Cross-Browser Tracking: It’s time to update your Privacy Policy!

It is remarkable that many companies do not know the vastness of private information they obtain from their social media and website.  It is essential for every business to understand its legal responsibility to protect their customers’ personal information.

OLD NEWS:  Web browsers can follow your voyage through the Internet. Firefox, Internet Explorer, Chrome and Safari can watch you jump from one website to the next as you journey across the hyperlinks. A company can incur legal liability when its social media, mobile apps and website obtain personal information while tracking you, and you run the risk of losing your legal right to maintain your privacy.

NEW NEWS:  Web browsers have learned how to track your hyperlinks across browser platforms. Some of us keep browser windows open in multiple browsers at the same time to expedite surfing. For instance, I often run Firefox, Chrome and Safari  at the same time. I like to study different subjects in alternate browsers but sometimes a hyperlink in one browser’s window will send me to the other browser’s window. This is important because suddenly two browsers can monitor your web movement  as well as your jumps from, say, Firefox to Chrome and back. For example, Firefox will leave a digital “fingerprint” on a computing device when it visits a website. Through cross-browser tracking, another browser like Chrome can detect and use Firefox’s fingerprint when it runs on the same mobile device or computer.  In this way, a company can continue to targeting advertisements to its users even if they change browsers.

Web tracking presents significant privacy law issues. A company can face business risks and legal responsibilities when it obtains personally identifiable information (PII) from people who visit its social media or website. This was true with older website tracking and it is just as true and even more important today with the advent of multiple-browser tracking. More and more private information will become susceptible to online harvesting and analysis.

United States and international laws protect individuals’ most private informationincluding healthcare records, financial secrets and students’ education records. Your name, address, Social Security number and date of birth are unquestionably private and need to be protected. In

contrast, some personal information may not seem private or important to you — but in the hands of a bad actor, your vacation schedule, your nephew’s name or the names of your online “friends” can become very valuable. Advertisers and consumer product companies want to obtain information about you. They see your world very differently than you do. They see your world as a dark secret waiting to be uncovered and sold for lawful reasons as well as for illegal purposes.

How can a business avoid liability for obtaining web tracking data from its social media or website?  Full disclosure is the best way to avoid liability. It is essential to inform your customers and media users that your business collects private information from them. Once they have been notified, your customers will not be able to claim ignorance of your Internet practices and data retention policies. For this reason, your business needs a good Privacy Policy that specifically notifies users about what data your company collects and what it does with the data.

Do Not Track is an opt-out setting in most browsers that allows a user to electronically inform companies that she does not want to be tracked across the web on websites and social media. By turning on this setting, a user’s mobile device or computer will send a digital signal to websites and social media to inform them that she does not want to be tracked. According to Google, some websites respect Do Not Track requests and others do not. Compliance with Do Not Track is voluntary, not mandatory. As a result, even when a user send a digital no-track request, many websites will ignore the request and continue to collect all sorts of browsing data.  A user is not able to force a website to stop tracking her or to know whether her digital footprints are being followed.

Today’s new cross-browser tracking technique is just another indication that data harvesting is here to stay. The challenge for any business is to avert online legal liability. One of the best ways for a company to protect itself from liability is by updating its Privacy Policy.  With an enhanced policy in place, every mobile user and social media consumer will understand the extent of a company’s collection of personal data. By disclosing this information to the public in a customized Privacy Policy, companies can mitigate their risk of litigation and adverse publicity.