I got a little thought experiment for all you fine folk. Use your thinker-upper to imagine this—you’re online, doin’ your thing, bit of casual browsing, trying to reverse-engineer your granny’s cupcake recipe, or thinking about replacing your phone, which is all of about 30 seconds old. You click the link in your search engine of choice, maybe an online store. One of those intrusive, eye-twitch-inducing cookie consent banners pop up to ruin your day. You sigh (as we all do) and hit “Accept All” because the tiny “Manage Preferences” link might as well say, “here’s a 14-step guide to misery, sucka!” Then, you log in using Facebook because, who wants to remember another password, right? Convenience.
Congrats! In as little as three clicks, you’ve handed over a bunch of your digital identity—on a silver platter no less! It sounds harmless, but this little sequence—click, click, click—gives companies a clear path to start generating a profile on you, also known as a shadow profile.
How does it actually work—I hear your lovely, curious mind postulate? I’ll take you on the journey of a lifetime, through every clickety, click, click.
First click—the Referral
The first click is the deepest..uhh I mean, the start of your digital breadcrumb adventure. When you click on a link (say, from your Google search), the website you arrive at receives a little something called a referring header. For simplicity, picture it like a digital note that says, “oi bloke (or blokette), this person came all the way from sunny Google!” It’s not much, but it’s a crucial piece of data that companies use to track where you came from and what you might be looking for. It’s kinda like you’re dropping tiny breadcrumbs behind you. Except it’s not your awesome granny or ya mum who’s picking them up—it’s advertisers, data brokers, or even hackers (oooh, spooky).
Tracking doesn’t stop there, though. Websites often have tracking pixels—tiny, invisible images that log your visit and collect even more information about you. If you’re a visual learner, picture your whole digital life like a spider web (one that looks terribly disorganised). Every time you engage with it (visit a website, for example), it wobbles and ripples are sent out, alerting the data spiders to your presence.
Second click—cookie acceptance (not that tastey)
Ah, cookies. Unfortunately, these ones don’t have chocolate chips. When you click “Accept All,” you’re agreeing to let the website store little pieces of information about you. Some cookies are relatively harmless—saving your shopping cart items or remembering your preferences. These ones are first-party cookies.
Then you have third-party cookies, the digital equivalent of a nosy neighbor peeking over the fence—think Wilson from Home Improvement, anyone remember that show? These are set by companies other than the one you’re visiting—advertisers, social media platforms, and data analytics firms. By accepting all cookies, you’re basically inviting a bunch of strangers into your digital living room, giving them access to your browsing habits, preferences, and more.
Ever wondered why ads for those shoes you looked at last week suddenly follow you around the internet like a clingy ex? That’s the magic of third-party cookies.
Third click—social media login
The final click in the coffin is when you decide to log in using Facebook (or any other social media platform). It’s so convenient, right? How much time do you reckon you save? You avoid creating yet another password, and get instant access. Remember though, convenience and privacy exist on opposite ends of a sliding scale. The more convenient an action is, the more likely it is that you’re giving up a slice of your privacy (are we onto cakes now?).
Logging in with Facebook is like giving them a key to the house (a moment of silence for all the pendanticians to rage a little). You’ve just granted them permission to collect even more data—your shopping habits, your location, even the contents of your private messages (yes, Facebook scan those). It’s not just about giving the website access—it’s about giving Facebook access to all the data that website collects about you. Suddenly, that shadow profile of yours is filling up pretty quick with juicy details.
What can you do about it, oh curious one?
Feeling paranoid yet? Awesome! Don’t panic—I don’t wanna turn you into a paranoid android. I wanna help you take the power back (back when RATM were actually raging against the machine). Here are a few simple steps to protect your privacy:
Browser switcheroo
Ditch Chrome for something more privacy-focused like Brave or Firefox. These browsers block trackers by default and respect your privacy far better than the mainstream options.
Tell third-party cookies to f...go away, please
Head into your browser settings and disable third-party cookies. Sure, some websites might get a bit grumpy and not function perfectly, but it’s a small price to pay for a little more privacy.
Get yourself a VPN
A VPN (Virtual Private Network) masks your IP address (gives companies a pretty one to look at that’s not your ‘real’ one), making it harder for websites to track you. I personally recommend Mullvad VPN—they don’t ask for any identifying information, not even an email address. It’s one of the few services out there that genuinely respects your privacy. And no, they don’t even have an affiliate program—that’s not why I recommend them.
Avoid social media logins
I know, I know, it’s more convenient to log in with Facebook—but if you can, take the extra 30 seconds to create a unique account. It’s a small inconvenience that pays off in greater privacy. It will also lower your digital footprint overall because you’ll be less inclined to sign up for every random website in existence—win-win!
Taking back control, one click at a time
The internet isn’t going to stop tracking you, but you don’t have to make it easy for them (just like they don’t make it easy for you to opt-out). Every action you take, no matter how small—switching browsers, disabling cookies, using a VPN—helps you regain a bit of control over your data. Each click is a choice, and each choice is an opportunity to protect your digital footprint. Think before you click.
If this article sparked something in you and you’re curious to learn more about how to navigate this digital maze, consider subscribing to Thirteenth Strike AND SparkLab. On SparkLab we dive into creative problem-solving, systems thinking, and practical tips to help you take a step back and see the bigger picture.
The world is becoming more digital every day. We gotta take some control of our data back, even if it’s just three clicks at a time.
P.S. I promise, no third-party cookies were involved in the making of this article (I hope—right, Substack? Right??)
That’s it for now.
As always,
Good luck,
Stay safe and,
Be well.
See ya!