Cover Your Tracks (formerly Panopticlick) Privacy Policy
The goal of this project is to measure and study how uniquely identifiable web browsers are. All of the data for the project will be collected in an anonymized form which ensures that it is not Personally Identifiable Information, nor otherwise likely to lead to the identification or tracking of any web users.
PLEASE NOTE: EFF's General Privacy Policy does NOT apply in full to this website. Due to the nature of the project, and the information that will be collected in the course of the research project, this alternate privacy policy applies. Should you have any questions about this privacy policy or any use of the data collected, please contact privacypolicy@eff.org.
The Electronic Frontier Foundation (EFF) is committed to protecting the privacy of visitors to our website, as well as our members and activists. EFF has established this Cover Your Tracks Privacy Policy to explain what information we collect through this website and how it is used.
In this policy, "EFF" and "we" refer to EFF staff, board members, cooperating attorneys, interns, volunteers, and consultants, all of whom are bound by law or contract to keep information they receive as part of their assistance to EFF confidential.
EFF is located within the United States, and therefore will transfer, process, and store your information in the United States, which may not provide as much protection as your home country. (We're working to make US practices better.)
Information Gathered by EFF's Cover Your Tracks Website
In general, Cover Your Tracks collects anonymous data about the configuration of computers, operating systems, browsers plugins, adblockers and other privacy software. If you click the “test me” buttons, this type of information will be collected from your browser. Although these kinds of data may form a 'fingerprint' that could in principle be combined with information about page requests and identifying details in order to track people's browsing habits, EFF will never do so.
The specific `fingerprint' information we collect includes:
- The user agent string from each browser
- The HTTP ACCEPT headers sent by the browser
- Screen resolution and color depth
- The Timezone your system is set to
- The browser extensions/plugins, like Quicktime, Flash, Java or Acrobat, that are installed in the browser, and the versions of those plugins
- The fonts installed on the computer, as reported by Flash or Java.
- Whether your browser executes JavaScript scripts
- Yes/no information saying whether the browser accepts various kinds of cookies and "super cookies"
- A hash of the image generated by canvas fingerprinting
- A hash of the image generated by WebGL fingerprinting
- Yes/no whether your browser is sending the Do Not Track header
- Your system platform (e.g. Win32, Linux x86)
- Your system language (e.g. en-US)
- Your browser's touchscreen support
- Other fingerprinting information that indicates which privacy tools you have installed, which may include:
- Whether your browser makes connections to various third-party URLs, which have characteristics that would typically indicate that they serve advertising, analytics, or other forms of tracking code;
- The presence or absence of DOM elements that indicate the operation or absence of an ad- or tracker-blocker; or
- Whether we believe that your IP address is a Tor exit relay or VPN.
In addition, we collect several kinds of `housekeeping' information to assist us in analyzing the fingerprint data. The housekeeping information is:
- Cookies
- Encrypted IP addresses
- Timestamps
Our practices and purposes for collecting these housekeeping records are discussed below:
Cookies
Cover Your Tracks sets a cookie that persists for 3 months for the sole purpose of determining how often browser characteristics change, and how often they stay the same, when a browser returns over time. If your browser is configured to accept cookies, and you return to Cover Your Tracks several times, the cookie will be used to link the data from your visits together.
IP addresses
Cover Your Tracks does not log IP addresses, but we do compute cryptographic "keyed hashes" or HMACs of each IP address, using a key which we periodically discard. This hashed IP will allow us to collect an anonymous dataset about how often browsers that change IP address could have been followed using a fingerprint.
For visitors to our website, we generally log requests to our website for up to seven days from when the data was collected after stripping the visitor's IP address from the request. Circumstances in which EFF may need to log and retain IP addresses and other technical information include when we believe it is reasonably necessary for EFF’s mission and functionality, including situations such as:
- site testing,
- diagnosis of technical problems,
- defending against attacks to the site,
- handling a spike in traffic or other abnormal, short-term circumstances.
