Wikipedia

Cross-device tracking: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
m Disambiguated: DVRDigital video recorder
Alter: title, url, date, template type, issue. Add: pmc, pmid, volume, journal, pages, issue, doi, jstor, year, date. Removed URL that duplicated unique identifier. Removed parameters. Formatted dashes. | You can use this tool yourself. Report bugs here.
Line 2:
'''Cross-device tracking''' refers to technology which enables the tracking of users across multiple devices such as smartphones, television sets, smart TVs, and personal computers.<ref>{{Cite web|url=https://www.semanticscholar.org/paper/A-Privacy-Analysis-of-Cross-device-Tracking-Zimmeck-Li/5dbdc0b0c527335d5efff8477ec3679facd333db|title=A Privacy Analysis of Cross-device Tracking|last=Jebara|first=Tony|last2=Bellovin|first2=Steven M.|date=2017|website=undefined|access-date=2019-04-04|last3=Kim|first3=Hyungtae|last4=Li|first4=Jie S.|last5=Zimmeck|first5=Sebastian}}</ref>
 
More specifically, cross-device tracking is a technique in which technology companies and advertisers deploy trackers, often in the form of unique identifiers, cookies, or even ultrasonic signals, to generate a profile of users across multiple devices, not simply one.<ref name=":1">{{Cite journal|last=Arp|first=Daniel|date=|title=Privacy Threats through Ultrasonic Side Channels on Mobile Devices|url=https://ieeexplore.ieee.org/document/7961950%E2%80%8B|journal=IEEE European Symposium on Security and Privacy|volume=|pages=1-131–13|via=IEEE Xplore}}</ref> For example, one such form of this tracking uses audio beacons, or inaudible sounds, emitted by one device and recognized through the microphone of the other device.<ref name=":1" />
 
This form of tracking is utilized primarily by technology companies and advertisers who use this information to piece together a cohesive profile of the user.<ref name=":1" /> These profiles inform and predict the type of [[Advertising|advertisements]] the user receives.<ref name=":1" />
Line 9:
There are many ways in which online tracking has manifested itself. Historically, when companies wanted to track users’ online behavior, they simply had users sign in to their website.<ref name=":23">{{Cite journal|last=Jebara|first=Tony|last2=Bellovin|first2=Steven M.|last3=Kim|first3=Hyungtae|last4=Li|first4=Jie S.|last5=Zimmeck|first5=Sebastian|date=2017|title=A Privacy Analysis of Cross-device Tracking|url=https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/zimmeck|language=en|pages=1391–1408}}</ref> This is a form of deterministic cross-device tracking, in which the user’s devices are associated with their account credentials, such as their email or username.<ref name=":2">{{Cite journal|last=Brookman|first=Justin|date=2017|title=Cross-Device Tracking: Measurement and Disclosures|url=https://petsymposium.org/2017/papers/issue2/paper29-2017-2-source.pdf|journal=Proceedings on Privacy Enhancing Technologies|volume=|pages=|via=}}</ref> Consequently, while the user is logged in, the company can keep a running history of what sites the user has been to and which ads the user interacted with between computers and mobile devices.<ref name=":2" />
 
Eventually, [[Cookies (Internet)|cookies]] were deployed by [[Advertising|advertisers]], providing each user with a [[unique identifier]] in his or her browser so that the user’s preferences can be monitored.<ref name=":3">{{Cite web|url=https://cdt.org/files/2015/11/10.16.15-CDT-Cross-Device-Comments.pdf|title=Comments for November 2015Workshop on Cross-Device Tracking|last=|first=|date=|website=|archive-url=|archive-date=|dead-url=|access-date=}}</ref> This unique identifier informs the placement of relevant, [[Targeted advertising|targeted ads]] the user may receive.<ref name=":3" /> Cookies were also used by companies to improve the user experience, enabling users to pick up where they left off on websites.<ref name=":11">{{Cite journal|last=Sipior|first=Janice C.|last2=Ward|first2=Burke T.|last3=Mendoza|first3=Ruben A.|date=2011-03-30|title=Online Privacy Concerns Associated with Cookies, Flash Cookies, and Web Beacons|url=https://doi.org/10.1080/15332861.2011.558454|journal=Journal of Internet Commerce|volume=10|issue=1|pages=1–16|doi=10.1080/15332861.2011.558454|issn=1533-2861}}</ref> However, as users began utilizing multiple devices––up to around five––advertisers became confused as to how to track, manage, and consolidate this data across multiple devices as the cookie-based model suggested that each device––whether a phone, computer, or tablet––was a different person.<ref name=":3" />
 
