What is a Privacyscore?
A Privacyscore is a way to assess the privacy risk of using a website.
Privacy risk is the chance that data about you will be used or
shared in ways that you wouldn't expect. Privacyscores cover two kinds of data:
- We estimate privacy risk to personal data (such as your name or
email address) based on the published policies of the website.
- We estimate privacy risk to anonymous data (such as your interests
and preferences) based on the privacy qualifications of the other companies who
collect this kind of data across websites.
You can see Privacyscores of the sites as you visit by using the
Privacyscore add-on for Firefox and Chrome.
Who runs Privacyscore?
Privacyscore is a project of PrivacyChoice, which was founded in 2009 to make privacy
easier for websites, apps and their users. Jim Brock and Jason Beatty lead a team
of over a dozen developers and analysts located around the world, as well as thousands
of web users who contribute their data and their product feedback and suggestions.
Jim has worked in web media and technology since 1994, when he was founding counsel
to Yahoo! He has been an early-stage technology investor, startup-founder and also
ran one of Yahoo!'s major business divisions. He founded
PrivacyChoice in 2009. (See full background.)
Our company contact information is PrivacyChoice LLC, 101 Cooper Street, Santa Cruz
CA 95060, telephone 408-641-9290.
How do you compute a Privacyscore?
Click "Learn about Privacyscores" on any
report page for summary of how we compute Privacyscores.
privacy qualifications of the other companies collecting data there.
Four site-policy factors cover how websites promise to handle your personal data.
Five tracking data factors cover the privacy policies and oversight of companies
that collect anonymous profile data on the site and elsewhere for things like ad
selection. Each tracker contributes to the total score based on the prevalence of
that company in the pages sampled for the site that have trackers.
Based on these factors, a Privacyscore of 100 would indicate:
- The site's policies expressly limit the sharing and use of personally identifiable
data in these ways:
- Personal data (like name, phone number and email address) should not be provided
to marketers without permission and should be deleted on request.
- A user's request to delete personal data should be honored.
- Notice should be provided in the case of disclosure of personal data pursuant to
legal process or government requests, where legally allowed.
- If service providers have access to personal data, their use of it should be restricted
- All trackers seen on the site pledge to respect anonymity, choice and boundaries,
and should be subject to industry accountability.
- Personal data should not be collected or use, or should be separated from behavioral
- Boundaries should be recognized in areas like health conditions and financial data.
- Choice should provided as to whether data will be collected or applied for the purpose
of ad targeting.
- Accountability should be provided through both regular compliance reviews of internal
processes by industry organizations (such as the Network Advertising Initiative)
or independent auditors, as well as ongoing external monitoring of practices by
Sometimes I don't see a Privacyscore on an app permission page. Why?
Facebook has thousands of apps, and we're still building out our coverage. We try
to score the most popular apps, but you will find apps and sites that we have not
scored. If you click on the "ps" when you're on any app or website where we don't
have a score, we count your interest in that site, which helps us prioritize. You
can help us score more apps by using the
add-on and checking the box to transmit tracking events from your browser.
Do you have a glossary of Privacyscore terms?
Privacy Analytics is the measurement, collection, analysis and
reporting of internet data for the purposes of understanding and reducing privacy
Personal data is data that can easily identify you, such as your
name, email or physical address, phone number or government ID. Some people and
organizations also believe personal data also includes any constant identifier that
cannot be easily hidden, such as an IP address.
Privacy risk is the chance that user or website data will be used
in unexpected ways. Initially, we are measuring privacy risk by examining the stated
privacy practices of a site and the companies collecting data there.
Trackers are companies that compile data about individual users
across different websites. Most trackers are involved in ad targeting and operations.
For our purposes, â€œtrackersâ€ do not include website analytics companies; while
they may collect data about individual computers on behalf of different websites,
they do not typically compile one userâ€™s activity across different websites into
a single profile.
Tracking events are individual instances of data collection by
a tracker. Typically, there is one tracking event each time a tracker has access
to browser information in a web page. This information usually includes the URL
of the page (which provides contextual information), the IP address of the user,
the browser being used, and, any unique identifier that the tracker may previously
have placed on the machine (such as in a cookie file). It can also include referring
URL information, which can contain search terms when the referral is from a search
Why should publishers care about Privacyscores?
For a web site or app publisher, a Privacyscore shows you how your site compares
to other sites when it comes to privacy. We call this "privacy analytics,"
which should be part of every site's privacy framework. Site publishers can subscribe
to our privacy analytics services to get deeper scanning of their site, Privacyscore
change alerts and more detailed analysis of third-party data collection on their
site. Contact us to learn
Why would a site or app's Privacyscore change?
Privacyscores reflect the most current data we have in our system about tracking
activity on the site, which can change from day to day, particularly for sites that
have many trackers on their site. The privacy qualifications of those trackers may
change, which can affect the site's overall Privacyscore. Also we may make changes
to the operation of our algorithms and the default weights assigned to different
Isn't privacy too subjective for a numerical score?
