[ThreatPost] Sneaky Web Tracking Technique Under Heavy Scrutiny by GDPR

Posted on

[ThreatPost] Sneaky Web Tracking Technique Under Heavy Scrutiny by GDPR

What will new General Data Protection Regulation laws mean for websites that use sneaky web trackers such as browser fingerprinting to profile visitors ? Privacy experts say the practice is likely illegal under the newly-enacted GDPR regulation. But they also say don’t expect the method of tracking users to disappear anytime soon, said the Electronic Frontier Foundation in a report issued Tuesday.

Using the HTML5 framework, websites are able to identify users (or a browser image) not by cookies, but the unique characteristics of a browser such as fonts, SVG widgets and WebGL—for starters. The technique is called browser fingerprinting or canvas fingerprinting. Websites harvest the browser data to produce a single, unique identifier to track users across multiple websites without any actual identifier persistence on the user’s machine. […]

“ Looking at how web fingerprinting techniques have been used so far, it is very difficult to imagine companies moving from deliberate obscurity to full transparency and open communication with users, ” he said in a post, written along with Katarzyna Szymielewicz, co-founder and president of the Panoptykon Foundation. “ Fingerprinting companies will have to do what their predecessors in the cookie world did before now : face greater detection and exposure by coming clean about their practices, or slink even further behind the curtain, and hope to dodge European law. ” […]