Have you ever wondered why some online ads you see are targeted to your tastes and interests? Or how websites remember your preferences from visit-to-visit or device-to-device? The answer may be in the “cookies” – or in other online tracking methods like device fingerprinting and cross-device tracking. Here are answers to some commonly asked questions about online tracking — how it works and how you can control it

Understanding Cookies

What is a cookie?

A cookie is information saved by your web browser, the software program you use to visit the web. When you visit a website, the site might store a cookie so it can recognize your device in the future. Later if you return to that site, it can read that cookie to remember you from your last visit. By keeping track of you over time, cookies can be used to customize your browsing experience, or to deliver ads targeted to you.

Who places cookies on the web?

First-party cookies are placed by the site that you visit. They can make your experience on the web more efficient. For example, they help sites remember:

• items in your shopping cart
• your log-in name
• your preferences, like always showing the weather in your home town
• your high game scores.

Third-party cookies are placed by someone other than the site you are on. For example, the website may partner with an advertising network to deliver some of the ads you see. Or they may partner with an analytics company to help understand how people use their site. These “third party” companies also may place cookies in your browser to monitor your behavior over time.

Over time, these companies may develop a detailed history of the types of sites you frequent, and they may use this information to deliver ads tailored to your interests. For example, if an advertising company notices that you read a lot of articles about running, it may show you ads about running shoes – even on an unrelated site you’re visiting for the first time.

Understanding Other Online Tracking

What are Flash cookies?

A Flash cookie is a small file stored on your computer by a website that uses Adobe’s Flash player technology. Flash cookies use Adobe’s Flash player to store information about your online browsing activities. Flash cookies can be used to replace cookies used for tracking and advertising, because they also can store your settings and preferences. Similarly, companies can place unique HTML5 cookies within a browser’s local storage to identify a user over time. When you delete or clear cookies from your browser, you will not necessarily delete the Flash cookies stored on your computer.

What is device fingerprinting?

Device fingerprinting can track devices over time, based on your browser’s configurations and settings. Because each browser is unique, device fingerprinting can identify your device, without using cookies. Since device fingerprinting uses the characteristics of your browser configuration to track you, deleting cookies won’t help.

Device fingerprinting technologies are evolving and can be used to track you on all kinds of internet-connected devices that have browsers, such as smart phones, tablets, laptop and desktop computers.

How does tracking in mobile apps occur?

When you access mobile applications, companies don’t have access to traditional browser cookies to track you over time. Instead, third party advertising and analytics companies use device identifiers — such as Apple iOS’s Identifiers for Advertisers (“IDFA”) and Google Android’s Advertising ID — to monitor the different applications used on a particular device.

Does tracking of other “smart devices” occur?

Yes. More and more, consumer devices, in addition to phones, are capable of being connected online. For example, smart entertainment systems often provide new ways for you to watch TV shows and movies, and also may use technology to monitor what you watch. Look to the settings on your devices to investigate whether you can reset identifiers on the devices or use web interfaces on another device to limit ad tracking.

Controlling Online Tracking

How can I control cookies?

Various browsers have different ways to let you delete cookies or limit the kinds of cookies that can be placed on your computer. When you choose a browser, consider which suits your privacy preferences best.

To check out the settings in a browser, use the ‘Help’ tab or look under ‘Tools’ for settings like ‘Options’ or ‘Privacy.’ From there, you may be able to delete cookies, or control when they can be placed. Some browsers allow add-on software tools to block, delete, or control cookies. And security software often includes options to make cookie control easier.  If you delete cookies, companies may not be able to associate you with your past browsing activity.  However, they may be able to track you in the future with a new cookie.

If you block cookies entirely, you may limit your browsing experience. For example, you may need to enter information repeatedly, or you might not get personalized content that is meaningful to you. Most browsers’ settings will allow you to block third-party cookies without also disabling first-party cookies.

How can I control Flash cookies and device fingerprinting?

The latest versions of Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer let you control or delete Flash cookies through the browser’s settings. If you use an older version of one of these browsers, upgrade to the most recent version, and set it to update automatically.

If you use a browser that doesn’t let you delete Flash cookies, look at Adobe’s Website Storage Settings panel. There, you can view and delete Flash cookies, and control whether you’ll allow them on your computer.

Like regular cookies, deleting Flash cookies gets rid of the ones on your computer at that moment. Flash cookies can be placed on your computer the next time you visit a website or view an ad unless you block Flash cookies altogether.

How can I control tracking in or across mobile apps?

