The digital world is the fastest way of connecting with your customers, colleagues, family and friends, but unfortunately, it isn’t always the safest one. Privacy is the right of every human being on the planet. But it is the right that is challenged most often. So, we want to share something important with you today.
We recently came to learn of this amazing new tool called Blacklight, that is a real-time website privacy inspector. This inspired us to bring you a quick download on everything you need to protect yourself and your privacy.
The tool emulates how a user might be surveilled while browsing the web. Users type a URL into Blacklight, and it visits the requested website, scans for known types of privacy violations, and returns an instant privacy analysis of the inspected site. The types of surveillance that Blacklight seeks to identify are third-party cookies, ad trackers, key logging, session recording, canvas fingerprinting, Facebook tracking, Google Analytics “Remarketing Audiences”.
The alarming state of affairs
On their website, The Markup notes that while scanning hundreds of sensitive sites using Blacklight, they found that tracking was surprisingly common. Health information websites like Everyday Health and WebMD sent user data about page visits to dozens of marketing companies. Various government websites providing information about COVID-19 sent information about the site visitors to advertising companies without users’ knowledge. Most unsettling, the Mayo Clinic used key logging to capture information about people’s current medical ailments in pages where they sign up for appointments and clinical trials. Even if people changed their minds and decided not to submit the information, the captured data was still sent to an endpoint on the Mayo Clinic’s server labeled “web forms for marketers/tracking.”
It gets worse
Maybe the websites you see as “free” aren’t free after all, for there is a high privacy cost to be paid. Some sites’ privacy policies do not even lightly mention the tracking and invasive key logging taking place.
How to protect your privacy online
- Choose your internet service providers (ISP) wisely. ISPs can often know your online search history and store that information for months. There are two ways to protect your privacy if you don't want your ISP monitoring your browser queries: switch to an ISP that doesn't monitor your online data or get a VPN to protect your data. A VPN (virtual private network) is a type of software that protects your internet browsing by encrypting your online data and hiding your true IP address.
- Browse safe. Read the terms and conditions of your browser, so you know what information they might be storing. For the most part, web cookies are harmless and only work to make your browsing experience hassle-free. However, some third-party cookies may remain active even on websites they didn't originate from. They also track your online behavior through the sites you visit and monitor what you click on. So, we recommend that you clear your cookies every once in a while.
- Alternately, you could always browse in the Incognito mode. This way, your browser won’t save any visited sites, cookies, or online forms. However, be warned that your activities may still be visible to the websites you visit and your ISP.
- Lastly, consider anonymous browsers like TOR (the onion browser) and a private search engine like DuckDuckGo to protect information about your location, online searches and preferences.
While it seems to have achieved quite the feat, the Markup doesn’t hesitate to note all the challenges Blacklight is yet to tackle, “There are limitations to our analysis. Blacklight emulates a user visiting a website, but its automated behavior is different from human behavior, and that behavior may trigger different types of surveillance. For instance, an automated request might trigger more fraud detection but fewer ads. Given the dynamic nature of web-based technology, it is also possible that some of these tests will become out-of-date over time. And new legitimate-use cases for the techniques Blacklight flags could emerge that would not be listed in the tool’s caveats. For this reason, Blacklight results should not be taken as the final word on potential privacy violations by a given website. Rather, they should be treated as an initial automated inspection that requires further investigation before a definitive claim can be made.” If only every organisation could be as transparent.
Which is why you deserve to know
Every netizen has the right to know whether their privacy is compromised in any manner or their personal data used for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
The Builder promise