Resources for the global digital safety training community.

  1. Home
  2. Trainers' Curriculum
  3. Safer Browsing
  4. Identity Protection and Privacy
  5. Who Does Big Data Think I Am?

Activity & Discussion: Who Does Big Data Think I Am?

Credits Mallory Knodel Last Updated 2016-06

Advertising networks look for detailed information about who you are, from your age to your postal code and everything in between. This activity works best if participants are using their personal computers and the browser that they normally use day-to-day. Still, some might not have browser profiles - which is great for their privacy, but boring for this activity. Keep this in mind while planning your agenda.

ADIDS Element

Activity & Discussion

Parent Topic(s)

Identity Protection and Privacy

Duration

20-30 minutes

Materials to Prepare

  • Visit BlueKai Registry to see what information may already be associated with your browser (and shared with advertising networks) for demonstration purposes during the session. If you use more than one browser, you may find that one of them has a profile, while another one may not. Test them all.
  • Queue up Rachel Law’s video presentation of her plugin/game called Vortex.
  • If none of your browsers have a profile, you can build an example profile using a cookie editor. This comes with a warning however, as cookie editors are not FLOSS software and are potentially unsafe.
Trainer’s Note

Key to this Activity, and to the module as a whole, is the concept of a browser profile. A browser profile is the semi-unique “imprint” of your particular browser instance seen by online advertisers and websites - this includes the kind of browser (i.e. Firefox, Chrome, Safari, etc.), the version, and any cookies or plug-ins associated with it. This is one way in which potentially identifying user data is visible to third-parties, and is important for users to be aware of.

It’s a good idea to invest time into a sample browser loaded up with a bunch of cookies, tested on BlueKai in advance, to ensure you have something interesting to share if all else fails. The one major caveat with installing a cookie editor and tweaking cookies is that these plugins are not FLOSS and therefore shouldn’t be trusted. It is highly advisable that the browser be contained in a safe and clean overall environment or operating system, such as a virtual machine or a sandboxed browser.

Running the Activity

Step 1: Bluekai Registry

On a demonstration PC, visit BlueKai Registry (http://www.bluekai.com/registry) to show participants what information online advertisers are associating with your browser.

Digital security experts often don’t have browser profiles! So, to demonstrate BlueKai, you might want to build a new profile. This is possible with a cookie editor plug-in for Chrome or Firefox, though be warned: it is potentially unsafe.

  • Instruct participants to open a browser, and then go to BlueKai Registry to see what their online profiles look like to advertisers.
  • If participants use more than one browser, they may wish to test each one - let your participants spend time exploring the information that they’re sharing.
  • Participants won’t need to know how cookies work before this activity – they will likely be alarmed enough as it is!

Before proceeding to the next step, you may want to take this opportunity to ask participants how accurate the information BlueKai shows them appears to be. Note that, if participants are using rented equipment or devices during the workshop, the profile information is likely to be blank or unrelated to their personal habits.

Step 2: Vortex

Introduce the video clip for Vortex - Rachel Law, the student behind Vortex, is a Parsons School of Design graduate who gained attention for her project which allows users to confuse websites by exposing, mining and manually tweaking profile information.

Vortex was also made into a Minecraft-like game, as a means of visualizing its purpose and functionality - the plugin remains a work in progress and might not be released to the public, but it is a great visual representation of how cookies work.

Trainer’s Note

The video is a bit too short to fully describe everything that’s going on with the Vortex plugin, and it might raise more questions than it answers. For an audience that is likely to be utterly confused by the Minecraft reference, stop the video at 2:39 - trainers can then go on to simply describe the second function of Vortex, which is to obtain cookies in order to edit them.

Leading the Discussion

Use this time to take questions and reactions to the activity. Then, break down Vortex and lead participants through a discussion of the activity and the implications of browser profiles:

Vortex does two things:

  • First, it allows friends to share and swap identities easily, privacy implications notwithstanding.
  • Second, it turns profile building into a game. Rather than eradicating one’s profile entirely, the plugin lets you build a profile that gets you cheaper prices for goods sold online.

Profiles are built in two ways:

  • First, Rachel remixed the game Minecraft to help people mine for cookies on popular sites.
  • Second, she included a cookie editor, which allows users to set the value of the cookie (e.g. White, Male, Aged 50, Retired; Asian, Female, Aged 22, Student; etc.)

So, who are you?

  • Increasingly, we use the Internet exclusively through the Web, spending most of our time “online” by using a web browser. We’re online more and more each day.
  • This means that our web browsers accumulate a great deal of information about us.

Ultimately, this session is about…

  • What does your web browser say about you?
  • Who has access to that digital identity?
  • How can we take control over our digital identities?