Thousands of websites can view without the user’s permission if you enter your e-mail address on an online form. You don’t even have to click send. This is apparent from a large-scale study by KU Leuven, Radboud University and the University of Lausanne.
–
According to the researchers, someone who wants to subscribe to an online newsletter may be dealing with a ‘leak web form’. This is an online form where a third party specializing in internet user tracking can collect someone’s information if they enter their email address. In this way, an attempt is made to find out which websites someone visits, in order to compile an individual profile and to unleash targeted advertisements on that person.
Even if someone changes their mind at the last minute and removes their email address from the web form, those websites will still forward it to third parties without the user’s knowledge.
Vanden Borre and Marriott
After one of the researchers discovered the technique at one website, the team began a survey of 100,000 of the most used websites. The researchers found 1,844 sites that sent data from European users, and 2,950 websites that did so with data from American users. The list includes, for example, the Shopify webshop, the site of the hotel chain Marriott and several American news websites such as FoxNews in USA Today† The researchers also found the website of electrical wholesaler Vanden Borre closer to home. In 52 cases, passwords were also passed on to third parties.
Meta in Tiktok
‘At first glance, these seem like low percentages, but this concerns websites that have tens of millions of users’, explains Bart Preneel, professor of cryptography at KU Leuven. ‘It is known that this phenomenon is one of the techniques to circumvent e-privacy legislation, but it is being done by more websites than thought. We cannot say how many users have been affected by this technology.’
The large social media companies Meta and Tiktok also collect information from users via other websites, the study shows. In total, the team found 8,438 US and 7,379 European websites that may have sent data to Meta, and 154 US and 174 European websites that may have been funneling data to Tiktok. The study took more than a year to complete. The team of researchers has meanwhile developed a tool which other researchers can use to check whether websites use the technique.
–
