- Here’s why you shouldn’t buy a Nintendo Switch until mid-August Monday 5:11 PM
- Man blasted for making his coworkers babysit his child Monday 5:07 PM
- Pete Buttigieg’s country radio interview was blocked from the air Monday 4:35 PM
- 15-year-old Smash Bros. prodigy caught using racist slur in private Discord server Monday 3:47 PM
- Instagram users who post pet pictures more likely to get hacked Monday 3:45 PM
- Post-Prime Day recap: Shipping delays, more sales, and a scam Monday 3:08 PM
- Jacob Wohl returns to Twitter … for now Monday 1:56 PM
- How to stream WWE Raw Reunion Monday 1:35 PM
- ‘I hope Trump deports you’: Woman goes on racist rant to Spanish speakers at a store Monday 1:24 PM
- Emoji Mashup Bot gives life to unidentifiable emotions Monday 1:15 PM
- Notorious grifter Anna Sorokin reportedly blocked from profiting off Netflix series Monday 12:45 PM
- Charlottesville attacker’s Twitter account included praise for Hitler Monday 12:10 PM
- ‘Short Treks’ trailer: Spock, Pike, and Number One return Monday 11:57 AM
- Everything we know about ‘Star Trek: Lower Decks,’ the new animated show Monday 11:55 AM
- Cole Carrigan says he left Team 10 after being called homophobic slur Monday 11:32 AM
Right now, there’s nothing you can do about it.
Your battery life is betraying your identity all across the internet, potentially allowing companies to take advantage of you—even if you’ve tried to protect your privacy.
The Battery Status API is a standard used by modern web browsers on mobile devices and laptops alike. It tells websites how much battery life your device has left. On the surface, this benefits users by allowing sites to serve versions that use less power, thus preserving battery life.
As a group of researchers discovered in 2015, however, the data conveyed by the Battery Status API—battery life as a percentage and the amount of time it would take to drain or charge a device’s specific battery—creates a “fingerprintable surface” that can be used to single out users and track them online.
By combining battery life percentage and battery capacity data, the Battery Status API effectively creates this nearly unique identifier because, as researchers found, this combination only repeats itself about one out of every 14 million instances. The uniqueness of this “fingerprint” is particularly pronounced in older devices with degraded batteries, according to the 2015 research.
The existence of this battery life fingerprint means websites can track you not only across the web but also across different web browsers—yes, even in incognito mode.
Building upon the 2015 findings, Princeton researchers Steve Engelhard and Arvind Narayanan created a privacy-tracking tool called OpenWPM, which led them to discover the existence of two tracking scripts—or automated programs—that use the Battery Status API data to track devices.
“Battery Status API is currently provided with no permissions, so any script and website can assess this information,” Lukasz Olejnik, a security and privacy consultant and University College London researcher and one of the four original researchers behind the 2015 study, told the Daily Dot in an email.
Tracking is possible even when users take steps to protect their privacy. Engelhard and Narayanan found that “existing privacy tools are not effective at detecting these newer and more obscure fingerprinting techniques.” That means privacy tools like Ghostery or uBlock Origin or even a virtual private network (VPN) do not currently stop websites from tracking you through your battery life ID, though the risk is not the same for all users.
As Olejnik points out in a recent blog post on the subject, it’s not simply your privacy that’s at stake. In May, an Uber executive revealed that the company’s app knows when your phone is nearly dead—the exact point when you might be willing to pay more for a ride.
Andrew Couts is the former editor of Layer 8, a section dedicated to the intersection of the Internet and the state—and the gaps in between. Prior to the Daily Dot, Couts served as features editor and features writer for Digital Trends, associate editor of TheWeek.com, and associate editor at Maxim magazine. When he’s not working, Couts can be found hiking with his German shepherds or blasting around on motorcycles.