Commentary

EFF: It's Harder To Erase Digital Fingerprints Than You Think

At the beginning of this year, the digital rights group Electronic Frontier Foundation asked users to visit Panopticlick in order to determine how easily they could be identified based solely on their browsers.

Four months and 470,161 browsers later, the EFF says it has reached a conclusion: More than eight out of 10 Web browsers, or 84%, have "unique signatures" that can be used to identify them. When browsers had Adobe Flash or Java plug-ins, 94% were "unique and trackable," according to the EFF.

Even when visitors came back to the site after tweaking their browsers' settings, their browsers remained recognizable, the group reports. To arrive at that conclusion, the EFF looked at a group of almost 9,000 users who accepted cookies and visited the site more than once in 24 hours. Of that group, 37% made a slight change to their browsers -- likely in response to the tool's suggestion about how to alter digital fingerprints. Yet the EFF's algorithm still identified that subset with 99.1% accuracy

The group concludes that even when privacy-conscious users delete their HTML cookies -- and their Flash cookies as well -- they can still be tracked based on their browsers' characteristics. In other words, companies that want to track users without their consent, can do so by recording information about their browsers.

While self-regulatory standards -- not to mention potential legislation, like the Boucher bill -- require that companies notify consumers about online targeting and allow them to opt out, the continual emergence of new tracking methods could pose an enforcement challenge.

For now, the EFF is urging consumers to ask browser developers to build in features that make it more difficult to collect digital fingerprints.

Next story loading loading..