If a user is looking for privacy from third parties, they may simply delete their cookies, or use two different machines to visit the same website. However, if an aggregator develops a globally unique identifier (GUID) for a user, than the aggregator is able to create linkages that relate to the user’s records regardless[1]. This is especially possible if the user is a frequent visitor of a website and the website consistently leaks information to third parties. An example of a GUID would be using the same email address for registration across multiple sites. Moreover, there are also instances where one site leaks the GUID of a user on a different site. For example, if a user were to visit two different News sites and share a story on their Facebook, that user’s Facebook user ID is stored in the first party’s cookies and leaked from these respective sites to hidden third parties. IP addresses may also be used to create linkages without using cookies.

Along with disabling cookies within the browser settings, there are many other methods that can be used to prevent leakage. There is software that can be used to filter out domain names, such as Adblock Plus. Users may also disable scripts, such as Javascript, however this may cause some issues when visiting certain websites that require its use. Filtering protocol headers can be done through extensions or at an intermediary. Some browsers can use this to modify or remove the referer header in an HTTP request. Anonymizing yourself by using proxies, VPNs, or a Tor browser will hide your IP address. Users are also able to opt out of tracking by using some extensions or programs to decline the use of cookies.


  1. Krishnamurthy, B., Naryshkin, K., & Wills, C. (2011, May). Privacy leakage vs. protection measures: the growing disconnect. In Proceedings of the Web (Vol. 2, pp. 1-10).