Government leaking private information? Study finds official websites track data for third parties

MONTREAL, Quebec — George Orwell’s book “1984” warned people of the dangers of a government that is always watching its citizens. While the story is fictional, a recent study warns that it’s starting to become reality. Researchers from Concordia University have discovered that government websites use tracking software from Google to gather sensitive information on their users. The findings call into question the effectiveness of privacy laws, especially when our own government may be sending information to private third parties.

“The findings were surprising,” says Mohammad Mannan, associate professor at the Concordia Institute for Information Systems Engineering, in a university release. “Government sites are supported by public money, so they do not need to sell information to third parties. And some countries, especially in the European Union, are trying to limit commercial tracking. So why are they allowing it on their own sites?”

1 in 3 government sites using tracking software

The research team analyzed the security networks of over 150,000 government websites belonging to 206 countries from July to October 2020. Their analysis started off with a seed list of thousands of government websites using automated searching, crawling, and other methods.

Later, they moved on to deep crawls that scraped links in the HTML page source. Using OpenWPM, an open-source software measuring a web page’s metrics, they collected government site scripts and cookies from their code. They also successfully obtained device fingerprinting techniques.

Researchers wanted to compare the privacy settings from government sites with the ones on apps. They tracked over 1,150 government Android apps from 71 different countries using Google Play store URLs in government sites. They studied the developers’ URLs and email addresses. If possible, the apps were downloaded and data extracted using tracking software-development kits.

The study finds 30 percent of government websites have JavaScript trackers on their contact information pages. Most trackers were owned by the Alphabet company. They also found 1,647 software development kits in 1,166 Android apps, with over a third belonging to Google (37.1%). The rest of the software development kits came from Facebook (6.4%), Microsoft (2.1%), and OneSignal (2.9%).

Governments ‘are enabling these potential violations’

In total, 17 percent of government websites and 37 percent of government Android apps have Google trackers. Researchers say over a quarter (27%) of Android apps gave away private data to third parties or potential hackers. An internet security website called Virustotal flagged 304 sites and 40 apps for malicious activity.

The researchers say the results are alarming, considering people may be forced to enter personal information to government sites to pay their taxes or get medical care. This potentially puts them at higher risk of having their information stolen by identity thieves.

“Governments are becoming more aware of online threats to privacy, but at the same time, they are enabling these potential violations through their own services,” Mannan says. While privacy laws are in place for several states and counties, Mannan says governments need to follow their own advice and make privacy a top priority.

The study is published in the Proceedings of the ACM Web Conference 2022.

About the Author

Jocelyn Solis-Moreira

Jocelyn is a New York-based science journalist whose work has appeared in Discover Magazine, Health, and Live Science, among other publications. She holds a Master’s of Science in Psychology with a concentration in behavioral neuroscience and a Bachelor’s of Science in integrative neuroscience from Binghamton University. Jocelyn has reported on several medical and science topics ranging from coronavirus news to the latest findings in women’s health.

The contents of this website do not constitute advice and are provided for informational purposes only. See our full disclaimer

Comments

  1. Great idea. Works really well if you do not practice any form of unethical non-monogamy, even if you think like Osho that there’s no cheating, there are just alternate celebratory experiences, and some people only know how to rejoice in connection sexually. Like *69, this will be HUGE for tracking tomcats & honeybees, some of whom might be blackmailable, and it sure seems like FBI was doing some of that, as there is no other way to explain Jeffrey Epstein longitude and latitude. Might be bad for corporate espionage opportunities, depending on who can but their way into the data firehouse. I’d LOVE it, because I’d really like vastly more tracking of the people who have been threatening me since I was embezzled and subjected to an EXTREME OSHA violation while an employee in good standing at Bloomberg News. I think public safety now requires the tracking of veterans who have participated in any form of Marines United or other social media visual sexual assault atrocities. I was ambushed and assaulted, and there was no way to track the perpetrator, only the motive and the beneficiaries. DO IT TO EVERYONE, and use it for FEMALE safety from DANGEROUS MEN. IVY LEAGUE SECRET SOCIETIES ARE THE KNOWN OFFENDERS. Thank you for reading. Peace, shalom, & end cyber incest & classmate porn TODAY. PLEASE.

Leave a Reply

Your email address will not be published.