[AfrICANN-discuss] Tracking performed by social networks

Anne-Rachel Inné annerachel at gmail.com
Fri Dec 9 22:17:51 SAST 2011


The article is pretty long so please check the link for complete information

http://webappsecblog.com/TrackingBySocialNetworks.html

In this blog post I analyze methods of user tracking which are performed by
popular social network websites such as *Facebook*, *Twitter*, *Xing*, and
recently *Google+*.

Each of these social networks have buttons (called *Like*, *Tweet*, *
Visitors*, and *+1* buttons) which are installed on numerous websites. I
try to put some light on the actions performed by those buttons and how
they track users around the web, even when they don't click those buttons.

All these buttons have one thing in common: they are embedded in websites
all around the web and load resources (scripts, images, etc.) which are
fetched from the social networking website or their content delivery
partners. The website operator embedding these buttons does not have the
complete control over what content is loaded in the context of the user's
browser viewing the website.

In the next paragraphs I show some details about the code of these buttons
and what happens when users view the webpage located at
http://www.example.com/shop.jsp?product=4711. Let's assume that this is a
popular shopping site and the URL points to the product page of a certain
product (identified by the parameter in the URL).

I differentiate between the following three cases for each social network
while analyzing their abilities to track users surfing the web:

   1. The user *is logged in* at the social network site.
   2. The user *is not logged in* at the social network site.
   3. The user *is not participating* in the social network and has
   therefore *no account*.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.afrinic.net/pipermail/africann/attachments/20111209/6e859702/attachment-0001.htm


More information about the AfrICANN mailing list