Other technologies such as [[HTTP cookie|supercookies]], which stay on computers long after the user deletes his or her cookies, and [[Web beacon|web beacons]], which are unique images from a URL, are also used by trackers and advertisers to gain increased insight into users’ behavior.<ref name=":3" /> However, advertisers were still limited in that only one device was able to be tracked and associated with a user.<ref name=":3" />
Line 19:
Another tactic used by Google is called [[Ad-ID|AdID]] and works on smartphones in tandem with cookies on a user’s computer to track behavior across devices.<ref name=":23" />
 
Now, cross-device tracking has evolved into a new, radical form of surveillance technology which enables users to be tracked across multiple devices, including [[Smartphone|smartphones]], [[Television|TVs]], and [[Personal computer|personal computers]] through the use of audio beacons, or inaudible sound, emitted by one device and recognized through the microphone of the other device, usually a smartphone.<ref name=":12">{{Cite journal|last=Arp|first=Daniel|date=|title=Privacy Threats through Ultrasonic Side Channels on Mobile Devices|url=https://ieeexplore.ieee.org/document/7961950%E2%80%8B|journal=IEEE European Symposium on Security and Privacy|volume=|pages=1-131–13|via=IEEE Xplore}}</ref> In addition, cross-device tracking may presage the future of the [[Internet of things|Internet of Things]] (IoT), in which all types of devices––such as offices, cars, and homes––are seamlessly interconnected via the internet.<ref name=":23" />
 
=== Ultrasonic tracking ===
Humans interpret sound by picking up on different frequencies.<ref name=":13">{{Cite journal|last=Arp|first=Daniel|date=|title=Privacy Threats through Ultrasonic Side Channels on Mobile Devices|url=https://ieeexplore.ieee.org/document/7961950%E2%80%8B|journal=IEEE European Symposium on Security and Privacy|volume=|pages=1-131–13|via=IEEE Xplore}}</ref> Given the variety of [[sound waves]] that exist, humans can only hear frequencies that are within a certain range––generally from 20Hz to 20kHz. Interestingly, by the age of 30, most humans cannot hear sounds above 18kHz.<ref name=":13" />
 
[[Ultrasound]], which emits shorter wavelengths greater than or equal to 20kHz, enables the rapid transmission of data necessary for cross-device tracking to occur.<ref name=":13" />
Line 30:
In October 2015, the [[Center for Democracy and Technology]] submitted comments to the [[Federal Trade Commission]] (FTC) regarding cross-device tracking technology, specifically mentioning [[SilverPush]].<ref name="cdt">{{cite web |url=https://cdt.org/files/2015/10/10.16.15-CDT-Cross-Device-Comments.pdf |title=Re: Comments for November 2015 Workshop on Cross – Device Tracking |publisher=[[Center for Democracy and Technology]] |accessdate=1 April 2016}}</ref><ref name="register">{{cite web |url=https://www.theregister.co.uk/2015/11/20/silverpush_soundwave_ad_tracker/ |title=How TV ads silently ping commands to phones: Sneaky SilverPush code reverse-engineered |newspaper=[[The Register]] |accessdate=1 April 2016}}</ref>
 
