A recent survey of some of the most popular websites on the internet has revealed that 75% of them leak personal information or identifying data to third-party tracking sites. The study was performed by university researchers, including Balachander Krishnamurthy of AT&T Labs, and Konstantin Naryshkin and Craig E Wills of Worchester Polytechnic Institute. Their report was presented at the Web 2.0 conference in California last month.
Wills, a professor of computer science at Worcester Polytechnic Institute, gave the following statement:
“No site should be exposing user information to a third party. We believe it is time to move beyond what is clearly a losing battle with third-party aggregators and examine what roles the first-party sites can play in protecting the privacy of their users.”
“Despite a number of proposals and reports put forward by researchers, government agencies and privacy advocates, the problem of privacy has worsened significantly.”
The report concluded that attempts to regulate information leaks in websites had so far been “largely ineffective”, and much more needed to be done to address the issue of online privacy. The most common types of data to be leaked included names, email & home addresses, health information and web browser configuration details. Although it was clear that some information was passed to other sites deliberately, the researchers were unable to establish whether the majority of leaks were inadvertent or not.
Although most of the information leaked was rated as being low-risk, the researchers warned that different pieces of data could still be combined to create detailed user profiles which third-party sites can then utilise to create unsolicited targeted marketing. As the authors had previously examined social networking sites, they opted to focus on alternative popular sites such as health and travel sites which require users to register and create profiles.