The goal of this project is to measure and study the diversity of web browsers and establish statistical profiles of browser fingerprints. All of the data for the project will be collected in an anonymized form which ensures that it is not Personally Identifiable Information*, nor otherwise likely to lead to the identification or tracking of any web users.

*Personally identifiable information (PII) is any data that could potentially identify a specific individual.

We are committed to protecting the privacy of visitors to our website. In this policy, "we" refers to the Inria researchers and students who are bound to keep information they receive confidential.

Information Gathered by the AmIUnique Website

For the needs of the research project defined here, AmIUnique collects anonymous data about the configuration of computers, operating systems, browsers and plugins. If you click the "View my fingerprint" button, this type of information will be collected from your browser. Although these kinds of data may form a `fingerprint' that could in principle be combined with information about page requests and identifying details in order to track people's browsing habits, we will never do so.

The specific 'fingerprint' information we collect is :

  • The HTTP headers sent to the server :
    • the User agent header
      HTTP header sent to the server that contains information regarding your browser and operating system
    • the Accept header
      HTTP header sent to the server that contains information regarding the type of media that are acceptable for the response
    • the Encoding header
      HTTP header sent to the server that lists the compression methods supported by the browser
    • the Language header
      HTTP header sent to the server that indicates the preferred languages for the response
    • the Connection header
      HTTP header sent to the server that contains specific options that are desired for that particular connection
    • the Host header
      HTTP header sent to the server that specifies the domain name of the server and eventually the TCP port number on which the server is listening
    • the Upgrade Insecure Requests header
      HTTP header sent to the server that indicates the client's preference for an encrypted and authenticated response.
    • the Referer header
      The address of the previous web page from which a link to the currently requested page was followed.
    • the Cache-Control header
      Specifies directives for caching mechanisms in both requests and responses.
    • the Do Not Track header
      HTTP header sent to the server that indicates the user's tracking preference.
  • the list of plugins
    Browser-populated JavaScript attribute that gives the list of activated plugins in the browser (window.navigator.plugins)
  • the platform
    Browser-populated JavaScript attribute that indicates the platform the browser is running on (window.navigator.platform)
  • the cookies preferences (allowed or not)
    Browser-populated JavaScript attribute that indicates if the browser accepts cookies or not (window.navigator.cookieEnabled)
  • User agent with Javascript
    A string giving details on the browser and its underlying operating system. This attribute is collected with Javascript.
  • the Do Not Track preferences (yes, no or not communicated)
    Browser-populated JavaScript attribute that indicates your Do Not Track setting (window.navigator.doNotTrack), "NC" means the value was not specified
  • the timezone
    Timezone offset of your browser obtainable through JavaScript (new Date().getTimezoneOffset())
  • the screen resolution and its color depth
    Browser-populated JavaScript attributes that indicate the resolution of the device’s screen (window.screen.height/width/colorDepth)
  • the use of local storage
    JavaScript test to find out if local storage is supported (storage of a specific value in "localStorage")
  • the use of session storage
    JavaScript test to find out if session storage is supported (storage of a specific value in "sessionStorage")
  • a picture rendered with the HTML Canvas element
    Rendering of a specific picture with the HTML5 Canvas element following a fixed set of instructions. The picture presents some slight noticeable variations depending on the OS and the browser used.
  • a picture rendered with WebGL
    Rendering of specific 3D forms following a fixed set of instructions. The picture presents some slight noticeable variations depending on the device of the user.
  • the presence of AdBlock
    Test to find out if the AdBlock extension is installed
  • the list of fonts
    • using Flash
      Flash attribute that gives the entire list of fonts installed on the operating system (flash.text.Font.enumerateFonts(true))
    • using JS
      Fonts installed in the device using JS
  • Content language with javascript
    Using Javascript for getting preferred languages for the response

In addition to these data, we collect several kinds of `housekeeping' information to assist us in analyzing the fingerprint data. The housekeeping information is :

  • Cookies
  • IP addresses
  • Timestamps

Our practices and purposes for collecting these housekeeping records are discussed below :

Cookies

AmIUnique sets a cookie that persists for 4 months for the purpose of determining how often browser characteristics change, and how often they stay the same, when a browser returns over time. If your browser is configured to accept cookies, and you return to AmIUnique several times, the cookie will be used to link the data from your visits together so that we can study the natural evolution of browser fingerprints. AmIUnique also stores a temporary cookie that persists for 5 minutes in order to avoid fingerprinting a user again if they revisit within 5 minutes. If you want to disable/enable browser cookies, click on the link below corresponding to your browser for instructions. You should be aware that entirely disabling cookies may block some interactive features on some websites (most notably, automatic logins).

Instructions for:

Moreover, if you are interested in enabling/disabling Flash cookies, you can do so by visiting the following page : Manage Flash cookies

IP addresses

AmIUnique logs IP address. This IP will allow us to collect a dataset about how often browsers that change IP address could have been followed using a fingerprint.

Timestamps

AmIUnique collects a "fuzzy" timestamp, rounded to the nearest hour, each time it is visited. This will be used to measure how fast browser fingerprints change, but for no other purpose.

Our Use of Information from AmIUnique

We will analyze the collected data in order to establish what are realistic profiles for browser fingerprints. The purpose of this analysis is to set an automatic procedure to proactively diversify user platforms in a realistic manner. AmIUnique has no Third-Party Service Providers.

Sharing of AmIUnique data

We may publish or share aggregated, statistical data from the AmIUnique project in order to facilitate privacy research, educate people about privacy problems, and to aid in the development of privacy-enhancing technologies. We have gone to great lengths to ensure that AmIUnique does not produce any records about anyone's browsing habits or the identities of any individual visitors, so we will never be in a position where we could share any such records.

Security

In a general way, Inria commits to carry out technical and organizational means to protect all information we gathered against illegal or fortuitous destruction, fortuitous loss, alteration, diffusion or unauthorized access. Nevertheless, Inria shall be required to divulgate any information to comply with any applicable law or rules, or to respond to any administrative or judiciary order.

Although we make good faith efforts to store information collected in a secure operating environment, we cannot guarantee complete security. Information collected will be maintained for a length of time appropriate to the needs of this research project.


This Privacy Policy is based on some material from the EFF website (Electronic Frontier Foundation), which is freely redistributed under the Creative Commons Attribution License