By Julia Angwin, Wall Street Journal
A study released Tuesday shows that 45% of the top 185 U.S. websites transmit identifying details about their visitors to at least four outside websites.
The data transmitted was primarily a “username” – which is the name a person uses to log into a website – or a user ID assigned by the website to a user. It was usually transmitted through referrers – which is information about the web page transmitted automatically.
In some cases, the data went much further: the study found for instance that the online dating website OKCupid sent the gender, age, zip code, relationship status and ‘drug use frequency’ to two companies that sell personal data in auctions, BlueKai and Lotame.
Lotame confirmed that is has a data licensing relationship with OKCupid, but said it does not use data in the “drug use category.”
BlueKai told Digits that it does not buy or sell data attributes like “drug use frequency” from OKCupid. “We do capture standard demographic attributes like zip, age and gender from several publishers,” a spokesperson said.
It’s not clear how many companies that received the data used the identifying information. But researcher Jonathan Mayer, a PhD student at Stanford University’s computer security lab, said that the study proved that online tracking is not anonymous.