Audio "beacons" can be embedded into television advertisements. In a similar manner to [[radio beacon]]s, these can be picked up by [[mobile app]]s.<ref name="FTC letter">{{cite web |url=https://www.ftc.gov/system/files/attachments/press-releases/ftc-issues-warning-letters-app-developers-using-silverpush-code/160317samplesilverpushltr.pdf |title=FTC letter to app developers |accessdate=1 April 2016}}</ref> This allows the behavior of users to be tracked, including which ads were seen by the user and how long they watched an ad before changing the channel.<ref name=ars>{{cite web |url=https://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/ |title=Beware of ads that use inaudible sound to link your phone, TV, tablet, and PC |publisher=[[Ars Technica]] |accessdate=31 March 2016|date=13 November 2015 }}</ref>
 
In March 2016, the FTC issued warning letters to 12 app developers using cross-device tracking in their apps.<ref name=ftc>{{cite web |url=https://www.ftc.gov/news-events/press-releases/2016/03/ftc-issues-warning-letters-app-developers-using-silverpush-code |title=FTC Issues Warning Letters to App Developers Using 'Silverpush' Code |accessdate=1 April 2016|date=17 March 2016 }}</ref> The FTC warned these developers that they may be violating the [[Federal Trade Commission Act of 1914|FTC Act]] if they state or imply that their apps are not tracking television viewing habits when they in fact are.
 
== Applications ==
Studies have shown that 234 [[Android (operating system)|Android]] applications are eavesdropping on these ultrasonic channels without the user’s awareness.<ref name=":14">{{Cite journal|last=Arp|first=Daniel|date=|title=Privacy Threats through Ultrasonic Side Channels on Mobile Devices|url=https://ieeexplore.ieee.org/document/7961950%E2%80%8B|journal=IEEE European Symposium on Security and Privacy|volume=|pages=1-131–13|via=IEEE Xplore}}</ref>
 
Applications such as [[SilverPush|Silverpush]], Shopkick, and Lisnr are part of an “ultrasonic side-channel” in which the app, often unbeknownst to the user, intercepts ultrasonic signals emitted from the user’s environment, such as from a TV, to track which advertisements the user has heard and how long the person listened to them<ref name=":14" />.
Line 43:
* Lisnr utilizes a user’s location data in tandem with ultrasonic beacons to give users coupons related to their activities<ref name=":14" />
 
Another study suggested that Apple, Google, and Bluetooth Special Interest groups need to do more to prevent cross-device tracking.<ref name=":132">{{Cite journal|last=Korolova|first=Aleksandra|last2=Sharma|first2=Vinod|date=2018|title=Cross-App Tracking via Nearby Bluetooth Low Energy Devices|url=http://doi.acm.org/10.1145/3176258.3176313|journal=Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy|series=CODASPY '18|location=New York, NY, USA|publisher=ACM|pages=43–52|doi=10.1145/3176258.3176313|isbn=9781450356329}}</ref>
 
== Privacy and surveillance concerns ==
 
=== Ultrasonic tracking ===
Cross-device tracking has [[Internet privacy|privacy]] implications and allows for more detailed tracking of users than traditional tracking methods. Data can be collected from multiple devices used by a single user and correlated to form a more accurate picture of the person being tracked.<ref name=ars/> Moreover, malicious actors may use variants of the technology to deanonymize anonymity network users.<ref>{{cite web|author = Vasilios Mavroudis|display-authors=et al|title = On the Privacy and Security of the Ultrasound Ecosystem|publisher=Proceedings on Privacy Enhancing Technologies|url=https://petsymposium.org/2017/papers/issue2/paper18-2017-2-source.pdf|format=PDF|website=ubeacsec.org|accessdate=30 November 2017}}</ref>
 
Ultrasonic tracking technologies can pose massive threats to users’ privacy. There are four primary privacy concerns associated with this new form of tracking:
 