Timestamps
Cover Your Tracks collects a timestamp each time it is visited. This will be used to measure how fast browser fingerprints change, but for no other purpose.
EFF's Use of Information from Cover Your Tracks
In general, EFF uses the information provided by you to further its mission, protect privacy, defend freedom, and protect your rights in the digital world.
We may look at technical information to diagnose problems with our server and to administer the Cover Your Tracks website.
Cover Your Tracks has no Third-Party Service Providers. However, if you leave the "test with a real tracking company" option enabled, Cover Your Tracks will use a real resource from a third-party tracker for some tests in order to determine whether your ad blocker or privacy tool allows whitelisted resources, such as those under the so-called "Acceptable Ads" program to unblock those trackers. Your browser sends very limited information during these test, such as a request for a 'favicon', with referrers disabled where possible. We believe that in most cases, trackers will learn nothing useful from this request, though some unblocked trackers might be able to guess you were visiting Cover Your Tracks as a result of it.
EFF uses simulators of third party tracking systems in order to determine whether the visitor's browser is protected against similar trackers. Please note that our simulators may not encompass all the possible ways that a third party tracking system may operate.
Contacting EFF
If you have any questions about our privacy and data protection practices, you can reach EFF at:
Electronic Frontier Foundation
815 Eddy Street
San Francisco, CA 94109 USA
Phone: +1-415-436-9333
Fax: +1-415-436-9993
Email: privacypolicy@eff.org.
If our processing of your personal data is covered by EU law, you may also lodge a complaint with the relevant data protection supervisory authority for your country of residence.
Updating or Removing Your Information
To protect your privacy, we use various techniques to anonymize the data set, and have promised in this policy not to try to de-anonymize the data, which means we don't know which entry in our Cover Your Tracks data set is from a test of your browser, This also means that we have no way to allow you to access, update or remove that specific data. If you have any questions, you can email us at privacypolicy@eff.org.
Sharing of Cover Your Tracks data
From time to time, EFF may also share datasets derived from our technology projects with research partners working on topics related to Internet security, censorship resistance, privacy or other public policy objectives. We may also publish datasets in an effort to further these objectives. The datasets we may share or publish will not intentionally contain personally identifiable information.
Before sharing, we will evaluate whether further sanitization or aggregation of data is necessary to reduce the likelihood that inferences about identifiable individuals' activities might be made from the published dataset. Because anonymization is an algorithmically complex problem, we cannot promise that it will be flawless or attack-proof. When we believe that a dataset may contain information that is especially sensitive or vulnerable to de-anonymition, we will not publish it, and if we share such data with research partners, we will place them under a contractual obligation to keep the dataset confidential and avoid de-anonymization.
Data Storage and Retention
EFF's general privacy policy covers the storage and retention policies for direct communications with EFF. The server logs are stored and retained as described in the section on IP Addresses above. We retain the Cover Your Tracks data set indefinitely, for as long as the data remains useful for research on topics related to Internet security, censorship resistance, privacy or other public policy objectives.
Security
EFF employs industry standard security measures to protect the loss, misuse, and alteration of the information under our control, including appropriate technical and organizational measures to ensure a level of security appropriate to the risk, such as the pseudonymization and encryption of personal data, data backup systems, and engaging security professionals to evaluate our systems effectiveness. Although we make good faith efforts to store information collected by EFF in a secure operating environment, we cannot guarantee complete security.
Changes to Our Policies
EFF's Cover Your Tracks Privacy Policy may change from time to time. However, any revised privacy policy will be consistent with EFF's mission. If we make any substantive changes to our policies, we will place notice in EFFector and post notice of changes on this page.
Updated December 17, 2015 to reflect the changes in version 2.0 of our tracking and fingerprinting detection tool.
Updated November 28, 2017 to reflect the addition in version 3.0 of the so-called "acceptable ads" test.
Updated May 25, 2018 to provide more transparency about our privacy practices and more detailed information about how you can access, correct and remove personal data stored with EFF.