Internet tracking: How and why we’re followed online

a black woman in a yellow shirt sits on her couch, surrounded by shopping bags and with a credit card in hand one hand and a phone in the other, indicating she is online shopping

June 29, 2021

Try Norton 360 FREE 30-Day Trial* - Includes Norton Secure VPN

30 days of FREE* comprehensive antivirus, device security and online privacy with Norton Secure VPN.

Join today. Cancel anytime.

*Terms Apply

Ever feel like advertisements are ... following you? From webpages to your social media feeds and maybe even as commercials on your favorite streaming platform?

You’re not alone. You’re being tracked. We all are.

Internet tracking is virtually standard practice for web browsers and internet-connected devices, with websites watching how we engage with their content to improve user experiences and advertisers poring over our data to target us with relevant products and services, among other rationales.

This doesn’t necessarily mean you or your data collected is at risk, but shouldn’t we all know how and why our data is being collected? It’s our data, after all. That’s precisely what we’re exploring here — the what, why, and how of internet tracking, plus tips to cover your digital tracks, if you choose to.

What is internet tracking: An overview + FAQs

a definition of internet tracking, which is the analysis of online users’ behaviors


Internet tracking is an analysis of online users’ behaviors, generally for the purpose of delivering a more personalized browsing experience. It’s also referred to as browser tracking, digital tracking, data tracking, or web tracking.

In simpler terms, internet tracking is how websites study our behavior when we visit them. And it’s more common than you might think, as 79 percent of websites apparently do it. Worth mentioning is that website tracking is not illegal, but it’s also not widely understood.

Why do websites track us?

They say the more you know, the more you understand. That’s pretty much the premise of internet tracking: The more websites know about us, the more they understand us — and, ideally, they use that intel to better serve us.

That can translate into a quicker and more convenient browsing experience on websites. You might even consider and find value in how YouTube or Netflix is so good at suggesting the show you want to binge-watch next. Or that Amazon manages to show you the product you need to buy right when you open the site.

But internet tracking isn’t entirely about user experience. For perspective, here are few more reasons websites track us:

  • To create revenue streams: Some websites don’t only store your user data but they might sell it, too, to advertising companies looking to target you with relevant products.
  • To help aid law enforcement: Some law enforcement agencies monitor online user behaviors to spy on suspicious individuals.
  • To measure business performance: Businesses reference their website analytics, meaning what consumers engage with most on their sites, to inform their content strategies or product releases. 
  • To monitor a website’s usability: Keeping a close eye on how website visitors engage with a website can help websites pinpoint and correct any areas that are falling short.

How do websites track us?

a cookie, a wristband, a bug, and a fingerprint help illustrate internet tracking methods like cookies, accounting tracking, web beacons, and browser fingerprinting, respectively


Websites can track us in many ways, and the list has only gotten lengthier with time. But cookies remain among the most commonly used data tracking methods today, with more than 40 percent of websites using some type of cookie.

Also known as HTTP cookies or tracking cookies, cookies are essentially a storage file for how you interact with a specific website, remembering everything from what you’ve added to your cart on shopping sites to what news articles you click on news sites and even language preferences you select.

You might think of tracking cookies like notetakers. And because tracking cookies are specific to a single website, this is why you must “accept” or “decline” cookies every time you visit a new site. Traditional tracking cookies store their notes about you directly on a website, whereas third-party cookies store your user data in a separate location that might be accessible to, as the name indicates, third parties like advertisers. Third-party cookies are often the culprit of those ads that pop up on your social media feed after you’ve visited a shopping website. More than 80 percent of web traffic contains third-party cookies.

Here are a few other commonly used data tracking methods today, including what user data they collect:

  • Web beacons, AKA web bugs or tracking beacons, track how you engage with a specific webpage, including content you click. They also can be used in email exchanges to determine if a message has been received or opened.
  • IP addresses are attached to all internet-connected devices and required to visit a website, which might remember yours and use it to track your activity.
  • Session replay scripts are programs that record a website visitor’s activity on a website, including their mouse movement, clicks, and scrolls.
  • Favicons are considered supercookies in that they operate similarly but are much more difficult to decline or remove.
  • Account tracking keeps tabs on your online activity while logged into a specific online account or platform and is often an internet tracking method that online users must grant permission for.
  • Mouse tracking, AKA cursor tracking, is a data tracking software that records online users’ mouse movements to analyze how they interact with a website.
  • Browser fingerprinting stitches together information about your device — including its operating system, language preferences, time zone, etc. — to create a unique identifier that's used to trace all of your online activity. This can also be conducted through canvas fingerprinting, which recognizes your HTML5 canvas elements.
  • Cross-device tracking, also considered deterministic or probabilistic tracking,  matches up your browsing habits across devices.
  • Click-through rate is a measure of times an online user clicks on and visits a piece of content suggested or advertised to them. Websites use the metric to inform their content strategies or advertiser opportunities.

