The Trackers That Stole Christmas

While Americans shopped online in record numbers this past holiday season, our personal information was collected, analyzed, shared, sold and resold through an elaborate web of internet technologies including trackers, pixels and cookies that run behind the scenes on the websites we visit. This holiday season we often unknowingly gifted much of our personal data to companies we don’t know, and for purposes that seem way more naughty than nice. At LOKKER, we analyzed the top 100 e-commerce sites in the U.S. to see how customer data was collected, shared and sold during the 2022 holiday season.

It Was an Online Shopping Holiday Season Like No Other!

U.S. consumers spent just over $35 billion online during the five-day period starting on Thanksgiving Day and continuing through Cyber Monday. With over 1 trillion visits to online retailers, 2022 set a new record in both visits and sales. While online retailers collected record revenue in 2022, social media companies and data brokers also went on a shopping spree collecting our online personal data.

Some Say Santa Knows When You’re Sleeping and When You’re Awake. TikTok, Facebook, and Snapchat Know Quite a Bit More

LOKKER research found that Facebook was tracking users on over 60 of the top shopping sites, Pinterest on 35, and TikTok on 22. Twitter and Snapchat round out the top five social media networks, found on 18 and 19 of the top 100 websites, respectively. So while we shopped, these social media companies were collecting information about what sites and pages we visited, what products we searched for, our locations, and so on. (That’s why you keep seeing those pickleball ads in your feed!)

It Seems Santa Wasn’t the Only One Who Was Served an Abundance of Cookies This Holiday Season

Browser cookies, one of the most familiar web tracking tools, were sprinkled all over our shopping experiences. Cookies are mini web applications that store information about our website activities. Often, it's for helpful purposes like remembering what we put in our shopping carts while we continue to browse a site. However, cookies can also store a unique ID code that advertising networks and data brokers use to build profiles about our activities across sites we visit, collecting records of our searches, the articles we read, the videos we watch, the health issues we research, and, yes, the holiday gifts we purchase.

Cookies by the Numbers

The research also found that over 3,000 cookies were served across the top 100 U.S. shopping sites. Some websites had as many as 134 cookies collecting our information. Google’s Doubleclick ad network led the way with the most cookies (found on 77 sites), closely followed by Microsoft (on 59 sites), Verizon (on 58), Experian (on 46), and Oracle (on 42 of the top 100 websites).

The toys we researched, the travel plans we booked to see friends and family, the sweaters and hats and Nutcracker tickets we purchased were all under surveillance — not by elves in the North Pole, but the bots and trackers that continually surveil our every interest and activity.

The top 10 online trackers include some very familiar names, and a few you might not have known were in the web data tracking business:

1. Google
2. Facebook
3. Microsoft
4. Verizon
5. Adobe
6. Experian
7. Oracle
8. Pinterest
9. Taboola
10. TransUnion

Each of these companies run behind the scenes of the top e-commerce websites collecting information about which pages we see, which products we're looking at, where we’re located, and other sites we visit before and after shopping, too!

It’s 2023. Do You Know Where Your Customers’ Data Is?

In this new year, as California, Colorado, Connecticut, Virginia and Utah roll out new privacy laws for their residents, companies (marketers, IT professionals, and data privacy executives) must be more aware and more vigilant about protecting customer data. Companies in every sector are busy making changes to their privacy policies and finding ways to comply with the new regulations and still build the marketing intelligence they need. Here are a few tips on how to make 2023 safe for your online customers and achieve compliance with the new laws:

1. Scan your site to identify the tags and trackers currently in place on your website and confirm that you still have business relationships with them.
2. Implement consent management software to enable your customers to opt in to appropriate features.
3. Make sure risky third-party applications (e.g., session replay tools and tracking pixels) are not on pages capturing customer form data and configure them properly to not "overshare" data with your partners.

Here’s to a successful 2023 and building a better, safer, more respectful internet for all.

Jeremy Barnett is the chief commercial officer at LOKKER, a provider of online data privacy and compliance solutions for the enterprise.