* The first is ''media tracking'': audio from the user’s television may be detected by the microphone in the user’s mobile device, allowing malicious actors to gain access to what the user is watching––particularly if it is salacious.<ref name=":15">{{Cite journal|last=Arp|first=Daniel|date=|title=Privacy Threats through Ultrasonic Side Channels on Mobile Devices|url=https://ieeexplore.ieee.org/document/7961950%E2%80%8B|journal=IEEE European Symposium on Security and Privacy|volume=|pages=1-131–13|via=IEEE Xplore}}</ref> Advertisers can similarly gain insight into what a user typically watches.<ref name=":15" /> In both scenarios, a user’s real-world behavior is linked to their online identity and used for tracking.<ref name=":15" />
* Another form of tracking permitted by ultrasonic tracking is ''cross-device tracking'', which enables a user’s profile to be connected across multiple devices based on proximity.<ref name=":15" /> This form of tracking, in linking different devices, can help advertisers show more targeted ads or open individuals to attacks by malicious actors.<ref name=":15" />
* ''Location tracking'' is yet another privacy concern.<ref name=":15" /> Indeed, ultrasonic signals can convey location information via a location identifier, often placed in stores or businesses.<ref name=":15" />
Line 58:
 
=== Panoptic surveillance and the commodification of users' digital identity ===
From cookies to ultrasonic trackers, some argue that invasive forms of surveillance underscore how users are trapped in a digital [[panopticon]], similar to the concept envisioned by [[Jeremy Bentham]]: a prison in which the prisoners were able to be seen at all times by guards but were unable to detect when, or even if, they were being watched at all, creating a sense of paranoia that drove prisoners to carefully police their own behavior.<ref name=":4">{{Cite journal|last=Campbell|first=John Edward|last2=Carlson|first2=Matt|date=|title=Panopticon.com: Online Surveillance and the Commodification of Privacy|url=https://doi.org/10.1207/s15506878jobem4604_6%E2%80%8B|journal=Journal of Broadcasting & Electronic Media|volume=46|issue=4|pages=586–606|doi=10.1207/s15506878jobem4604_6|issn=0883-8151|viayear=2002}}</ref> Similarly, scholars have drawn parallels between Bentham’s panopticon and today’s pervasive use of [[internet tracking]] in that individuals lack awareness to the vast disparities of power that exist between themselves and the corporation to which they willingly give their data.<ref name=":4" /> In essence, companies are able to gain access to consumers’ activity when they use a company’s services.<ref name=":4" /> The usage of these services often is beneficial, which is why users agree to exchange personal information.<ref name=":4" /> However, since users participate in this unequal environment, in which corporations hold most of the power and in which the user is obliged to accept the bad faith offers made by the corporations, users are operating in an environment that ultimately controls, shapes and molds them to think and behave in a certain way, depriving them of privacy.<ref name=":4" />
 
In direct response to the panoptic and invasive forms of tracking manifesting themselves within the digital realm, some have turned to [[sousveillance]]: a form of inverse surveillance in which users can record those who are surveilling them, thereby empowering themselves.<ref name=":142">{{Cite journal|last=Wellman|first=Barry|last2=Nolan|first2=Jason|last3=Mann|first3=Steve|date=2003|title=Sousveillance: Inventing and Using Wearable Computing Devices for Data Collection in Surveillance Environments.|url=https://ojs.library.queensu.ca/index.php/surveillance-and-society/article/view/3344|journal=Surveillance & Society|language=en-US|volume=1|issue=3|pages=331–355|doi=10.24908/ss.v1i3.3344|issn=1477-7487}}</ref> This form of counter surveillance, often used through small wearable recording devices, enables the subversion of corporate and government panoptic surveillance by holding those in power accountable and giving people a voice––a permanent video record––to push back against government abuses of power or malicious behavior that may go unchecked.<ref name=":142" />
 