Finally, Federated Learning of Cohorts (FLoC) is a new-age internet tracking method whereby online users aren’t individually identified and tracked. Rather, they are categorized into a cohort of like-minded online users that is collectively tracked. FLoCs made headlines earlier this year when Google announced it will be leaning on them to phase out its use of third-party cookies, all in the name of prioritizing users’ online privacy — a worry of website tracking.

Should we be worried about website tracking?

There are indeed a few causes for concern when it comes to data tracking, most of which regard our data privacy and security and transparency surrounding where user data is stored and who has access to it. That’s because the more complacent we are about sharing our data — meaning accepting cookies, for instance —the farther our data is out of our hands.

At its best, internet tracking results in trailer-made digital worlds for online users, with the most relevant of advertisement and content delivered right to our homepages. And hey, 43 percent of consumers prefer these personalized advertisements and 23 percent admit they don’t mind their data being tracked to get them. At its worse, however, internet tracking can result in user data being shared with third parties and stored in databases susceptible to cyber threats. It also can open up a can of internet privacy issues.

At the end of the day, every individual values their online privacy differently which means some individuals might be more worried about data tracking than others. Understanding how — and where — we’re tracked online can help put you on the right track to avoid being followed online, if you so choose.

Where our data is tracked online

Nowadays, our activity can be tracked from the moment we login into our internet-connected devices. But that doesn’t mean it has to be. Just consider the following places and platforms you visit every day, the potential cyber threats website tracking poses on them, and quick tips to throw internet trackers off your tracks.

Search engines and internet tracking

an explanation of how search engines like Google use internet tracking, plus tips for how to not be tracked online


If you’ve ever wondered, “Is Google tracking me?” The answer is yes. Google and other search engines could be considered the primary source of internet tracking. By some counts, Google tracks almost 80 percent of all web traffic. And while their data tracking means are changing, replacing third-party cookies with FLoC, Google and other search engines can harness other internet tracking methods such as fingerprinting and web beacons to deliver a personalized browsing experience.

POTENTIAL THREATS: “Accepting” third-party cookies means you’re accepting the reality that your user data is being taken out of your hands and given to a third party who’s charged with protecting it — and potentially compromising it.


Social media and internet tracking

an explanation of how social media sites like Facebook and Twitter use internet tracking, plus tips for how to not be tracked online


Social media sites are another common offender of internet tracking — but is it really an offense if they’re piecing together potential friends you might know and delivering news and products you might like? Of course, that answer is entirely subjective. In any event, you might be interested to know Facebook tracks 18 percent of all web traffic and Twitter tracks 7 percent of all traffic, harnessing the powers of account tracking, web beacons, and tracking cookies to help do it.

POTENTIAL THREATS: Cybercriminals could access data broker sites housing your customer data, thanks to third-party cookies, and peddle false advertisements to you containing malware. This is also known as malvertising.


  • Enable ‘do not track.’
  • Opt out of targeted advertising.
  • Opt out of data broker sites.

Shopping sites and internet tracking

an explanation of how shopping sites like Amazon use internet tracking, plus tips for how to not be tracked online


Ever added a few items to your cart at an e-commerce site and perhaps accidentally closed out of the window, just to find that once you revisit the site all of your items are still saved in your cart? That’s thanks to tracking cookies and potentially account tracking, if you’re logged in to an account. These are just a few of the ways shopping sites track us online, with Amazon accounting for 17 percent of web traffic tracked.

POTENTIAL THREATS: Creating a user account on shopping sites means you’re saving potentially confidential data, like home addresses and payment methods, for later use. This information could be compromised in the event of a data breach.


  • Don’t create account profiles and instead checkout as a guest. 
  • Don’t allow cookie tracking on websites.
  • Use a tracker blocker.

