Skip navigation

Anatomy of the Third Party Web Tracking Ecosystem

Abstract:

“The presence of third-party tracking on websites has become customary. However, our understanding of the third-party ecosystem is still very rudimentary. We examine third-party trackers from a geographical perspective, observing the third-party tracking ecosystem from 29 countries across the globe. When examining the data by region (North America, South America, Europe, East Asia, Middle East, and Oceania), we observe significant geographical variation between regions and countries within regions. We find trackers that focus on specific regions and countries, and some that are hosted in countries outside their expected target tracking domain. Given the differences in regulatory regimes between jurisdictions, we believe this analysis sheds light on the geographical properties of this ecosystem and on the problems that these may pose to our ability to track and manage the different data silos that now store personal data about us all.”

 

The Takeaway:

“Unsurprisingly, we found overall that a small number of international corporations are heavily dominant in all countries and regions. We observed significant differences in the numbers of observed third-parties across regions, with Turkey and Israel in the Middle East region standing out as having considerably more local third-parties than most countries. We observed considerably greater regional dominance of third-parties in Europe and East Asia, perhaps indicating greater commercial collaboration among companies in countries in those regions. In contrast, presence countries in North America is dominated by local third-parties.” the

 

The authors’ analysis of the effect of regulation was particularly interesting. Even in regions or nations where there were laws governing third party trackers they usually consisted of consent-based systems (the UK being an example). Implementation, however, varied with in the region, for example, the UK’s neighbor Germany has yet to implement the EU wide protocols for governing third party trackers. The US, by contrast, has no national legislation governing third party trackers but instead leaves it up to the states or self-regulation by the collectors (which always works well). It strikes me that legislation alone isn’t going to address the privacy concerns presented by third party trackers and that a more technical solution is required. On the other hand, enforcement could pose a problem. How would a governing body monitor trackers and what would the penalties be for data collection? Furthermore, what loopholes would the private sector find in order to continue to collect user data? Are these governments soft on trackers because it benefits their law enforcement and intelligence agencies to do so?