The television, along with the remote control, is also argued to be conditioning humans into habitually repeating that which they enjoy without experiencing genuine surprise or even discomfort, a critique of the television similar to that of those made against [[Information silo|information silos]] on social media sites today.<ref name=":19">{{Cite journal|last=Rosen|first=Christine|date=2004|title=The Age of Egocasting|url=https://www.jstor.org/stable/43152146|journal=The New Atlantis|issue=7|pages=51–72|issn=1543-1215|jstor=43152146}}</ref> In essence, this technological development led to ''egocasting'': a world in which people exert extreme amounts of control over what they watch and hear.<ref name=":19" /> As a result, users deliberately avoid content they disagree with in any form––ideas, sounds, or images.<ref name=":19" /> In turn, this siloing can drive [[political polarization]] and stoke [[tribalism]].<ref name=":19" /> Plus, companies like [[TiVo Corporation|TiVO]] analyze how TV show watchers use their remote and [[Digital video recorder|DVR]] capability to skip over programming, such as advertisements––a privacy concern users may lack awareness of as well.<ref name=":19" />
 
Some scholars have even contended that in an age of increased surveillance, users now participate online through the active generation and curation of online images––a form of control.<ref name=":15" /> In so doing, users can be seen as rejecting the shame associated with their private lives.<ref name=":15" /> Other scholars note that surveillance is fundamentally dependent upon location in both physical and virtual environments.<ref name=":16">{{Cite journal|last=Molz|first=Jennie Germann|title=‘Watch'Watch us wander’wander': mobile surveillance and the surveillance of mobility|url=https://www.academia.edu/507992/Watch_us_wander_mobile_surveillance_and_the_surveillance_of_mobility|journal=Environment and Planning A|language=en|volume=38|issue=2|pages=377–393|issn=0308-518X|doi=10.1068/a37275|year=2006}}</ref> This form of surveillance can be seen in travel websites which enable the user to share their vacation to a virtual audience.<ref name=":16" /> The person’s willingness to share their personal information online is validated by the audience, since the audience holds the user accountable and the user vicariously experiences pleasure through the audience.<ref name=":16" /> Further, users' mobile data is increasingly being shared to third parties online, potentially underscoring the regulatory challenges inherent in protecting users' online privacy.<ref name=":20">{{Cite web|url=https://www.icsi.berkeley.edu/icsi/node/5893|title=Apps, Trackers, Privacy and Regulators: A Global Study of the Mobile Tracking Ecosystem|last=Razaghpanah|first=Abbas|last2=Nithyanand|first2=Rishab|date=|website=www.icsi.berkeley.edu|archive-url=|archive-date=|dead-url=|access-date=2019-04-11|last3=Vallina-Rodriguez|first3=Narseo|last4=Sundaresan|first4=Srikanth|last5=Allman|first5=Mark|last6=Kreibich|first6=Christian|last7=Gill|first7=Phillipa}}</ref>
 
In addition, scholars argue that users have the right to know the value of their [[personal data]].<ref name=":17">{{Cite webjournal|urltitle=https://www.sciencedirect.com/science/article/pii/S0267364917302819ScienceDirect|titleissue=ScienceDirect2|pages=289–303|last=Malgieri|first=Gianclaudio|last2=Bart Custers|date=April 2018|websitejournal=www.sciencedirect.comComputer Law & Security Review|archive-urlvolume=34|archive-datedoi=|dead-url=|access-date=2019-04-1110.1016/j.clsr.2017.08.006}}</ref> Increasingly, users’ [[digital identity]] is becoming commodified through the selling and [[Monetization|monetizing]] of their personal data for profit by large companies.<ref name=":17" /> Unfortunately, many people appear to be unaware of the fact that their data holds monetary value that can potentially be used towards other products and services.<ref name=":17" /> Thus, scholars are arguing for users’ to have increased awareness and transparency into this process so that users can become empowered and informed consumers of data.<ref name=":17" />
 
