- Ninja mocked for not knowing how to make a sandwich Wednesday 9:30 PM
- Marvel comics writer discusses misogyny in the industry Wednesday 9:09 PM
- TikTok conspiracy theorists think Juice WRLD is still alive Wednesday 7:03 PM
- Conservatives are protesting YouTube’s new harassment rules Wednesday 5:36 PM
- YouTuber’s ‘creepy’ comment about Taylor Swift’s eggs gets ratioed Wednesday 5:31 PM
- Bloomberg razzed for accidentally making an Alexa Fleshlight Wednesday 5:29 PM
- Who is putting cowboy hats on pigeons? Wednesday 4:33 PM
- Scammer reportedly bribed Facebook employee to keep posts up Wednesday 3:36 PM
- The 1975’s singer criticized for ‘Islamophobic’ rant Wednesday 3:22 PM
- Ready to dish out $52K for Apple’s new Mac Pro? Wednesday 3:03 PM
- N.K. Jemisin and Jamal Campbell discuss their new Green Lantern comic, ‘Far Sector’ Wednesday 3:00 PM
- YouTube says it will be harsher on creators with ‘patterns of harassing behavior’ Wednesday 1:15 PM
- Why one senator stopped a vote on net neutrality Wednesday 12:49 PM
- Man reportedly denied refugee status after officials fail to forward email Wednesday 12:09 PM
- ‘Jojo Rabbit’ star to lead Disney+ ‘Home Alone’ reboot Wednesday 12:08 PM
Your battery life is betraying your identity all across the internet, potentially allowing companies to take advantage of you—even if you’ve tried to protect your privacy.
The Battery Status API is a standard used by modern web browsers on mobile devices and laptops alike. It tells websites how much battery life your device has left. On the surface, this benefits users by allowing sites to serve versions that use less power, thus preserving battery life.
As a group of researchers discovered in 2015, however, the data conveyed by the Battery Status API—battery life as a percentage and the amount of time it would take to drain or charge a device’s specific battery—creates a “fingerprintable surface” that can be used to single out users and track them online.
By combining battery life percentage and battery capacity data, the Battery Status API effectively creates this nearly unique identifier because, as researchers found, this combination only repeats itself about one out of every 14 million instances. The uniqueness of this “fingerprint” is particularly pronounced in older devices with degraded batteries, according to the 2015 research.
The existence of this battery life fingerprint means websites can track you not only across the web but also across different web browsers—yes, even in incognito mode.
Building upon the 2015 findings, Princeton researchers Steve Engelhard and Arvind Narayanan created a privacy-tracking tool called OpenWPM, which led them to discover the existence of two tracking scripts—or automated programs—that use the Battery Status API data to track devices.
“Battery Status API is currently provided with no permissions, so any script and website can assess this information,” Lukasz Olejnik, a security and privacy consultant and University College London researcher and one of the four original researchers behind the 2015 study, told the Daily Dot in an email.
Tracking is possible even when users take steps to protect their privacy. Engelhard and Narayanan found that “existing privacy tools are not effective at detecting these newer and more obscure fingerprinting techniques.” That means privacy tools like Ghostery or uBlock Origin or even a virtual private network (VPN) do not currently stop websites from tracking you through your battery life ID, though the risk is not the same for all users.
As Olejnik points out in a recent blog post on the subject, it’s not simply your privacy that’s at stake. In May, an Uber executive revealed that the company’s app knows when your phone is nearly dead—the exact point when you might be willing to pay more for a ride.
Andrew Couts is the former editor of Layer 8, a section dedicated to the intersection of the Internet and the state—and the gaps in between. Prior to the Daily Dot, Couts served as features editor and features writer for Digital Trends, associate editor of TheWeek.com, and associate editor at Maxim magazine. When he’s not working, Couts can be found hiking with his German shepherds or blasting around on motorcycles.