A new study of leading Web sites in news, travel, retail and finance shows that such sites routinely sacrifice their users' privacy for financial gain. Nearly 86 percent of the sites analyzed planted third-party tracking cookies in visitors' browsers, according to Web site testing specialist Keynote Systems, and 60 percent were in cahoots with at least one tracker that violated good industry privacy practices.
Nearly all sites classified as "travel and hospitality" and "news and media" planted third-party cookies that tracked visitors' Web activity after they left the site, as illustrated in the infographic below. News and media sites led the pack in exposing visitors to an average of 14 tracking firms during a typical visit.
Financial services sites were only slightly better. Three in four exposed visitors to tracking cookies, and more than half used trackers that did not comply with good industry privacy practices.
Of the 211 third-party trackers observed during the study, only one honored the Do Not Track feature in major browsers. That's understandable from a business perspective. A person's online activity indicates what they may be interested in buying, so advertisers use tracking data to deliver ads that a Web site visitor is most likely to click.
The flipside is that businesses profit at the expense of the public's privacy. If a person had to first opt in to being tracked, then third-party trackers would be less egregious. However, there are no laws requiring an opt-in, so the option is rarely offered.
Keynote director of privacy services Ray Everett hesitates to blame the Web sites, saying that most have privacy policies that explain what they do with the personal data they collect. (However, studies show that few people actually read those policies, many of which are filled with legalese.) The problem stems more from the third-party trackers working for the advertisers. "Publishers are trying to do the right thing, but because of the chaotic nature of the ad ecosystem, they are sometimes making promises that the ecosystem can't deliver on," he told ReadWriteWeb.
Studies of Internet users' attitudes toward being tracked are not favorable to trackers. Forrester Research found that 52 percent of 37,350 people it surveyed were concerned about companies accessing their Internet browsing history. A Pew Research Center poll found that 68 percent were "not OK" with targeted advertising because it meant having their online behavior tracked and analyzed.
Privacy advocates point to such studies as proof the public is on their side. While marketers see targeted ads as saving consumers' time by focusing marketing messages on their interests, activists see them as nothing more than personalized spam. The Electronic Frontier Foundation has pointed out that Web trackers are moving further away from privacy protection with the development of "Flash cookies" planted in the Adobe Flash plug-in instead of the browser. Such cookies can't be easily removed using browsers' cookie-deletion tools.
Standing in the middle of this tug of war is Congress. The Senate is currently looking at whether online advertisers and publishers can be trusted to self-regulate their compliance with the Do Not Track protocol (still in progress). Today, Do Not Track amounts to a list of principles created by the Digital Advertising Alliance, according to EFF.
So the debate around online privacy protection rages on. In the meantime, the public has no easy way to stay off of trackers' radar.