Showing posts with label third-party-cookies. Show all posts
Showing posts with label third-party-cookies. Show all posts

Monday, May 6, 2024

Disable third-party cookie

What is third-party cookie?
Have you ever wondered why websites suddenly start serving you ads for specific products everywhere you browse? For example, after you visit an eyewear website or search for glasses on Amazon, you'll notice you get a lot of ads related to eyeglasses or sunglasses. This is done using third-party cookies stored on your device which are primarily used for targeted advertising. 

Why do you need to disable third-party cookie?
They track your browsing activity across different websites, building a profile of your interests to be used by advertisers to serve you ads that are more likely to be relevant to you. As such, they raise significant privacy concerns because they allow companies to track your online movements across multiple websites, building a detailed profile without your full awareness.

How to disable third-party cookie?
While Firefox and Safari browsers have blocked third-party cookies by default for quite some time, Google Chrome, on the other hand, had a deadline to phase out third-party cookies by the end of 2024. However, Google recently announced that it is delaying the phase-out of third-party cookies beyond 2024 (https://searchengineland.com/google-third-party-cookie-phase-out-third-delay-439864)

If you are a Chrome browser user like me, you don’t need to wait for google to phase-out third-party cookie. You can actually disable it in Chrome browser by typing "chrome://settings/cookies" on the address bar and selecting "Block third-party cookies." I've had this setting enabled since its introduction and haven't encountered any significant website functionality issues. Once you do that, your browser address bar will show a blocked icon for every site you visit that uses third-party cookie as shown below … 

More interestingly, the following is a screenshot of my login session with my bank (a major US bank) website. As you can see the bank’s webpage code indeed has embedded content from facebook.com. However, since the third-party cookies are blocked, it will not be able to read which is what I want. As a matter of fact, this is indeed how Facebook learned about my banking activity which I have documented in detail in a blog post last year. You can read it at  https://blog.selvansoft.com/2023/06/facebook-knows-you-way-more-than-you.html to learn how the information was gathered.

Ideally, I’d like to block facebook.com here all together (i.e. disable it like I did with public.cobrowse.oraclecloud.com). However, it is not very practical because if I do that, I need login & authenticate to facebook.com every single time which is painful, so I let it be there at least I know they are not going to learn my banking activity for sure which is good enough.

Finally on a related cookie topic, I learned an interesting fact from a tech podcast with Steve Gibson (grc.com) on the annoying cookie permission pop-ups (GDPR compliance) we see on every website these days. It turns out that about 65% of the websites ignore what you choose and place tracking cookies anyway. You can view/hear the relevant section of the podcast here and here.

Friday, June 2, 2023

Facebook knows you way more than you think!

We all know that Facebook collects data on all of us. They manage to do that with different ways including via 3rd-party web browser cookies; an explanation of 3rd-party cookies goes beyond the scope of this blog but you can read about it here if you are interested to know more. While 3rd-party cookies are slowly phased out, the alternative i.e. FLoC proposed by Google, as per many privacy advocates, is even worse ... so for now, just assume Facebook and other platforms will always have a way to spy on you.

While there are ways to restrict what Facebook collects (follow steps at end of this blog), there is not a whole lot you can do to make them stop other than just deleting your Facebook account. The reason is, Facebook generates substantially all of its revenue by selling ads, so they have to monitor your online activity to slap you with targeted ads and curated content based on your web browsing behavior i.e., the sites you visit, shop, like etc. At the end of the day, Facebook knowing that I have T-Mobile wireless, or shop at Amazon or browse Reddit etc, is not a big deal for me, I just don't care. However, when I looked at what websites are sharing with Facebook, specifically, financial institution that I do business with, I was very concerned. My financial institution (will not mention their name here) shared with Facebook something related to my activity which is scarry, see below ...


It is unclear to me what they shared since I don't have the details other than Facebook telling me they did. I have the habit of clearing all cookies on banking and financial websites frequently, so unfortunately, I can no longer access this specific cookie in my browser to see the content of what all was shared with Facebook! However, based on the name of activity shared i.e., "COMPLETE_REGISTRATION", I can only assume it is not something I would like them to share, whatever it is. If it was just "PAGE_VIEW" like all other sites, I would be ok with it even then, why would Facebook need to know what bank website I visit? The only thing I remember is opening a new account, transferring money on those 2 days at that exact time mentioned which caused my concern. Why on earth Facebook needs this information? Just to give some perspective, this is just one specific instance of a website I have discussed above, there could be crap ton of them we visit every day sharing all kinds of stuff w/ Facebook 😮.  

Finally, if you got this far, you could follow the steps below to tell Facebook to quit doing this, at least for now, until they figure out new ways of profiting on you 😃

Update: (May 22, 2024): Since many page links and interfaces have changed since this original post back in June 2022, I updated the details below as of today. 

While logged in Facebook ...

  1. Navigate to https://www.facebook.com/off_facebook_activity
  2. Click "Manage future activity"
  3. Click on "Disconnect future activity.” 

This will also clear all the stored activity, so you don't need to clear that. For visual reference, The screenshots for steps 2 and 3 are below. 




Sunday, June 26, 2022

Facebook knows you way more than you think!

We all know that Facebook collects data on all of us. They manage to do that with different ways including via 3rd-party web browser cookies; an explanation of 3rd-party cookies goes beyond the scope of this blog but you can read about it at the link here. Though 3rd-party cookies are slowly phased out, the alternative i.e. FLoC proposed by Google, as per many privacy advocates, is even worse i.e. so for now, just assume Facebook and other platforms will always have a way to spy on you.

While there are ways to restrict what Facebook collects (follow steps at end of this blog), there is not a whole lot you can do to make them stop other than just deleting your Facebook account. The reason is, Facebook generates substantially all of its revenue by selling ads so they have to monitor your online activity to slap you with targeted ads and curated content based on your web browsing behaviour i.e. the sites you visit, shop, like etc. At the end of the day, Facebook knowing I have T-mobile wireless, or shop at Amazon or browse Reddit is not a big deal for me, I just don't care. However, when I looked at what websites are sharing with Facebook, specifically, financial institution that I do business with, I was concerned. My financial institution (will not mention their name here) shared with Facebook something related to my activity, see below ... 

Off-Facebook Activity

It is unclear to me what they shared since I don't have the details other than Facebook telling me they did. I have the habit of clearing all cookies on banking and financial websites frequently, so unfortunately, I can no longer access this specific cookie in my browser to see the content! However, based on the name of activity shared i.e. "COMPLETE_REGISTRATION", I can only assume it is not something I would like them to share, whatever it is. If it was just "PAGE_VIEW" like all other sites, I would be ok with it. The only thing I remember is opening a new account, transferring money on those 2 days at that exact time mentioned which caused my concern. Why on earth Facebook needs this information? Just to give some perspective, this is just one specific instance of a website I have discussed above, there could be crap ton of them we visit everyday sharing all kinds of stuff w/ Facebook 😮

Finally, if you got this far, you can follow the steps below to tell Facebook to quit doing this, at least for now, until they figure out new ways of profiting on you 😃


Update: (May 22, 2024): Since many page links and interfaces have changed since this original post back in June 2022, I updated the details below as of today. 

While logged in Facebook ...

  1. Navigate to https://www.facebook.com/off_facebook_activity
  2. Click "Manage future activity"
  3. Click on "Disconnect future activity" [Note: this will also clear all the stored activity so you don't need to clear that]
For visual reference, The screenshots for steps 2 and 3 are below.