WebKit is the open source engine which serves as the basis for internet browsers like Safari. The engine has now adopted a fresh tracking prevention policy that is more stern than ever on the background and cross-site tracking techniques that so many pages use to document users’ internet activity.
What are trackers?
Trackers are essentially pieces of code that the typical internet user never sees. They are in place to monitor what kinds of sites, products, and activities a user might be associated with. Mostly this technology is used for targeted ad placement, however, web user profiling can affect the services certain people will be able to access and even the prices they’re shown. Trackers are also used by hackers to deploy harmful malware to unsuspecting users.
Tracking pixels, location tracking, and device fingerprinting are some of the common procedures which take place in the uncontrolled digital adtech world that is endlessly disregarding user privacy.
WebKit’s policy aims to cease such invasive techniques. Additionally, efforts to avoid its policy will be considered to be along the same lines as malicious hack attacks.
“WebKit will do its best to prevent all covert tracking, and all cross-site tracking (even when it isn’t covert),” states the organization. They also say that the plans will include every kind of tracking noted in the policy, and even “tracking techniques currently unknown to us”.
“If we discover additional tracking techniques, we may expand this policy to include the new techniques and we may implement technical measures to prevent those techniques,” the organization expressed. “We will review WebKit patches in accordance with this policy. We will review new and existing web standards in light of this policy. And we will create new web technologies to re-enable specific non-harmful practices without reintroducing tracking capabilities.”
Laying out its attitude towards policy evasion, WebKit made a clear statement.
“We treat circumvention of shipping anti-tracking measures with the same seriousness as exploitation of security vulnerabilities”. It further stated, “If a party attempts to circumvent our tracking prevention methods, we may add additional restrictions without prior notice. These restrictions may apply universally; to algorithmically classified targets; or to specific parties engaging in circumvention.”
The user will also be asked for “informed consent to potential tracking” if page functionality will be affected due to methods such as limiting time windows for tracking, and data points for user identification.
WebKit explains, “We consider certain user actions, such as logging in to multiple first party websites or apps using the same account, to be implied consent to identifying the user as having the same identity in these multiple places. However, such logins should require a user action and be noticeable by the user, not be invisible or hidden”.