How to not be tracked online: 11 tips

a checklist includes 10 tips for how to not be tracked online, including adjusting your privacy settings to stop internet tracking across your devices


Even the smartest of cookies don’t realize that throwing internet trackers off your tail is about more than just clearing your tracking cookies.

Put yourself on the right track to protect your data privacy and security with these simple tweaks to your browsing habits, plus tips to avoid being tracked from the start.

1. Adjust your privacy settings across devices

Protecting your online privacy begins with adjusting your privacy settings across these common devices.

Mobile devices

For their pocket-size reputation, mobile devices pack a bunch of options to adjust their privacy settings:

  • Reset your advertising identifiers, which will create a new unique identifier associated with apps that track your activity.
  • Disable location tracking in apps you feel don’t necessarily need to know your location.
  • Revisit your tracking controls after software updates to ensure apps haven’t reset to track your activity.
  • Disable ad personalization in your device’s privacy settings if you wish to not receive targeted ads.


When it comes to computers, it’s all about tracking cookies and adjusting which ones you want monitoring you. Go to the privacy settings of every browser you use and comb through the sites you’re currently giving access to and disable them accordingly. Heads up: It’s entirely voluntary for sites to recognize that you’ve disabled cookies, so this is not a surefire solution.

Smart TVs

As internet-connected devices, smart TVs can also study our activity. Familiarize yourself with the privacy settings on your device and opt-out of any apps or platforms that you don’t want following your activity.

2. Enable ‘do not track’

In your browser settings, you can enable “do not track” which means you’re sending a request to your browser to not track your browsing activity. At the end of the day, this is just that — a request, and it’s up to every individual website to honor it.

3. Don’t allow cookie tracking on websites

The one is simple: Just click “decline” or “no” when you visit a new website and it asks for your permission to track you using cookies. The downside of this is that declining cookie tracking could also disable certain website features and it’s not mandatory for websites to honor your request.

4. Use tracker blockers

Tracker blockers are browser plug-ins meant to stop internet trackers from collecting information about you. Some popular examples include Privacy Badger and Ghostery*.

5. Use an ad blocker

Another browser plug-in, ad blockers do just that — block ads. While this doesn’t actually stop your data from being collected, it can prevent you from receiving targeted advertisements stemming from website tracking.

6. Go incognito

Browsing in an incognito window means no cookies should be saved to your browser. Still, your IP address will be viewable to all sites you visit, because it’s required.

7. Look for HTTPS

Want peace of mind that your data is being handled by a secure site? Simply look for “HTTPS” at the beginning of all URLs you’re visiting, as this is an indication of a secure site.

8. Consider a VPN

A VPN anonymizes your browsing activity through encryption, even down to throwing off the geolocation of your IP address. Consider using one to throw internet trackers off your tail, too.

9. Use a private search engine

Some browsers are built on the premise of protecting your private information and swear off data tracking to do it — but you may have to pay to use these private search engines. Some popular examples include Startpage and DuckDuckGo.

10. Opt out of targeted advertising

Groups like Digital Advertising Alliance and the Network Advertising Initiative have created tools to help you opt out of targeted advertising, similar to registering your name for a do-not-contact list. Heads up:  These opt-out tools are often device-specific, so you’ll need to use them on every browser and every device.

11. Opt out of data broker sites

Data brokers collect your personal information and sell it to others to verify your identity, detect fraud, or determine eligibility for everything from credit to insurance, plus market products to you. You can use an opt-out tool to take back your data from these, as well.

Internet tracking isn’t meant to be malicious, but it can come off that way, depending on the degree to which you value your online privacy.

To return to the adage, “the more you know, the more you’ll understand”... about whether or not you want to be tracked online. Now, you can adjust your habits as you see fit. Happy browsing!

Consider this Norton infographic an ultimate guide to internet tracking, overviewing how, why, and where we’re tracked online, plus tips to cover your digital tracks

* The inclusion of websites, apps, brands, service providers or links does not imply endorsement or support of any company, product, and/or provider listed herein, nor should it be inferred that NortonLifeLock is endorsed by, sponsored by, or affiliated with such brands.

The freedom to connect more securely to Wi-Fi anywhere

With Norton™ Secure VPN, check email, interact on social media and pay bills using public Wi-Fi without worrying about cybercriminals stealing your private information

Try Norton Secure VPN for peace of mind when you connect online

Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2021 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.