Adverts that pursue us around the web are a familiar experience, but they’re just the most obvious manifestation of an intricate tracking network that follows our every move online. Now, researchers are building tools to help us understand not just who is tracking us, but how they are doing it, what they know, and how we can take back control.
Giving users control over their data can be tricky, since companies have built profitable businesses around “black box” algorithms that gather, crunch and share that data. At the Data Transparency Lab Conference at MIT in Cambridge, Massachusetts, last week, researchers gathered to discuss new ways to poke holes in those boxes and show people what’s inside.
It’s an uphill battle. Surveys show that ordinary users have no idea about what happens to our data online. A team led by Blase Ur at Carnegie Mellon University in Pittsburgh, Pennsylvania, is helping to fill that knowledge gap.
They’re developing a browser extension that keeps an eye on every third party that tries to grab your data. Every time you go to a site, the extension takes a note of which advertisers are there, looking at what you’re looking at. It builds up a picture of what it thinks those companies have deduced about you: perhaps that you’re a fan of ice hockey, or where you go at weekends.
Ur is planning tests to see if the extension improves user awareness or changes their behaviour. “We just want to provide transparency and see what impact that has,” he says.
Web browsing isn’t the only way we’re tracked – social networks and smartphones are increasingly important. A system called the Facebook Data Valuation Tool, built by a team at Carlos III University of Madrid in Spain, tries to calculate the monetary value in real time of the data users generate while they’re browsing.
A project named ReCon, led by David Choffnes at Northeastern University in Boston, tracks how our smartphone apps connect to the internet, watching to see what information they are gathering. An experiment examining the top 100 most popular iOS, Android, and Windows apps detected information such as user location and contacts sent out in plain text, often from apps that had no need for that data.
“Users aren’t aware of just how much they’re being tracked,” says Choffnes. In early run-throughs with ReCon, even he was surprised to see certain apps broadcasting personal characteristics about him that they’d inferred, like his gender, location and date of birth.
“Advertisers are clearly inferring and learning a lot about us as individuals; properties that may or may not make users feel uncomfortable. I at least want users to be able to look at that data and make their own decision about if it seems reasonable or not,” Choffnes says.
His group is now working on a feature that will automatically notify users when it detects suspicious activity, giving them a chance to halt the traffic in its tracks if they want to.