Don’t Let Facebook, or Any Tracker, Follow You on The Web
by hiro | June 7, 2018
In the early age of the internet, people enjoyed a high level of privacy. Webpages were just hypertext documents; almost no personalization of the user experience was offered (or forced). The web today has evolved into a system of surveillance capitalism, where advertising networks follow users while they browse the web, continuously collecting traces of personal data and surfing patterns to create profiles of users in order to target them.
Using the web today, you are a target. And because of the rampant tracking across websites, each time you use the internet, you become an easier target.
By tracking you across different applications and sites through cookies or open web sessions, your personal preferences and social connections are collected and often sold. Even if you do not accept cookies or are not logged into a service account, such as your Google, Twitter, or Facebook accounts, the web page and third-party services can still try to profile you by using third-party HTTP requests or other techniques.
Within the HTTP request, various selectors can be included to communicate user preferences or particular features, in the form of URL variables. Personalized language or fonts settings, browser extensions, in-page keywords, battery charge and status, and more can be used to identify you by restricting the pool of possible candidates among all the visitors in a certain time frame, location, profile of interests. You can then be distinguished, or fingerprinted, across multiple devices or sessions and then the profile the tracker has on you is expanded.
By the sites and applications themselves, the story is spun to sound as if they’re doing you a favor: they say this collection allows them to customize your experience. You see ads more relevant to you, Facebook and others say.
Even if you think of an advertising network as a recommendation system, this same system is also influencing what you see. It’s changing your experience of the internet.
But at what cost is this customization? When confronted with transparency around what this “customization” takes, it “poisons” the ad. So of course these companies are pushing back against transparency, but we need to keep pushing them and doing what we can to prevent them from continuing to exploit us online.
We’re starting to better understand how extensively and evasively Facebook tracks. You can be tracked while you’re logged in, while you’re not logged in, and even when you don’t have an account.
Part of the way they do this is through data they access from the Facebook apps on mobile, through your social connections on Facebook, and through the Facebook web components that can be used by websites and web applications. Every time you visit your local newspaper, if they are using Facebook comments or "like" buttons, these elements communicate some information to Facebook about who is surfing that page.
Facebook collects information on social relationships, data representing users interactions, mobile devices, applications and games, and third-party applications accessed by you or your contacts through the online social network. Facebook was even found to have allowed companies access to the data of users’ friends without consent, even those friends who denied Facebook permission to share info with any third parties.
You can check out this patent application by Facebook to see how user profiles are built and what data is considered.
We have seen how companies aren't merely collecting user information to suggest shiny new products to buy. These profiles were collected by Facebook and shared to third parties, and instead of being used to suggest new products, companies like Cambridge Analytica were exploiting their knowledge of your political ideas and fears to convince you or your friends to vote for the side that was paying them more.
How will this data be used in the future? What other ways has it already been used that we’re not aware of? What can we do about it?
To protect ourselves, we can try to limit what they collect about us online.
How Tor Browser can help
While using Tor Browser won't prevent Facebook from acquiring your contact information if one of your friends uses the Facebook app on their mobile, it can certainly help to stop building up a profile so that third party trackers won't know if you prefer the Washington Post or Teen Vogue, or if you're already planning your next vacation.
Not only does Tor route your traffic through three layers of encryption, it also defends against most of the ways you can be identified online.
Tor Browser was created to allow users to surf the web enjoying the privacy and security features offered by the Tor network, providing what is essentially a real "Private Browsing Mode" by default that defends against both network and local forensic adversaries. Tor Browser has enumerated and isolated a set of properties to prevent tracking networks like Facebook from exploiting stored data to identify users and a set of fingerprinting defenses to prevent device and user identification.
If you have multiple websites open in separate Tor Browser tabs, those websites, or their associated trackers, won’t have access to what you’re up to in other tabs. And any isolated cookies left by any site are cleared after each session.
If you still use Facebook
We understand that for some, Facebook is still a vital part of their online lives, and deleting it isn’t realistic right now. For an added degree of protection, you can visit Facebook on the “dark web” at their .onion site using Tor Browser: https://www.facebookcorewwwi.onion/
Your session on the Facebook onion will be protected through end-to-end encryption, and it will protect you from Facebook learning your location. And just like when you are using Tor Browser, anyone monitoring your connection, like your ISP, will only see you're using Tor and not what you're up to (which they're allowed to sell).
If you've never tried it before, it's not too late to start protecting your privacy from online advertisers, social networks, and anyone else who wants to profit from your personal data by surfing the web with Tor Browser.