Online Tracking: When Does it Become Stalking?

Abstract

Online user activities are tracked for many purposes. In e-commerce, cross-domain tracking is used to quantify and pay for web-traffic generation. Our previous research studies have shown that HTTP cookie-based tracking process, though reliable, can fail due to technical reasons, as well as through fraudulent manipulation by traffic generators. In this research study, we evaluate which of the previously published tracking mechanisms are still functional. We assess the efficacy and utility of those methods to create a robust tracking mechanism for e-commerce. A failsafe and robust tracking mechanism does not need to translate into further privacy intrusions. Many countries are rushing to introduce new regulations, which can have a negative impact on the development of robust technologies in an inherently stateless eco-system. We used a multi-domain, purpose-built simulation environment to experiment common tracking scenarios, and to describe the parameters that define the minimum tracking requirement use-cases, and practices that result in invading privacy of users. This study will help practitioners in their implementations, and policy developers and regulators to draw up policies that would not curtail the development of robust tracking technologies that are needed in e-commerce activities, while safeguarding the privacy of internet users.