Your web-browsing habits are not as private as you might think, even if you use “incognito mode” or clear your history, researchers have warned.
In addition to having privacy implications this leaves web users at risk of blackmail if businesses are hacked.
Svea Eckert, a journalist, and Andreas Dewes, a data scientist, obtained the browsing histories of three million Germans from a data broker by posing as a company creating a marketing algorithm. Big businesses could have bought the data, which revealed the porn-viewing habits of prominent figures and other private information.
The researchers were repeatedly told that it was easier to obtain data for UK and US residents than for Germans.
The database that they acquired contained three million “anonymised” browsing histories that had been collected using browser extensions. Most came from an extension called Web of Trust that is used to provide safety ratings for websites, but which noted in its small print that it could sell anonymised data to third parties.
Advertisement
Such clauses are one of the reasons many people are bombarded by adverts for particular goods or services after they have searched for them online.
Browser extensions are turned off by default in Google Chrome’s incognito mode, but the researchers warned that even if this setting were used internet service providers still retained records that could be at risk of being compromised. They discovered a politician who had searched for a herbal supplement to stimulate an ageing brain and a judge who browsed porn sites.
Although the identities of the individuals in the German database were supposedly protected, the researchers were easily able to work out who they were using a method devised nine years ago. Speaking at a hacking conference in Las Vegas, they said that the only way to keep browsing histories truly private was to use a virtual proxy network or the browser Tor.
Web of Trust now allows users opt out of having personal data collected.