=== Surveillance capitalism ===
The increased usage of cross-device tracking by advertisers is indicative of the rise of a new era of data extraction and analysis as a form of profit, or [[surveillance capitalism]], a term coined by [[Shoshana Zuboff]].<ref name=":5">{{Cite journal|last=Zuboff|first=Shoshana|date=2015|title=Big other: Surveillance Capitalism and the Prospects of an Information Civilization|url=https://journals.sagepub.com/doi/10.1057/jit.2015.5|journal=Journal of Information Technology|language=en|volume=30|issue=1|pages=75–89|doi=10.1057/jit.2015.5|issn=0268-3962|via=}}</ref> This form of capitalism seeks to commodify private human experience to create [[Futures exchange|behavioral futures markets]], in which behavior is predicted and behavioral data is harvested from the user.<ref name=":5" /> Zuboff suggests that this new era of surveillance capitalism eclipses Bentham's panopticon, becoming far more encroaching and invasive as, unlike a prison, there is no escape, and the thoughts, feelings, and actions of users are immediately extracted to be commodified and resold.<ref name=":5" /> Thus, since cross-device tracking seeks to create a profile of a user across multiple devices, big tech companies, such as Google, could use this behavioral data to make predictions about the user’s future behavior without the user’s awareness.<ref name=":5" />
 
Scholars are beginning to discuss the possibility of quantifying the monetary value of users’ personal data. Notably, the algorithms used to extract and mine user data are increasingly seen as business assets and thus protected via trade secrets.<ref name=":17" /> Indeed, the usage of free online services, such as public Wi-Fi, often comes at the unknown cost to the user of being tracked and profiled by the company providing the service.<ref name=":17" /> In essence, a transaction is occurring: users’ personal data is being exchanged for access to a free service.<ref name=":17" /> Increasingly, scholars are advocating for users’ right to understand the fundamental value of their personal data more intimately so as to be more savvy, informed consumers who have the ability to protect the privacy of their online information and not be manipulated into unwittingly giving away personal information.<ref name=":17" />
 
=== Health and wellness applications ===
In addition, health and wellness applications also have a dearth of privacy protections as well: a study found that many health apps lacked [[encryption]] and that regulators should enforce stronger [[Data privacy|data privacy protections]].<ref name=":7">{{Cite journal|last=Huckvale|first=Kit|last2=Prieto|first2=José Tomás|last3=Tilney|first3=Myra|last4=Benghozi|first4=Pierre-Jean|last5=Car|first5=Josip|date=2015-09-25|title=Unaddressed privacy risks in accredited health and wellness apps: a cross-sectional systematic assessment|url=http://bmcmedicine.biomedcentral.com/articles/10.1186/s12916-015-0444-y|journal=BMC Medicine|volume=13|issue=1|pages=214|doi=10.1186/s12916-015-0444-y|pmid=26404673|pmc=4582624}}</ref> The study stated that of the 79 apps they tested, none of the applications locally encrypted the users’ personal information and 89% of the applications pushed the data online.<ref name=":7" /> The lack of adequate privacy and security measures surrounding users’ personal medical data on mobile applications underscores the lessening degree to which users can trust mobile app developers to safeguard their personal information online.<ref name=":7" /> While mobile application developers continue to confront privacy and security concerns, users are increasingly looking to ways to visualize their data through wearable devices and applications that track their workout and exercise routines.<ref name=":9">{{Cite web|url=https://www.sciencedirect.com/science/article/pii/S0267364917302819journal|title=ScienceDirect|websiteissue=www2|pages=289–303|journal=Computer Law & Security Review|volume=34|doi=10.sciencedirect1016/j.comclsr.2017.08.006|access-date=2019-04-04April 2018}}</ref> Indeed, researchers discovered that these self-tracking devices play a role as a tool, a toy, and a tutor in users’ lives.<ref name=":24">{{Cite journal|last=Lyall|first=Ben|last2=Robards|first2=Brady|date=2018-03-01|title=Tool, toy and tutor: Subjective experiences of digital self-tracking|url=https://doi.org/10.1177/1440783317722854|journal=Journal of Sociology|language=en|volume=54|issue=1|pages=108–124|doi=10.1177/1440783317722854|issn=1440-7833}}</ref> In the tool role, the self-tracking device functions as a mechanism to help the user in some capacity, often to achieve personal health goals.<ref name=":24" /> The toy role underscores how some self-tracking users see it as a fun game, particularly with regard to rewards and viewing the visualized data.<ref name=":24" /> Lastly, the tutor role reflects how users gain insights from and motivation about their activity from the apps themselves.<ref name=":24" /> Other scholars have characterized self-tracking as performing for the system, or controlling what is (or isn’t) recorded, performing for the self, tracking themselves to gain insight into their behavior, and performing for other people, or the importance of how other people viewed the person being tracked, as well as the control the person being tracked had over their data and thus how they are perceived.<ref name=":10">{{Cite journal|last=Gross|first=Shad|last2=Bardzell|first2=Jeffrey|last3=Bardzell|first3=Shaowen|last4=Stallings|first4=Michael|date=2017-11-02|title=Persuasive Anxiety: Designing and Deploying Material and Formal Explorations of Personal Tracking Devices|url=https://doi.org/10.1080/07370024.2017.1287570|journal=Human–Computer Interaction|volume=32|issue=5-65–6|pages=297–334|doi=10.1080/07370024.2017.1287570|issn=0737-0024}}</ref>
 
