SoylentNews is people
SoylentNews
State governments might be inadvertently helping Chinese-owned app in data collection:
More than two dozen state government websites contain web-tracking code made by TikTok parent ByteDance Ltd., according to a new report from a cybersecurity company, illustrating the difficulties U.S. regulators face in curtailing data-collection efforts by the popular Chinese-owned app.
A review of the websites of more than 3,500 companies, organizations and government entities by the Toronto-based company Feroot Security found that so-called tracking pixels from the TikTok parent company were present in 30 U.S. state-government websites across 27 states, including some where the app has been banned from state networks and devices. Feroot collected the data in January and February of this year.
[...] Site administrators usually place such pixels on the government websites to help measure the effectiveness of advertising they have purchased on TikTok. It helps government agencies determine how many people saw an ad on the social-media app and took some action—such as visiting a website or signing up for a service. The pixels' proliferation offers another vector for data collection beyond TikTok's popular mobile app, which is increasingly under fire in Washington as a possible way for the Chinese government to collect data on Americans.
[...] "Like other platforms, the data we receive from advertisers is used to improve the effectiveness of our advertising services," a TikTok spokeswoman said in a statement. "Our terms instruct advertisers not to share certain data with us, and we continuously work with our partners to avoid inadvertent transmission of such data."
[...] Tracking pixels, also called web beacons, are ubiquitous on commercial websites. The free bits of software code are intended to support digital marketing and advertising by logging a visitor's interactions with the site, such as what is clicked on and the duration of a visit.
While the web-tracking pixels ostensibly aim to better pinpoint advertising, they also pose threats for privacy, security experts have said. They can sometimes be configured to collect data that users enter on websites, such as usernames, addresses and other sensitive information. With enough pixels on enough websites, the companies running them can begin to piece together the browsing behavior of individual users as they move from domain to domain, building detailed profiles on their interests and online habits.
[...] Beyond TikTok, Feroot also found tracking pixels from Chinese-owned companies such as Tencent Holdings Ltd., which owns WeChat, Weibo Corp., and Alibaba Group Holding Ltd. on some state-government websites, as well as Russian-owned pixels from companies such as from cybersecurity company Kaspersky, which had its products banned from civilian and military federal U.S. networks during the Trump administration due to espionage fears.
[...] Feroot found that the average website it studied had more than 13 embedded pixels. Google's were far and away the most common, with 92% of websites examined having some sort of Google tracking pixel embedded. About 50% of the websites the firm examined had Microsoft Corp. or Facebook pixels. TikTok had a presence in less than 10% of sites examined.
Privacy advocates have long raised concerns about the proliferation of pixels, whatever their provenance. Alan Butler, the executive director of the Electronic Privacy Information Center, said the data can be used to identify individuals, track them physically and digitally, and subject them to common cybersecurity threats, such as phishing attempts and disinformation.
"Any social media platform, data broker, or ad service that is using tracking pixels to monitor people's browsing across the web is violating the privacy of users visiting those websites," Mr. Butler said. "This is especially troubling on government websites where individuals are being tracked even as they try to access information and services that are essential."
I'm sure it's fine...
(Score: 3, Interesting) by Barenflimski on Wednesday March 29, @08:36PM (2 children)
I 2nd this question.
The last time I put together a site a couple of years ago, it was clear how I ended up with google trackers all over it.
It isn't clear to me where a TikTok tracker would come from. Would love to know what app or plugin folks would add for that. I'm assuming this was intentional by some developer?
(Score: 2) by mcgrew on Wednesday March 29, @11:57PM (1 child)
I'm not sure what you call "google trackers," web bugs that are housed on Google's servers? If so, your evil host put them there, or tricked you into doing it for them, maybe with a visitor counter or some other javascript.
If you mean spiders, they leave less than a visitor with a browser does. It just tells a search engine what your site says.
Carbon, The only element in the known universe to ever gain sentience
(Score: 3, Informative) by RS3 on Thursday March 30, @04:00AM
There are many kinds of trackers, but a common one is a simple one-pixel image (usually .gif) that's hosted by the tracking site's server.
Every time you visit a site / page that has for example a link to a google tracking pixel, google's web servers log your access, including whatever data they can glean from your browser, generally called "user agent", or browser "fingerprint".
Your browser might have a very unique "fingerprint". As I posted below, you can test your browser. A really good test site is: https://coveryourtracks.eff.org [eff.org]
It will test your browser / computer and tell you how unique your browser's "fingerprint" is. Unique is very bad. The more unique it is, the easier for someone like google to cross-correlate your browser's fingerprint in their logs and know all the sites you've visited.
My browser setup passes the tests with flying colors, except for one bug: my browser gives a very unique but very incorrect screen resolution. I'll figure that out and fix it, but generally my browser (Vivaldi) is blocking all trackers and most if not all ads (ignorance is bliss dept: I don't know what I don't know. :)