There are certain online activities -- like clicking on an ad -- that obviously lead to companies tracking your behavior. But it might be surprising to hear that entering your email address while signing up for a new service -- or even just clicking on an email -- can lead to companies like Google, Facebook and Twitter keeping tabs on your browsing and shopping habits, too. According to a study by Zach Edwards, signup workflows on Quibi, JetBlue and other companies -- as well as emails from Wish.com -- lead to countless email addresses being leaked to advertisers. This data helps those advertisers create personal profiles and target users for specific ads relevant to their browsing patterns. Edwards states that much of the issue stems from the weak encoding of personal data, as well as the fact that many companies are not requesting advertisers to scrub the data obtained by these means.
The study points out that Quibi is one of the most egregious offenders, even though the company only launched its video streaming service three weeks ago. According to Edwards, the company leaked “all user-confirmed [email addresses] to advertisers and analytics companies.” After signing up for Quibi, users got a confirmation email. By clicking on that email, their unencrypted email address was handed over to Google, Facebook, Snapchat, Google and more.
There are only so many steps users can take to protect their data. This study should serve as a reminder of how closely users are being monitored on the internet -- and how deeply reliant on advertising revenue most web services are.