The Invisible Hand: How your online data is collected

You’re bored. So, you go scrolling down Nike.com searching for a new pair of kicks. Then you hop on Insta and… hey, that’s a Nike ad.

We all know that digital platforms collect our data, but how do they know it’s you? In this article, we’ll take a deep dive into the methods platforms use to collect, process, and disclose your personal data.

Privacy policies tell you exactly what data a platform collects about you

A platform’s privacy policy is a document that outlines the data that they collect about you, and why they collect that data. See our guide on privacy policies here. This might include your real-time location, the content you interact with, your browsing history, etc. Oftentimes, this data doesn’t just come from the platform itself; instead, a large amount of that data comes from tracking tools across the web.  

Tracking pixels: what are they?

One method of tracking is using a ‘tracking pixel’. These are pieces of code on a website, advertisement, or email that transmits user data to a third party.

When the pixel loads, your browser sends a request to a server hosting the pixel (i.e. Meta or Google). This request logs information about your activity on the site, such as your IP address, browser type, and more.

Here’s the kicker: while the pixel itself can’t identify you, the third party can use machine learning to recognise and link that pixel to you.

It does this by identifying patterns and trends between various pixels and then comparing them with related data that you’ve already shared with the third party. This allows the third party to make a strong, educated guess that the pixel represents your web activity, or at the very least, a small group of people.

After that, the platform is able to show targeted ads and content from the websites that you’ve visited.

Isn’t this... illegal?

Under the Office of the Australian Information Commissioner (OAIC), the answer is: no. It’s perfectly fine. The OAIC shows that tracking pixels are legally allowed to collect the following data:

Under Australian privacy laws, collecting this information as data for targeted advertising and content creation is a valid reason.

Cookies: what are they?

You’ve definitely seen a cookie consent screen before. But what’s so big about a cookie?

Cookies are small text files that are stored on your browser. Unlike tracking pixels, you can view, edit, and delete the data within the cookies, or the cookie itself.

In the digital world, there are two different types of cookies:

First party cookies are helpful cookies, often required to allow a website to make your experience better, such as keeping you logged in or remembering the items that you have in your shopping cart.

First party cookies are ‘first party’ because they’re owned by the website that you’re visiting, and not someone else.

These are third party cookies , which are almost always designed to track your activity across the web. These work because a third party, like Google or Meta, can access the cookie on your browser across many different sites, and then build a profile of your web activity.

However, while legislation attempt to regulate cookies as well as possible, it’s not always consistent across the board. A 2024 study found that a whopping 55% of sites don’t give you an option to decline cookies.

We get it, it might sound like these companies are massive entities collecting huge amounts of data and you don’t have any control over it.

But it’s not all bad. We have a guide on how to prevent trackers from building a profile on you on the web!