FullStory - Track people in the creepiest way possible
ffpipRecord every thing people do. Every click, the slightest mouse movements/hover, and every thing they type.
It's like a person sitting right behind you and watching everything you do, on every site.
Except you don't know when and where it is happening.
They advertise 'Privacy is important to us', 'We care about your privacy' blah blah blah everywhere, but all their actions prove otherwise.
1. Assigning unique ID's to each user. [1]
2. Going to great lengths to hide this, such as using website subdomains (fullstory.example.com) to set 1st party cookies (and evade browsers blocking 3rd party cookies) instead of setting it through their own domain. Thus tracking people who have clearly indicated they do not want to be tracked. They proudly display this fact on their site and say it is a win-win situation. [2]
This subdomain thing is something like DNS forwarding. I am not very familiar with this method. I may be wrong here. More here [3].
3. Not making developers inform users that this is a completely different level of creepy analytics. And not even making it opt-in.
Warning: What you do may be recorded on the site.
The way they frame the privacy and GDPR compliance docs, it seems like they too are not actually sure about it or okay with this. It is written in a doubtful manner and meant to allay privacy concerns and encourage devs to buy their product.
Popular sites that use it - Zapier, Notion, Hyatt. More on their customers page. [4]
I made this post to inform people that these things are actively being developed and deployed. Ad servers can and will track you in any way possible. Please use something like uBlock Origin.
If you trust them to opt you out, you can do it here [5]. Or you can take things into your own hands and install uBO [6].
Fullstory is not the only culprit, but the most popular.
I know some people on HN will consider implementing this, now that they know of it through this post, but I hope this leads to more people blocking it.
I also know some people from Fullstory are on HN, so please feel free to correct me or prove me totally wrong. But please don't comment things like 'Privacy is at the core of what we do'.
Only on HN can you find half of users willing to block these tools, and the other half thinking of how to implement it on their sites.
[1],[2]- https://help.fullstory.com/hc/en-us/articles/360020829513-Why-FullStory-uses-First-Party-Cookies
[3] - https://github.com/uBlockOrigin/uBlock-issues/issues/780/
[4] - https://www.fullstory.com/customers/
[5] - https://fullstory.com/optout