A Marketer’s Guide to Data Tracking: What’s Really Going on Within Your Website?

  • Why this is important: AJAX simply has made it easier to send and receive information from across multiple browsers to host servers to improve the end user experience and minimize disruption. Facebook and Twitter rely on tech like AJAX to keep web pages up to date (FBLikes, RTs, timestamps)
  • Why this is important: JavaScript operates in your browser as part of page rendering. All browsers support javaScript and it is often the case that code may be written to deal with the different capabilities each browser may have.
  • A simple bit of embedded JavaScript is all that’s needed to record any kind of activity on a webpage — even if you don’t actually submit anything!
  • Why this is important: The w3C has identified HttpRequests that passively expose the following : 1) browser fingerprinting based on persistent 2) super cookies, correlated with other techniques to re identify you 3) header requests that may include IP information, browser, version and OS — are considered Unsanctioned Web Tracking
  • Why this is important: The reasons for its popularity: 1) There are plugins that are readily available for building websites or web apps. This “Write less, do more” tagline means you get more done with fewer lines of code.
  • jQuery powers 76% of the top 1MM websites, 41 MM of which are in the US, and hence has built a huge dependency, with over 65% of the JavaScript library usage.
  • Why this is important: Cookies are state indicators, markers that contain small amounts of information stored on your device, that can be recognized by a web site, or other web sites that know the cookie is there and can act on the data contained in them. Examples include username, password, website preferences.

Understand what’s happening on your website

In order to begin to understand what’s going on in a website, it makes sense to understand what to look for. To display what’s on the page there is HTML but increasingly people are calling code components from just about anywhere.


Remember, these requests contain references to the objects (page elements and the command codes) that make up a web page and can be made to do things like transfer the data between the website and the server requesting it. The code below is placed into the browser memory cache and then it becomes a live program that is executed based on the page events like the user clicking or entering information.

Next I did a search for the word “cookies”.

I found 67 instances of the “cookies”. Here are some examples

What this means:

You will see keywords like “mouse”, “document” (which refers to the page) and “window.location”, all of which are a means by which coders can detect things like device and browser capabilities for each end user.

Why do marketers need to understand this?

Those who manage the website to run communication or acquisition campaigns need to understand the basics of carrying out a simple code review. Legally speaking, the “controller” is the person responsible for how the site functions. Secondly, “open source” does not mean “free of responsibility” and it is the case that each site request (to the data processor) will have its own terms and conditions by which controllers are legally bound and as we’ve seen (unbeknownst to the controller), the code that is dropped into the user device more often than not, does not come from the site server but rather the third party data processor (represented by standard .js calls below):

  • This seamless exchange of information between client site and server environments that AJAX has enabled has made it more commonplace for more data collection from a dynamic and interactive user environment.
  • There is shape and form to web pages that can all be manipulated by coders who have the skill and knowledge to do so.
  • Through seemingly innocent pieces of javaScript, web scrolling, mouse movements, keystrokes can be tracked and recorded against your will or knowledge.
  • HttpRequests passively expose your identity through your IP, persistent cookies on your website, your browser, version and login preferences, location etc.
  • Any code library that makes use of any of the javaScript language can be safely assumed to be either transmitting data, or storing data on the user device. In all such instances, the data gathering goes back to wherever the host machine for the code resides.
  • Veiled as optimizing user experience, what is actually going on is a massive market for data gathering right under the noses of site owners and their visitors.
  • What I have found (and I am still learning) is that website construction is many layered. More than just what you see on a screen and what happens in end user devices needs to be understood and properly managed.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
MyData Canada

MyData Canada


Our vision is to become an essential voice of technological and social change that impacts the data rights of all Canadians and influences the national debate.