If you’ve ever seen a search bar on a website, then chances are that your personal information has been leaked to a massive network of advertisers. The amount of data crawling on the internet is so pervasive that Norton Labs estimates more than 80% of websites you visit send your search queries to third parties.
Bleeping Computer reported on the Norton Labs security experiment that crawled 1 million of the top websites on the net. Norton Labs used the internal site search feature on websites and then tracked what happened with their searches. The results were much worse than what the researchers were expecting.
“We searched for something specific – “jellybeans” – to make sure we could easily find our search terms in the network traffic,” Daniel Kats, Norton Labs’ Senior Principal Researcher, said in a company blog post. “Of the top websites which have internal site search, we observed 81.3% of these websites leaking search terms in some form to third parties.”
These sites are big. Think WebMD and CNN. And the third-party network to whom they’re leaking user data includes Google and other internet-advertising behemoths. Kats also highlighted that there are probably more ways sites are selling user data, but they were unable to track them due to HTTP requests being obfuscated.
Norton Labs also checked to see if website privacy policies informed users of what happens to their data when they visit or search on the site. “We found that only 13% of privacy policies mentioned the handling of user search terms explicitly, a worryingly small percentage.” Kats said. “However, 75% of privacy policies referred to the sharing of “user information” with third parties (which may include search terms) using generic wording.” He added that regular users are not well-informed of how their private data is treated based on the complicated wording in these privacy policies.
What can you do? Well, you can start by limiting how much of your data gets shared around the internet by blocking all third-party trackers. There are ways to set this up on Chrome, while browsers such as Safari and Brave have these tools built in. You can also use privacy-focused search engines such as DuckDuckGo or Brave Browser.
Otherwise, there’s not much else you can do other than avoid the internet completely. It seems, for the time being, our personal data will continue to be for sale to the highest bidder.
