«

»

Jul
20
2012

Websites Are In The Dark About Third Party Tracking

Tony Berman
Sr. Product Manager | TRUSTe
@otaat

TRUSTe’s Website Tracker Audit Service was recently used in an experiment to analyze the accuracy of the privacy disclosures of some of 116 popular websites on the Internet (see footnote for a list of domains scanned)[1]. Forty eight percent (48%) of the sites included in the experiment do not disclose all the tracking technologies used on their site. This really drives home the fact that almost 50% of websites are not fully aware of all the tracking going on.

The key to fully understanding the tracking technologies on your site and how they affect online privacy is multifaceted.  You need to fully vet the Who, What, When, Where and How of website trackers:

WHAT, WHO, WHERE, HOW, WHEN

WHAT tracking technologies are used on a site?
You need to able to differentiate cookies, flash cookies and other technologies such as web beacons/ pixel tags and scripts on a website. It is important to know whether these are set by first or third parties.

WHO is on a site?
In order to investigate whether a third party should be on your site in the first place you need to know who they are and what risk they may pose to you and your users.

WHERE are the trackers on the website?
You need to know what pages on your site that these third parties appeared, to make it simple for webmasters to quickly isolate and correct any issues.

HOW they got onto the site
Surprised that a particular third party is on your site? You need to understand how they got there in the first place, by having visibility into all urls that were called to place the third party on your site. This is often referred to as a piggy-backing, or daisy chaining.

WHEN and how often do I need to know?
You need to have immediate access to regularly updated site audit reports and alerts to any new third parties on your site, so that you can be confident that you are disclosing site behavior accurately at all times and so that you can take appropriate steps should an unauthorized tracker appear.

Other considerations

You also need to be able to:

  • Scan from Multiple geo-locations
  • Manage authorized third parties – i.e., have the ability to designate particular third parties as authorized. This allows for clearer insight into any unauthorized tracking that may be happening on their site

As daunting as this may all sound, there are technologies that make this very easy!  As you’d expect we’ve packaged that up for you with alongside a management portal for easier drill-down into the Who, What, Where, When and How of website trackers.

More information on our Website tracker audit is available at: http://truste.com/products-and-services/enterprise-privacy/website-tracker-cookie-audit.

TRUSTe customers interested in participating in usability studies of our Website Tracker Audit service can let us know at cookie_audit @truste.com.

We aren’t done yet with our tracker audit service! Expect to see updates in this blog as more major features roll out in the second half of the year.



[1] List of domains analyzed:

tfd.com,  thefreelibrary.com,  farlex.com, 4shared.com, about.com, alibaba.com, aol.com, apple.com, basecamphq.com, Blogger.com, cj.com, dell.com, demonoid.me, ebay.co.uk, facemoods.com, fc2.com, flickr.com, godaddy.com, google.ca, google.co.uk, google.com.au, hdfcbank.com, hotfile.com, abcnews.go.com, disney.go.com, espn.go.com, engadget.com, hubpages.com, huffingtonpost.com,  imdb.com, Informer.com, intuit.com, jquery.com, login.live.com, maktoob.com, mediafire.com, mgid.com, netflix.com, nytimes.com, ovh.net, paypal.com, pinterest.com, spellingcenter.com, t.co, tagged.com, thefreedictionary.com, tribalfusion.com, tumblr.com, twitpic.com, Verizonwireless.com, vk.com, WordPress.com

www. Microsoft.com, adobe.com, amazon.com, answers.com, ask.com, babylon.com, bbc.co.uk,  Bing.com, bitly.com, capitalone.com, cbs.com, cbsnews.com, cbssport.com, chow.com, clicker.com, Cnet.com, cnn.com, conduit.com, constantcontact.com, craigslist.org, ebay.com, etsy.com, facebook.com, fotolia.com, gamespot.com, go.com, google.com, gsmarena.com, ibm.com, last.fm, linkedin.com, livejasmin.com, livingsocial.com, maxpreps.com, meetup.com, metacafe.com, metacritic.com, moneywatch.com, msn.com, odesk.com, pandora.com, people.com, reddit.com, reference.com, roving.com, sitesell.com, softpedia.com, speedtest.net, techrepublic.com, tv.com, twitter.com, urbanbaby.com, usps.com, walmart.com, wikipedia.org, yahoo.com, zdnet.com, zune.net, y8.com, youtube.com, zedo.com, zeekrewards.com

 

 

 

 

Comments