=== Cookies, flash cookies, and web beacons ===
Additionally, privacy concerns surround cookies, flash cookies, and web beacons on websites today.<ref name=":10" /> Ultimately, five main concerns surround the usage of cookies, flash cookies, and web beacons, according to a study:<ref name=":112">{{Cite journal|last=Sipior|first=Janice C.|last2=Ward|first2=Burke T.|last3=Mendoza|first3=Ruben A.|date=2011-03-30|title=Online Privacy Concerns Associated with Cookies, Flash Cookies, and Web Beacons|url=https://doi.org/10.1080/15332861.2011.558454|journal=Journal of Internet Commerce|volume=10|issue=1|pages=1–16|doi=10.1080/15332861.2011.558454|issn=1533-2861}}</ref>
 
* Firstly, the authors note that users lack ''[[anonymity]]'' online, with cookies utilizing unique identifiers and flash cookies enabling recognition of website visits<ref name=":112" />
Line 86:
 
=== Data capitalism ===
Other scholars have defined a similarly extractive and destructive phenomenon called [[data capitalism]].<ref name=":18">{{Cite journal|last=West|first=Sarah Myers|date=2017-07-05|title=Data Capitalism: Redefining the Logics of Surveillance and Privacy|url=https://journals.sagepub.com/doi/10.1177/0007650317718185|journal=Business & Society|language=en|volume=58|issue=1|pages=20–41|doi=10.1177/0007650317718185|issn=0007-6503}}</ref> Data capitalism is an economic system enabling the redistribution of power towards those who have access to the information––namely, big corporations.<ref name=":18" /> There are three fundamental theories of how large companies engage users in [[Virtual community|virtual communities]], reflecting the power of data capitalism on users today:
 
* The free and open network: in making products free, large companies make their products more accessible to a larger audience from which they can extract valuable data in exchange.<ref name=":18" />
Line 96:
 
== Legal and ethical issues ==
While the United States lacks extensive privacy rights, the [[Fourth Amendment to the United States Constitution|Fourth Amendment]] provides some privacy protections.<ref name=":113">{{Cite journal|last=Sipior|first=Janice C.|last2=Ward|first2=Burke T.|last3=Mendoza|first3=Ruben A.|date=2011-03-30|title=Online Privacy Concerns Associated with Cookies, Flash Cookies, and Web Beacons|url=https://doi.org/10.1080/15332861.2011.558454|journal=Journal of Internet Commerce|volume=10|issue=1|pages=1–16|doi=10.1080/15332861.2011.558454|issn=1533-2861}}</ref> The Fourth Amendment states that “the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated,” suggesting that while individuals are protected from all levels of the government, they are not legally protected from private companies or individuals with malicious intent.<ref name=":113" />
 