You can reset the identifiers on your device in the device settings. iOS users can do this by following Settings > Privacy > Advertising > Reset Advertising Identifier. For Android, the path is Google settings > Ads > Reset advertising ID.  This control works much like deleting cookies in a browser — the device is harder to associate with past activity, but tracking can start anew using the new advertising identifier.

You also can limit the use of  identifiers for ad targeting on your devices. If you turn on this setting, apps are not permitted to use the advertising identifier to serve consumers targeted ads. For iOS, the controls are available through Settings > Privacy > Advertising > Limit Ad Tracking. For Android, Google Settings > Ads > Opt Out of Interest-Based Ads. Although this tool will limit the use of tracking data for targeting ads, companies may still be able to monitor your app usage for other purposes, such as research, measurement, and fraud prevention.

Mobile browsers work much like traditional web browsers, and the tracking technologies and user controls are much the same as for ordinary web browsers, described above.

Mobile applications also may collect your geolocation to share with advertising companies. The latest versions of iOS and Android allow you to limit which particular applications can access your location information.

What is “private browsing”?

Many browsers offer private browsing settings that are meant to let you keep your web activities hidden from other people who use the same computer. With private browsing turned on, your browser won’t retain cookies, your browsing history, search records, or the files you downloaded. Privacy modes aren’t uniform, though; it’s a good idea to check your browser to see what types of data it stores.

But note that cookies used during the private browsing session still can communicate information about your browsing behavior to third parties. So, private browsing may not be effective in stopping third parties from using techniques such as fingerprinting to track your web activity.

What are “opt-out” cookies?

Some websites and advertising networks allow you to set cookies that tell them not to use information about what sites you visit to target ads to you. For example, the Network Advertising Initiative (NAI) and the Digital Advertising Alliance (DAA) offer tools for opting out of targeted advertising — often by placing opt-out cookies. If you delete all cookies, you’ll also delete the cookies that indicate your preference to opt out of targeted ads.

Cookies are used for many purposes — for example, to limit the number of times you’re shown a particular ad. So even if you opt out of targeted advertising, a company may still use cookies for other purposes.

What is “Do Not Track”?

Do Not Track is a setting in most internet browsers that allows you to express your preference not to be tracked across the web. Turning on Do Not Track through your web browser sends a signal to every website you visit that you don’t want to be tracked from site to site. Companies then know your preference. If they have committed to respect your Do Not Track preference, they are legally required to do so. However, most tracking companies today have not committed to honoring users’ Do Not Track preferences.

Can I block online tracking?

Consumers can learn about tracker-blocking browser plugins which block the flow of information from a computer to tracking companies and allow consumers to block ads. They prevent companies from using cookies or fingerprinting to track your internet behavior.

To find tracker-blocking plugins, type “tracker blocker” in your search engine. Then, compare features to decide which tracker blocker is best for you. For example, some of them block tracking by default, while others require you to customize when you’ll block tracking.

Remember that websites that rely on third party tracking companies for measurement or advertising revenue may prevent you from using their site if you have blocking software installed. However, you can still open those sites in a separate browser that doesn’t have blocking enabled, or you can disable blocking on those sites.

Malware includes viruses, spyware, and other unwanted software that gets installed on your computer or mobile device without your consent. These programs can cause your device to crash, and can be used to monitor and control your online activity. They also can make your computer vulnerable to viruses and deliver unwanted or inappropriate ads. Criminals use malware to steal personal information, send spam, and commit fraud.

Avoid Malware

Scam artists try to trick people into clicking on links that will download viruses, spyware, and other unwanted software — often by bundling it with popular free downloads. To reduce your risk of downloading malware:

• Install and update security software, and use a firewall. Set your security software, internet browser, and operating system (like Windows or Mac OS X) to update automatically.
• Don’t change your browser’s security settings. You can minimize "drive-by" or bundled downloads if you keep your browser’s default security settings.
• Pay attention to your browser’s security warnings. Many browsers come with built-in security scanners that warn you before you visit an infected webpage or download a malicious file.
• Instead of clicking on a link in an email, type the URL of a trusted site directly into your browser. Criminals send emails that appear to be from companies you know and trust. The links may look legitimate, but clicking on them could download malware or send you to a scam site.
• Don’t open attachments in emails unless you know who sent it and what it is. Opening the wrong attachment — even if it seems to be from friends or family — can install malware on your computer.
• Get well-known software directly from the source. Sites that offer lots of different browsers, PDF readers, and other popular software for free are more likely to include malware.
• Read each screen when installing new software. If you don’t recognize a program, or are prompted to install additional “bundled” software, decline the additional program or exit the installation process.
• Don’t click on popups or banner ads about your computer’s performance. Scammers insert unwanted software into banner ads that look legitimate, especially ads about your computer’s health. Avoid clicking on these ads if you don’t know the source.
• Scan USBs and other external devices before using them. These devices can be infected with malware, especially if you use them in high traffic places, like photo printing stations or public computers.
• Talk about safe computing. Tell your friends and family that some online actions can put the computer at risk: clicking on pop-ups, downloading "free" games or programs, opening chain emails, or posting personal information.
• Back up your data regularly. Whether it's your taxes, photos, or other documents that are important to you, back up any data that you'd want to keep in case your computer crashes.

