But How Did They Know? How Ad-Tracking Actually Works

But How Did They Know? How Ad-Tracking Actually Works

Now you’re probably thinking, “how on earth did all those sites know about my interests like that? And what else is using that information about me as I surf the web?” 

Friends, here’s what you—and your online identity—need to know.

It involves (among other things) cookies, decorations, and auctions.

First, let’s talk about cookies! …

Not all cookies are bad—nothing is ever quite that simple in the world of technology. They also make things like logging into a site work so that you don’t have to login again… and again… and again… every time you go to a different part of that site.

What can you do about this? Every web browser has a place in their preferences that lets you turn off cookies. If you like, you can do that, but be warned. You’re paying for your privacy by giving up some of the whizbang features on the web. You will have sites that say “we won’t work if you don’t feed us cookies!!!” 

Ah, cookie crumbs: They’ll let a tracker follow you everywhere, but they’ll also make logging in a lot easier.

Verse 2: Making Web Addresses Attractive… for Advertisers

OK, so maybe you have put your browser on a diet and are willing to pay the price of privacy. Lots of people who really don’t want that kind of tracking to happen do that. But cookies aren’t the only way to track a user. There is also something called “link decoration.” This lets a site learn what brought you to them. Was it an email campaign? A content aggregator like Pocket?

Here’s what link decoration looks like: 

So, that link tells the Seattle Times that I visited their site because I followed a link from their Morning Brief email list, and that I am an active subscriber. They’ll be able to tick their own marketing box to say “Yep, looks like email campaigns work with this one! Let’s do more of those!”

Just like cookies, though, link decoration is used for more than just tracking. It has important, legitimate uses for some pretty common authentication services, too. But wait, there’s more! This feature is also used for lots of search functionality.

Link decoration: It’s about letting the websites know what worked to get you in the door so they can do more of that, but it’s for stuff you need, too.

Verse 3: The Advertising Auctioneer

And now to blow your mind a little bit, let’s look just a bit into how specific ads from specific companies are put in front of you. This is the magic of something called Real-Time Bidding! This only works because the Internet is blindingly fast for most, especially compared to the days of old-school dial-up connections. The activity goes like this: 

  1. You visit a website. 
  2. The website has a space on it for an ad. 
  3. That space includes a piece of code that says “go to this ad exchange network, and take information about this website AND information about the user (either via cookies, or any uniquely identifying information about their web browser and how it’s configured) AND the physical location of the user ‘cause their phone knows that and send it all to the ad exchange.” 
  4. The ad exchange has a list of advertisers who have preloaded information on what they’re willing to pay to promote their ad based on specific criteria about the website, the user, and even who the user is physically close to. 
  5. The ad exchanger immediately figures out who wins the auction and returns the winning ad to be embedded in the website. 

All this takes milliseconds

Real-time bidding: the Internet is fast enough to stream movies… and to sell targeted ads in real time.

Coda (wrap up)

Here’s the thing. I don’t know about you, but I personally don’t care if the advertisements I see on the web relate to things I might actually be interested in. I’d rather see ads about cats than I would about diapers, for instance. (I really hope I don’t start seeing ads about diapers for cats now.) However, I do very much care if my information is used to target me for hacker attempts or political manipulation. The techniques used by legitimate advertisers to target ads are exactly the same as other groups might use for more nefarious purposes. The technology can’t tell the difference. So, because I care more about the possibility of bad actors than I do whether I see diapers for cats, I’m going to care a lot about how to protect my privacy on the web. 

If you’re reading this and vigorously nodding your head, here’s how to take back control of your online privacy. 

  1. Look at the configuration settings for all the web browsers you use and really think about the privacy and security options.
  2. Think twice about clicking on a link in an email. Instead, go ahead and type in the direct web address instead of letting a link take you there.
  3. Use a private or incognito window when you can so it clears out any cookies or history at the end of the day when you close the browser window. (And close that browser window Every. Single. Day.)

Photo by JESHOOTS.COM on Unsplash

Posted by heather in Surveillance, Line Dancing