There are large implications for this technology within the legal field. Legally, The [[Federal Trade Commission]] has a responsibility to prevent deceptive practices by technology companies, such as those that could lead to consumer injury.<ref name=":6">{{Cite journal|last=Hoofnagle|first=Chris Jay|date=2017-09-01|title=FTC Regulation of Cybersecurity and Surveillance|url=https://papers.ssrn.com/abstract=3010205|language=en|location=Rochester, NY}}</ref> The FTC has made efforts to prevent invasive web tracking, tracking in physical space, [[malware]], insecure and poorly designed services, and the use of deception to engage in surveillance.<ref name=":6" /> For instance, in the realm of invasive web tracking, the FTC has brought lawsuits against companies who engage in ‘history sniffing’––a technique that enables companies to ascertain which links a user clicked on based on the color of the link.<ref name=":6" /> Concerning tracking in physical space, the FTC has also cracked down on Nomi, a company that scans the [[MAC address|MAC addresses]] of customers’ phones in stores.<ref name=":6" /> MAC addresses function as a [[unique identifier]], enabling the connection to wireless networks.<ref name=":6" /> In the case of malware, the FTC has placed pressure on companies such as CyberSpy, a self-proclaimed email attachment company that claimed to secretly record users’ key presses.<ref name=":6" /> The FTC has also cracked down on companies like Compete, a browser toolbar, because it decrypted users’ personal information on the internet, putting users at risk.<ref name=":6" /> Lastly, in cases during which deception is used to engage in surveillance, the FTC has investigated private investigators, who surveil individuals on another person’s behalf.<ref name=":6" /> In addition, audio beacon technology, used by an application called Silverpush, could violate the FTC’s policies because users were not made aware as to when the ultrasonic signals were being recorded.<ref name=":6" />
 
Another scholar believes that the convergence between lived experience and online technology is creating a term called [[Mixed reality|Mixed Reality]], in which people and things are replaced with virtual experiences.<ref name=":22">{{Cite journal|last=Fairfield|first=Joshua A.T.|date=2012|title=Mixed Reality: How the Laws of Virtual Worlds Govern Everyday Life|url=https://www.jstor.org/stable/24119476|journal=Berkeley Technology Law Journal|volume=27|issue=1|pages=55–116|issn=1086-3818|jstor=24119476}}</ref> Mixed Reality technologies can pose legal challenges in that laws which govern the online world will also extend to the real world.<ref name=":22" /> In addition, data tagging––often through GPS, location-based services, or even [[near-field communication]] (NFC)––is the new technology at the heart of mixed reality, since people’s data is determined in part by their location.<ref name=":22" /> Near-field communication enables devices to transmit data to each other with a certain range.<ref name=":22" /> Virtual reality can become a privacy issue because it attempts to immerse users into the virtual environment by recording a user's every sensation.<ref name=":22" /> In turn, mixed reality’s amalgamation with daily tasks suggest that it will be implicated in numerous legal issues ranging from [[copyright law]] to [[Intellectual property law|intellectual property law.]]<ref name=":22" /> Customers are also being denied a voice in [[Contract|contracts]], since only corporations set the rules by which individuals’ private information is mined and extracted.<ref name=":22" /> The solution to these issues, according to scholars, are opt-in controls to police users’ privacy that enable balance to be restored to the law, particularly as it stands regarding contracts.<ref name=":22" />
 
Ethically, Zuboff points to the extraction, commodification, and analysis of private human experiences as well as increased surveillance––which is sometimes hidden––in everyday life as violating users' rights to privacy.<ref name=":52">{{Cite journal|last=Zuboff|first=Shoshana|date=2015|title=Big other: Surveillance Capitalism and the Prospects of an Information Civilization|url=https://journals.sagepub.com/doi/10.1057/jit.2015.5|journal=Journal of Information Technology|language=en|volume=30|issue=1|pages=75–89|doi=10.1057/jit.2015.5|issn=0268-3962|via=}}</ref> The usage of surreptitious methods, in which the user is unaware of the extent to which he or she is being tracked, brings tracking mechanisms––such as cookies, flash cookies, and web beacons––into the ethical realm as well since users are not being informed of this tracking perhaps as often as they should.<ref name=":113" />
<br />
==See also==
Retrieved from "https://en.wikipedia.org/wiki/Cross-device_tracking"