A recent study by Norton Labs shows that eight out of ten websites with a search bar will pass on their visitor’s search terms to online advertisers.
To carry out the research, Norton Labs developed a crawler, which was able to scan what was happening on the top million websites while bypassing browsing disruption and human-confirmation challenges.
The crawler was able to locate the search entries on the pages visited, search for the term “JELLYBEANS,” and then capture all network traffic, including the URL, the request referrer header, which provides more details about the resource received from the server receiving the request, and the payload.
The results showed that the most leaks of search terms penetrated the referrer header (75.8%) and the URL (71%), while payloads contained JELLYBEANS in 21.2% of the cases examined.
81.3% of the one million websites visited leaked information to advertisers on at least one of the three sites studied. Norton Labs said that the number remains the lowest case scenario, as the actual percentage is higher than forecast.
When disclosing the practice of sharing data in privacy policies, the crawler found that only 13% explicitly mentioned “search terms,” while 75% included the generic “sharing of user information with third parties” statement.
In order to protect themselves, users are advised to set their browser so that all third-party trackers cannot be loaded onto the websites they visit.
The sources for this piece include an article in BleepingComputer.
