An investigation carried out by Ingeniøren reveals that public sector websites are sending sensitive personal data from users on to private companies, who then use it, among other things, to generate targeted advertising.
The survey examined 86 different public sector websites and 18 of them generated a cookie used by an advertising network. On top of that, 39 sent data on users on to Google through the web analysis tool Analytics.
All in all, 47 of the 86 homepages sent information on to third parties without giving the user the opportunity to give their consent.
“This means that our internet footprint can be registered and we have no say in the matter,” Thomas Hildebrandt, an academic at the IT University, told Ingeniøren.
“Perhaps the authorities are doing this in good faith, because the aim is to improve their service, but they are paying for it through citizens’ private lives.”
A special duty of care
Anette Høyrup from the consumer council Tænk thinks the authorities have a special duty of care when it comes to data-sharing, as the interaction the public has with them can include extremely sensitive information.
“It could be anything from divorce to looking after the children to tax affairs, so the authorities have a special responsibility,” Høyrup said.
Spam, spam, spam
Sites using Google Analytics send users’ IP addresses, browser information, screen information and much more to the IT giant, along with information about which sites the user visits.