Cross-Site Tracking
What is Cross-Site Tracking?
Cross-Site TrackingThe practice of linking a user's activity across multiple unrelated websites to build a long-lived behavioural profile.
Cross-site tracking occurs when the same identifier — a third-party cookie, fingerprint, login, or device graph — is read on many sites so that browsing, purchases, and interests can be combined into a single profile. The technique powers behavioural advertising, retargeting, and analytics, but it also enables surveillance and re-identification of supposedly anonymous data. Modern browsers fight cross-site tracking through Intelligent Tracking Prevention (Safari), Enhanced Tracking Protection (Firefox), Storage Partitioning, third-party cookie blocking, and proposals like Privacy Sandbox. Other defences include anti-tracking extensions, separate browser profiles or containers per task, and privacy laws such as GDPR and CCPA that demand consent or opt-out.
● Examples
- 01
An ad network using a shared third-party cookie to follow a user from a news site to a retailer.
- 02
A social-login button used as a tracker across sites that embed it.
● Frequently asked questions
What is Cross-Site Tracking?
The practice of linking a user's activity across multiple unrelated websites to build a long-lived behavioural profile. It belongs to the Privacy & Data Protection category of cybersecurity.
What does Cross-Site Tracking mean?
The practice of linking a user's activity across multiple unrelated websites to build a long-lived behavioural profile.
How does Cross-Site Tracking work?
Cross-site tracking occurs when the same identifier — a third-party cookie, fingerprint, login, or device graph — is read on many sites so that browsing, purchases, and interests can be combined into a single profile. The technique powers behavioural advertising, retargeting, and analytics, but it also enables surveillance and re-identification of supposedly anonymous data. Modern browsers fight cross-site tracking through Intelligent Tracking Prevention (Safari), Enhanced Tracking Protection (Firefox), Storage Partitioning, third-party cookie blocking, and proposals like Privacy Sandbox. Other defences include anti-tracking extensions, separate browser profiles or containers per task, and privacy laws such as GDPR and CCPA that demand consent or opt-out.
How do you defend against Cross-Site Tracking?
Defences for Cross-Site Tracking typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Cross-Site Tracking?
Common alternative names include: Cross-site tracking, Third-party tracking, Behavioural tracking.
● Related terms
- privacy№ 1143
Third-Party Cookie
A cookie set by a domain different from the one in the browser's address bar, historically used to track users across websites.
- privacy№ 1115
Supercookie
A persistent tracking identifier stored outside normal cookie storage, designed to survive cookie clearing and private-browsing mode.
- privacy№ 127
Browser Fingerprinting
A stateless tracking technique that identifies a user by combining browser, device, and configuration attributes into a near-unique signature.
- privacy№ 1166
Tracking Pixel
A tiny, often 1x1 transparent image or beacon embedded in a web page or email to silently record opens, visits, and other user events.
- privacy№ 142
Canvas Fingerprinting
A browser-fingerprinting technique that exploits subtle GPU and font rendering differences when drawing on an HTML canvas to identify a device.
● See also
- № 1231WebRTC IP Leak
- № 1019Session Replay