Facebook encrypts links and could thus circumvent the tracking protection of web browsers. This complicates new browser privacy features that prevent usage tracking using URL shortening.
Social networks such as Facebook, Instagram or YouTube use various elements on their websites to track the activities of their users. The aim is to find out what content they are interested in and which websites and products they specifically call up. In this way, companies and social networks can collect more and more information about users in order to show customized advertising or to sell the collected data.
Browsers want to prevent activity tracking
Web browsers offer various settings to prevent unwanted activity tracking. The Firefox browser offers in its current Version 102.0 for example one improved protection against tracking elements and scripts. By default, the browser blocks third-party cookies that track activity across websites. Noisy ghacks However, Firefox also targets cross-site tracking of users by websites and service providers that add tracking elements to web addresses. The browser shortens these attached tracking elements to protect the user.
Also read: Facebook’s crazy plan for a new world
Facebook encrypts link elements
However, Facebook tries to circumvent the protective mechanisms of the browser. The service now encrypts parts of the URL and thus prevents browser shortening techniques. Nobody knows which elements are hidden behind the encrypted part of the link address. It could also continue to hide trackers for tracking user activities. In a statement to ghacks Facebook makes it clear that the attached link encryption should have nothing to do with the abbreviation of the URL by web browsers for data protection. The ID component of the URL is encrypted, but this is intended to protect users’ Facebook IDs. This means that Facebook IDs can no longer be collected and misused, according to a Facebook spokesman.
The encryption of the link address nevertheless declares war on the URL shortening techniques for data protection. Incidentally, the new encryption can be recognized by the end of the URL, to which a combination of numbers and letters with no further meaning is attached.