Detect Malware

Monitor your computer for unusual behavior. Your computer may be infected with malware if it:

• slows down, crashes, or displays repeated error messages
• won't shut down or restart
• serves a barrage of pop-ups
• serves inappropriate ads or ads that interfere with page content
• won’t let you remove unwanted software
• injects ads in places you typically wouldn’t see them, such as government websites
• displays web pages you didn't intend to visit, or sends emails you didn't write

Other warning signs of malware include:

• new and unexpected toolbars or icons in your browser or on your desktop
• unexpected changes in your browser, like using a new default search engine or displaying new tabs you didn’t open
• a sudden or repeated change in your computer's internet home page
• a laptop battery that drains more quickly than it should

Get Rid of Malware

If you suspect there is malware on your computer, take these steps:

• Stop shopping, banking, and doing other online activities that involve user names, passwords, or other sensitive information.
• Update your security software, and then scan your computer for viruses and spyware. Delete anything it identifies as a problem. You may have to restart your computer for the changes to take effect.
• Check your browser to see if it has tools to delete malware or reset the browser to its original settings.
• If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem.
• Many companies — including some affiliated with retail stores — offer tech support.Telephone and online help usually are less expensive, but online search results might not be the best way to find help. Tech support scammers pay to boost their ranking in search results so their websites and phone numbers appear above those of legitimate companies. If you want tech support, look for a company’s contact information on their software package or on your receipt.

Security and data breaches are some of the caveats of the internet and all the convenience it offers. Paying bills online, staying connected through social media and donating to our favorite charities could put us at risk for identity theft and fraud. Here are the five top security breaches in the 21st century, based on the number of consumers affected and information stolen:

1.   Yahoo

Occurred: 2013-2014 Reach: 3 billion user accounts

Yahoo was once known as a giant in the internet industry. When preparing for its sale to Verizon in 2016, the mega-corporation announced it had been subject to perhaps the largest security breach in history in 2014. Yahoo claimed the attack was carried out by “a state-sponsored actor.” This breach stole 500 million users’ personal information that could be used in any type of wire and mail fraud scheme, including their real names, birthdates, phone numbers and email addresses. Hackers obtained the information by using an algorithm to determine passwords.

It was later revealed that 1 billion users’ accounts were breached in 2013 by different hackers that also obtained security questions and passwords. In 2017, Yahoo revised the estimated number of affected accounts to all 3 billion of its users at the time.

2.   Adult Friend Finder

Occurred: October 2016 Reach: More than 412. million accounts

Account holders at Adult Friend Finder were searching for casual hookups and adult websites when their information was breached in 2016. The hackers obtained account information gathered over 20 years in the FriendFinder Network databases, including names, birthdates, email addresses and passwords.

3.   eBay

Occurred: May 2014 Reach: 145 million

Hackers obtained all account holders’ names, passwords, addresses and dates of birth by using credentials of three of eBay’s corporate employees. The cybercriminals reportedly had access to the information for 229 days.

Account users were asked to create new passwords for the site and were told that financial information was not compromised in the attack.

4.   Equifax

Occurred: July 2017 Reach: 143 million

The data breach at Equifax affected 143 million consumers – 209,000 of which had credit card information exposed to the hackers. Equifax said the attack likely started in the middle of May 2017 but wasn’t discovered until July 29. This has been one of the largest threats to consumers and increased the threat of wire and mail fraud in the modern century.

5.   Heartland Payment Systems

Occurred: March 2008 Reach: 134 million

Heartland processed 100 million credit card transactions a month for approximately 175,000 smaller retailer merchants. The breach was discovered in 2009 after multiple suspicious transactions were reported by Visa and Mastercard.

The processing company was ordered to pay $145 million back in fraudulent charges and was found to be in violation of the Payment Card Industry Data Security Standard.

In 2009, Albert Gonzalez and two Russian accomplices were indicted for stealing the cards in 2009. Gonzalez was convicted and sentenced to 20 years in prison in 2010.

