Not new, but hardly benign
Browser fingerprinting isn't new, not by a long shot. Back in 2010, the Electronic Frontier Foundation created a research project, dubbed "Panopticlick," that pulls as much individually identifiable information as it can from visiting browsers. The results are compiled into a database that allows a user to determine how uniquely identifiable their browser is.
The EFF discussed the resulting research in a paper, "How Unique Is Your Web Browser?" It claimed that browsers, on average, provided "at least 18.1 bits of entropy," meaning the odds of a given browser's signature were unique to a degree of 1 in 286,777. That plus any number of other identifying behaviors means a given browser is trivially easy to single out from the crowd.
What's new here, though, is the way the fingerprinting is being done as a service by third parties. Discussions of privacy on the Web have tended to revolve around cookies or other obvious methods, not the gathering of general behavioral metrics. But the methods used are tilting more toward the latter than the former, in big part because they leave no traces on the user's computer.
The privacy implications of all this shouldn't be hard to see, especially given how repositories of personal data harvested by third parties are susceptible to attack and harvesting.
The FPDetective software created for the sake of producing the study is to be released to the general public at some point later. Privacy advocates will most likely want to use it to continue where this study left off -- especially as the methods used to track people and harvest personal data from behavior grow all the more widely used in multiple venues.
This story, "The new Web tracking: You never see it coming," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.