V (2010) Race Is On to ‘Fingerprint’ Phones, PCs. Available from http://online.wsj.com/news/articles/SB10001424052748704679204575646704100959546 [Accessed 17 October 2014]

3. Brodkin.J (2014) Yahoo is the latest company ignoring Web users’ requests for privacy. Available from http://arstechnica.com/information-technology/2014/05/yahoo-is-the-latest-company-ignoring-web-users-requests-for-privacy/ [Accessed 17 October 2014]

Comment on Facebook

Last updated by at .


Posted by Sylvian

Marketing Analyst by profession, a quizzer by passion, a blogger by choice, a poet by chance, a non-conformist by gene and a rebel by birth

Leave a reply


Your email address will not be published. Required fields are marked *