Have you ever wondered why so many web sites offer various services for “free”? Consider social networks. They let you stay in touch with friends, share photos, chat, recommend stuff, etc. Even if you are not involved in a social network, you are probably using one of those cool services around there such as a web feedreader, photo albums, online documents, and so on.
Are they giving you “free” services? This depends on your definition of “free”. Using them doesn't actually cost you money directly. However, these companies do need money to operate. Their source of revenue is derived mostly by advertisers and the more information these companies have (tastes, thoughts, locations, relations, …), the more they can profit from selling it. Yes, that's right: they sell your information.
Too much paranoia? Maybe. However, let's try a test. Visit the link below (it will redirect to doubleclick.net; it will work better if you visit it with a browser/computer used only by yourself with no blockers):
It probably guessed your demographic information and/or interests. How do they know? They track your internet usage by means of an “HTTP cookie”, which is a small file that some websites leave on your computer when you visit them. While it is not a big issue per se (they can be used to, for example, save your preferences for a website), they can also be used to collect information about you, as shown above.
A cool and informative visualization of the tracking process can be seen here: http://collusion.toolness.org/
So, it would seem HTTP cookies (as just seen) are the problem. No, it is (was?) the most widely used/known method. There are various other techniques:
Even if you don't care about online privacy, you should be aware of the fact that some of the above techiques can be used to impersonate you. See, for instance, an article about Cookie theft and session hijacking.
So far we have seen some of the hidden risks to your online privacy that don't require you to do something in particular, just that you browse the internet. There are also various activities that are based on the information you explicitly give (though, of course, the methods discussed above still apply): search engines and social networks.
Every time you submit a request to a search engine, they will log it and associate it with you. XXX expand XXX. Alternatives: http://duckduckgo.com/, …
XXX expand XXX
delete EXIF information
So, how to protect your privacy on-line? Some useful suggestions: