If there is one thing that we repeatedly hear from tech companies, it’s that all the data collected is “anonymous” and cannot be used to identify users.
When Xiaomi’s default browser “incognito mode” was caught collecting user data without consent, it straight up denied the claims but later jumped to words like “anonymous” and “aggregated.” In fact, these words are the foundation of the privacy policies of hundreds of third-party browsers out in the market.
Experts have been warning users about the so-called “aggregated” browsing data collection for years. Now, three Mozilla researchers have come forward with a new study that further bashes the myth of ‘anonymous’ browsing data.
In a study called, “Replication: Why We Still Can’t Browse in Peace: On the Uniqueness and Reidentifiability of Web Browsing Histories,” Mozilla talks about how online advertisers can easily re-create accurate profiles, thanks to the uniqueness of each user’s browsing habits.
The research is a follow-up to a similar study done in 2012, where over 97% of participants had a unique browsing history and therefore made it easy to identify a user.
In a study conducted by Mozilla employees, the team collected data about 35 million website visits to 660,000 unique domains. Interestingly, Mozilla employees said over 99% of browsing profiles were unique to each user. The re-identifying accuracy rate for data sets containing 50 domains of a user’s browsing history was nearly 50%, 12% higher from the 2012 study.
Moreover, the re-identification rate grew to over 80% when the data set was expanded to 150 domains. In a nutshell, companies claiming to keep their browsing data “anonymized” can easily re-identify and track users, even from a small browsing history data set.
As long as there is no significant change to our browsing habits, and we keep visiting our favorite websites, analytics firms can quickly identify us even if the data is anonymous.