Are Retailers Using Ad Trackers at the Expense of Consumer Privacy?

Consumers spent a record $6.59 billion this Cyber Monday, more than double the amount spent in 2016. This included an exponential increase in year-over-year online purchasing. And while retailers bask in the afterglow of a successful holiday season, consumers have been unknowingly left in the lurch. Despite massive profits, some of the most frequented e-commerce sites are completely riddled with ad trackers that are covertly collecting a massive amount of consumer data without users’ knowledge or consent.

And the Worst Offenders Are …

Ghostery used its extensive tracker database to analyze just how many ad trackers are present on the 50 most popular e-commerce sites, looking at five verticals: women’s clothing, men’s clothing, consumer electronics, jewelry, and toys and games. We found that women’s clothing sites have an average of 24 ad trackers in the typical online shopping cart, with Talbots hosting the most total trackers on its homepage (more than 66 trackers, on average). Men’s clothing sites aren’t far behind, with an average of 23 trackers in the shopping cart. In this category, Brooks Brothers has the most (64 trackers, on average).

Fossil has the most trackers on its homepage for jewelry (48 trackers, on average), while Newegg topped the list for consumer electronics (66 trackers, on average). Perhaps most alarmingly, StarcityGames, a top games/toys site, hosts an average of 86 trackers on its homepage, which is particularly concerning because children may be among its top visitors and are at risk of being tracked without their parents’ consent.

Here’s What Ad Trackers Are Really Doing

More often than not, more trackers on a page means slower page load speeds, an obvious challenge to companies when every second counts when trying to convert visitors into paying customers. However, e-commerce sites maintain relatively low page load times despite having large numbers of trackers, in large part because they’re not loading media-heavy ads. Rather, they’re using dozens of ad trackers to retarget visitors when they leave their site as well as a cocktail of web analytics tools to analyze and optimize their conversion funnels. In this way, e-commerce sites can take a double-barrel approach with optimized conversion funnels and aggressive retargeting tactics meant to maximize sales.

Putting Retargeting to the Test

Ghostery put these tactics to the test by visiting e-commerce sites like those mentioned above, browsing products that caught our fancy, adding them to our shopping cart, and recording the trackers we saw along the way before we left the site to see what ads followed us around the web.

In one of these instances, we visited Talbots.com and, after some browsing, we added some fetching turtlenecks to our shopping cart, which you can see below:

However, being the somewhat tight-fisted researchers we are, we abandoned our shopping cart before completing our purchase and instead went to CNN.com to see what terrible things are currently happening in the world. And this is what we saw:

While we were tempted to learn what truth Jeff Sessions may have told, we couldn’t help but notice that those same fetching sweaters followed us to the next page we visited as a banner display ad meant to entice us back to our shopping cart and complete our purchase.

To achieve this near-magical feat of retargeting, Talbots placed snippets of tracker code on its most business-critical pages, allowing it to track which products we browsed and, more importantly, which ones we added to our shopping cart. While tracking like this by Talbots can be disconcerting, what’s more alarming about this practice is that not all these trackers were placed on the page by Talbots itself. Rather, the trackers that Talbots placed directly on its site loaded dozens of other ad-tech trackers in turn, bringing proverbial party crashers to the browsing experience that weren’t invited by Talbots but ran amok and gobbled up our sensitive user data for ad targeting nonetheless.

This party-crasher phenomenon largely explains why Ghostery uncovered as many as 85 trackers on Talbots.com. However, the next piece of the puzzle clicks into place when we observed that 37 of the same trackers were also found on CNN.com, demonstrating an interconnected internet ecosystem that’s predominately controlled by a network of advertisers that can stitch together user data across dozens if not hundreds of sites to persistently shadow individuals across the web with ads tailored to their browsing behavior, no matter how intimate or private it is.

Putting Control Back Into Consumers’ Hands

As Ghostery demonstrates in these examples, e-commerce sites and advertisers have the upper hand when it comes to extracting value from user data. However, we believe in a world where all internet users have bargaining power when they find themselves at the negotiating table with these big companies. It’s imperative to educate consumers, not to turn business away from retailers, because the everyday person has a right to know where their data is going and what happens when they unknowingly give their information away for free.

Even in 2018, the internet is still the Wild West. There are few rules that genuinely constrain websites, and the law of the land is still largely determined by what site owners can get away with. Unfortunately, websites and their ad-tech partners can still get away with quite a lot. There's a virtual guarantee that dozens of companies have detailed profiles about you that are a compendium of data that not only include your shopping interests and browsing history, but may also include your financial situation, sexual orientation, health status, political views and religious beliefs.

Sadly, national data protection laws will never be able to fully protect users against for-profit tracking; the incentives for companies to track and monetize data are just too large. For this reason, it's incumbent upon users to take matters into their own hands and protect themselves and their privacy by using anti-tracking tools.

At the end of the day, e-commerce companies can and should do everything they can to optimize their businesses. However, consumers should do everything they can to ensure that their privacy doesn’t become collateral damage in the fight for profitability.

Jeremy Tillman is the director of product management at Ghostery, a browser extension that makes consumers’ web browsing experiences faster, cleaner and safer by detecting and blocking thousands of third-party data-tracking technologies.