These days, you’re forced into accepting certain “approval” settings before apps are downloaded to your smartphone. Most of us don’t think twice about it, but have you ever stopped to read what approval the apps are asking for? With the constant threat of malware and viruses, online identity theft, cyberbullying, etc., you must be the master of your destiny by paying attention to small details like app approval settings. If you’re a parent, it’s even more important to understand what your children are signing up for when downloading apps.

According to 2015 data from Pew Research, 73 percent of teens have smartphones, and in 2017 Pew reported that 77 percent of adults have these devices – that makes for a lot of potential cybercrime victims. So what are some quick steps we can take to enhance our own – and our children’s – safety and privacy online?

Don’t Skip the Fine Print

A company’s true intentions are hidden in their fine print. As consumers, we know this, yet it’s something we rarely read; it’s lengthy, dense and confusing. Companies count on this to deter people from taking the time to read it all.

But by taking the time, you’ll probably find that most of your apps have access to your location, age, birthday, phone number and loads of other personal tidbits. In fact, according to CNN, the moment you sign up with a cellphone carrier like Verizon, the carrier is granted access to all of that personal information. It’s not until after you’re set up that you have the option to opt out.

CNN writes, “When you sign up for Verizon service, you agree to let the company use your location, Web searches, app usage and other data…Verizon sends that data to an internal database, matching it up with a deep trove of demographic information about you from companies including data giant Experian.”

Does that sound a little scary? It explains how your recommended internet searches, Amazon purchases, Facebook link clicks and more seem to “know” you so well.

Avoid Third-Party Apps & Unrecognized App Stores

A third-party app is “an application that is provided by a vendor other than the manufacturer of the device,” according to PCMag. Many of these apps are more prone to security vulnerabilities because their developers may not be held to the same security standards as your phone or tablet manufacturer. Particularly if the app is free, the app company makes its “money” by disseminating your information to other parties.

Take control by reading through all of the fine print before downloading apps. Take note of how “spammy” they look as well – if they are free and filled with ads, have broken features and/or load dangerously slowly, be wary. Read reviews left by users and take into account the overall rating of an app before you download it. Try searching for the name of the app’s developer online to glean more insight.

In terms of unrecognized app stores, it’s important to know from where your apps are originating. Ofcom writes, “For example, someone could take a popular paid-for app, add their own illegitimate elements and then offer it for free on ‘bulletin boards’ or ‘peer-to-peer’ networks.” Stick to reputable and well-recognized app stores.

Delete Unused Apps

Even apps that you hardly use can subject you to security vulnerabilities. As long as they’re installed, they don’t need to be running in order to do damage. They can be collecting data in the background. This is why it’s important to delete apps you aren’t using.

Ofcom found that nearly half of apps downloaded are not used on a regular basis. So that chore organizer app or that ab workout app that you haven’t touched in months – delete it!

By deleting unused apps, reading the fine print and avoiding third-party apps and unrecognized app stores, you can dramatically decrease your chances of becoming a victim of cybercrime and manage your online privacy in a relatively easy way.

When people want to know the answer to something they invariably Google it. But what have people been Googling in 2017? Google has published various lists detailing what people have Googled over the past 12 months, including overall search terms, consumer tech, and memes.

The Search Terms That Trended in 2017

The first, and most important, list is the one detailing the searches that trended in 2017. This is a heady mix of catastrophic events (Hurricane Irma), big technology launches (iPhone X), celebrities who made the headlines (Matt Lauer and Meghan Markle), and fads (Fidget Spinner).

1) Hurricane Irma 2) iPhone 8 3) iPhone X 4) Matt Lauer 5) Meghan Markle 6) 13 Reasons Why 7) Tom Petty 8) Fidget Spinner 9) Chester Bennington 10) India National Cricket Team

Google’s takeaway from these statistics is the prevalence of “How”. Apparently, more people than ever are Googling how to do something or other, whether it’s “How to make slime” or “How to buy Bitcoin”. Which is good for us, as we pride ourselves in showing people how to use technology.

Amongst the other lists is one detailing the consumer tech search terms that trended in 2017. Apple will be pleased to see the iPhone 8 and iPhone X at the top, but then smartphones make up the bulk of this list. The Nintendo Switch, Xbox One X, and new Nokia 3310 the exceptions.

1) iPhone 8 2) iPhone X 3) Nintendo Switch 4) Samsung Galaxy S8 5) Xbox One X 6) Nokia 3310 7) Razer Phone 8) Oppo F5 9) OnePlus 5 10) Nokia 6

There are 15 lists to scour, with the one listing the biggest memes of the year being particularly worth a look. However, it should be noted that these may not be the terms people have searched for the most in 2017, but that experienced “a high spike in traffic in 2017 as compared to 2016.”