What websites know about you and how to protect yourself

This is the second part of a mini series about privacy on the Internet. Check out the first part about IP addresses here.

Whenever you connect to a website using a web browser, mobile application or program that supports Internet connections, information are automatically made available to those sites.

We have talked about the IP address before and while it is one of the most important ones from a privacy point of view, it does not end there.

Each time your device or program makes a connection so-called header information are transferred along with it. You can check the user-agent here on this page for example.

It reveals information about the web browser that is being used, the operating system and architecture, and also where you came from.

Some sites use the information to display different types of contents to users, or prevent users from using the site or some functionality completely.

There are other methods and options to retrieve additional information. Below is a list of common technologies:

1. IP Address - Always submitted, can reveal approximate location in the world and ISP/Company. You can look up your IP and the information that can be retrieved from it (geolocation) on sites like this.
2. User Agent - Reveals information about the operating system and web browser.
3. Cookies - Can be used to track users across sessions and across domains.
4. Geolocation - Can pinpoint the user's location in the world.
5. JavaScript - Scripts can reveal a lot, from the language and system time to screen resolution, supported plugins, additional persistent storage options for cookie-like snippets, and everything that is introduced in HTML5.
6. HTML5 - Introduces new options including Canvas Fingerprinting.
7. Plugins - Flash, Java or Silverlight can dig even deeper. They may reveal installed fonts and other system environment information.

Test your system

You can test what is revealed about your system when you connect to websites by visiting sites such as Panopticlick, the Browser Fingerprinting page, or on Browserleaks.

How to protect yourself

There is no universal solution that works for all users. There are however guidelines and best practices that limit your exposure on the Internet.

1. IP Address - You can use a web proxy, virtual private network or a system like Tor to hide your device's IP address.
2. User Agent - User Agents can be changed in the browser. Firefox users can use an add-on like User Agent Switcher for example and Chrome users User-Agent Switcher for Chrome.
3. Cookies - It is highly recommended to disable third-party cookies in the browser. This means that only the site you connect to can set cookies while other sites that it may load data from cannot. This gets rid of most tracking cookies planted on systems by advertising or social media buttons.
4. Geolocation - Browsers have set this to "ask" before it is enabled so that it is not a problem unless the default preference has been modified.
5. JavaScript and HTML5 - If you use NoScript or another script blocker you disable JavaScript as well. Many sites will work without JavaScript while some won't. You can whitelist trusted sites on the other hand so that scripts can be executed on those sites. JavaScript can be disabled completely in the browser as well. Some HTML5 features, such as Canvas, can be disabled in some browsers either directly or by using add-ons.
6. Plugins - If you set plugins to click to play or disable them outright, they cannot be used by sites unless you give permission first.