Protecting the privacy of website visitors should be high on the list of priorities for any website administrator, if for no other reason then to comply with UK Data Protection legislation.
Privacy protection should also be high on the list of priorities for website visitors.
To this end website visitors should inform themselves about how to prevent third party cookies (and trackers) from loading when they visit any one website.
In this article we share with you some of the steps we have taken to help inform visitors to our own website.
Our policy states:
"Our Website does not use Third Party Cookies.
Reason: we value your privacy!"
We publish in this website what we think are useful links to help protect your privacy when navigating the web.
We publish in a separate article in this website how you can tighten the privacy settings in applications you use to access the internet.
- the Operating System of your computer or mobile device,
- the Web Browser you use to connect to your website and Hosting Control Panel,
- the Search Engine you use to browse the web,
- the Email Client you use to send and receive mail,
- the Router you use to connect to your Internet Service Provider, and
- the File Transfer or FTP Client you use to connect to your Hosting Control Panel.
All of the above can be targeted by hackers seeking to exploit your Personal Data, your Hosting Account and your Website.
There are many 3rd party extensions which when used will result in the privacy of your website's visitors being compromised.
Website administrators who fail to identify the risk posed by such extensions - or ignore the risk - increase the risk of visitors' privacy being compromised.
This is especially so when the extensions load Cross-site Cookies (or Trackers).
Mozilla state the following in their useful guide to Third Party Trackers:
"Trackers use cross-site cookies to collect information about the websites you visit and send them to other companies, often for advertising purposes. When you feel like an advertisement is following you around while you browse, this is a result of cross-site tracking. If the same tracker is present on multiple sites, it can build a more complete profile about you over time."
Some examples include:
- Google Translate extensions.
- Google Analytics (tracking script or extension).
- Twitter Feed extensions.
- Google Fonts which are loaded from a third party server.
Google fonts used in this website are locally loaded to avoid compromising the privacy of visitors.
Essentially, adding anything provided by a search engine company or a social media platform will result in Cross-site Cookies (or Trackers) monitoring how your visitors navigate the web, even after they have left your website.
See below for how you can identify Third Party Cookies when deciding whether to publish a third party extension or script in your website.
Identify and block Third Party Cookies
Here we share how website visitors can identify and block Third Party Cookies from snooping on their online activity.
Use Firefox as your go to web browser.
Reason: it enables quick and easy identification of any cookies loaded by any website you are visiting.
To see if there are any cookies loading, click the shield to the left of the address bar (see image below).
When you do you will see something similar to what is shown in the next image.
Notice that the Firefox browser's Enhanced Protection is ON in this instance.
And that third party cookies are being blocked.
Some of your website visitors (maybe most of them) will not however be so lucky!
Here is a useful link for anyone reading this who wants to surf the web without their privacy being compromised.
See how to block cookies under the tab labelled: Cookies and Site Data.
How to respond when you identify Third Party Cookies
Well, you could simply ignore the risk posed to your privacy.
But we recommend instead taking action.
- not using any script or extension which loads third party cookies;
- disabling the loading of third party cookies if this is possible (by tweaking the extension's settings in your website's Dashboard);
- seeking and then using alternative scripts and/or extensions which do not load third party cookies.
If you cannot or decide not to remove the extension or script which risks your visitors' privacy then you could instead:
- inform website visitors of the risk to their privacy when using your website,
- explain why your website is using the extension or script which risks compromising their privacy, and
- point out how they can mitigate the risk by tweaking the Security and Privacy Settings in their website browser.
- on your website's Home Page,
- in a message displayed prominently in your website's Cookie Bar (if it has one - recommended),
- adjacent to any instance which may result in visitor privacy being compromised (example: wherever a Google Translate module is displayed).
WYNCHCO Joomla! CMS Support
We coach, help and support managers with responsibility for Joomla! websites in organisations across Cheshire, Manchester, Merseyside, North West England & the UK.