A recently released report from Stanford University law and computer science graduate student Jonathan Mayer has revealed that many of the Internet's most popular websites are prone to sharing consumer data without their consent.
According to the San Jose Mercury News, 61 percent of the 185 high-traffic websites analyzed in the study, 61 percent share user names or user IDs with another site. In many cases, this practice was in direct violation of the original website's explicit data privacy policies.
"Many first-party websites and third parties make what would appear to be incorrect representations about not sharing or collecting 'personally identifiable information,'" Mayer told the Los Angeles Times in a written statement.
This concerning practice can take a variety of forms, according to the Stanford student. Third-party web tracking tools may acquire user data when a first party hands off, or "leaks" the information directly. Third-party websites may also purchase the sensitive information through a "matching service" or gain access by exploiting data security loopholes. Additionally, some larger sites including Facebook, Twitter and Google+ openly track user information.
"Click the local Home Depot ad and your email address gets handed to a dozen companies monitoring you. Swap photos with friends on Photobucket and clue a couple dozen more into your username," warns Mayer.
Upon hearing the news of the report's release, Federal Trade Commission Chairman Jon Leibowitz praised the study as "absolutely terrific work," according to the San Jose Mercury News. The findings of the study serve as an important complement to the agency's ongoing Internet security efforts focusing on consumer protection. The FCC's "Do Not Track" feature has been instrumental in allowing users to block potential data-collection programs.
"Once you enter cyberspace, software placed on your computer, usually without your consent or even knowledge, turns your private information into a commodity out of your control," the chairman told the news outlet. "Your computer is your property, and people shouldn't be putting things in it without your permission."
Although some companies claim to have customers' best interests at heart, Mayer's research suggests that policy does not always match up with practice. Businesses would be wise to shore up these security loopholes and eliminate the potential for costly future sanctions. But in the meantime, consumers are encouraged to view websites with a more critical eye and proactively pursue Internet security solutions that protect their devices – and more importantly – their information.
Data Security News from SimplySecurity.com by Trend Micro