People have very different expectations when it comes to online privacy, so it's
difficult to capture all of those concerns in a single number. But Privacyscore
factors include areas that many people find important in privacy policies, particularly
typical users who provide personal information to sites they visit and who do not
opt-out of or block data collection by ad companies. By weighting these factors,
they provide a good rough measure of when a site's privacy practices deserve a closer
We also designed Privacyscores to be helpful for web publishers, who need to be
concerned with the policies they establish for personal data, and the companies
they allow to collect anonymous data on their site. They can use their Privacyscore
to see how they measure up to other sites when it comes to privacy.
What's a "tracker"?
"Trackers" are companies that collect data about what users do across
websites or apps, usually for the purpose of targeting ads. Trackers can collect
data on a website because sites include special software code, called tags, on their
site pages. This allows other companies to show advertising on the site's web pages,
and to collect data as they do so. By placing a small file on your computer, called
a "cookie," trackers can identify the same browser as you go from page
to page and site to site, which allows them to infer what you're interested in or
what you may be searching for, which they use to select ads that you see. Trackers
may include companies who collect tracking data in the course of providing other
features, like sharing buttons or using counting, even without showing an advertisement.
Some companies may collect data across different sites but don't connect what you
do on one site with what you do on other sites. They may do this to provide a service
to the sites, like helping them analyze how people use the site so they can improve
it. We don't consider these companies "trackers" for the purpose of Privacyscores.
Why don't you list other companies on webpages, even if they aren't trackers?
We have catalogued these companies and are tracking them in our database. We will
be exposing this data in a new release soon. While privacy concerns are greatest
with trackers that combine data from across different sites, a complete privacy
report should include all companies with access to user data.
What other factors can be added to Privacyscores?
The Privacyscore algorithm will continue to change as we add different factors and
approaches to weighting. Here are a few on deck right now:
- Tracker depth. Tracking companies that have a broader reach across websites
are in a position to gather a more extensive user profile. Tracker factors for these
companies could be given additional weight in the Privacyscore.
- Tracker frequency. Some users may associate a greater number of trackers
on a site with higher privacy risk, even with all other factors equal. Sites with
more trackers would have a lower Privacyscore, regardless of those companies' privacy
- Choice quality. A tracking Privacyscore can reflect the quality of the
tracker's choice method. Persistent and verifiable choice methods would be required
for full Privacyscore credit. More credit would be given if the tracker confirms
that an opt-out terminates data collection (as opposed to use for targeting), or
if the the tracker affirms that they honor a Do-Not-Track header.
- Joining data. Sites that import additional data about users -- such as
through social network APIs or email matching -- may increase privacy risk by aggregating
data in unexpected ways. A Privacyscore can reflect the site's published promises
about handling joined data.
Should I trust companies to comply with their privacy policies?
A Privacyscore reflects the published privacy policies of a website and qualifications
of the tracking companies we find there. We cannot directly verify compliance, but
Privacyscores can reward submission to oversight, such as through industry associations
or independent privacy auditors. Also non-compliance with published policies carries
legal and business risk. The Federal Trade Commission and many states have the power
to bring actions against companies who do not comply with published privacy policies.
How do you tell which tracking companies collect data on a website?
We continuously scan websites for tracking activity in two ways:
- Our spiders regularly cycle through popular pages on the websites that we score,
seeing which tracking companies serve content on those pages, which allows them
to collect user data.
- Tens of thousands of real users using our browser add-ons have opted-in to send
tracking data to our database as they use the web normally.
By analyzing these interactions, we maintain a current map between the websites
and the tracking companies, as well as the frequency with which those tracking companies
When I click on the Privacyscore in my browser, why don't I see the blue summary
If you are running other add-ons, such as No-Script, this may interfere with the
operation of the Privacyscore add-on. Try whitelisting "privacyscore.com" and see
if that fixes the problem.
Why do I see trackers listed for a site that doesn't seem to have any ads?
Tracking companies may collect data through a web page, even if they are not actually
serving ads on the page. A good example is the technique of "retargeting,"
which means that a tracking company sets or reads a cookie when you visit a website
in order to show you ads after you leave the site. The retargeting company may not
show you an ad on the first site, but we will record them as collecting data.
Also widgets that are used for functions like sharing or embedding video may also
collect data that is used for cross-site tracking, even though they may or may not
serve an ad with the widget.
If you believe you have seen an error in our listing of trackers for any site, please
let us know.
What if I don't want any anonymous data collected from across sites?
There are many good browser add-ons that limit tracking, such as
TrackerBlock, a sister project from PrivacyChoice, or
Ghostery. Internet Explorer 9 has tracking protection built in, which
you can enable with a PrivacyChoice
Tracking Protection List. If you decide to block tracking, then you can
customize your Privacyscore to un-weight the tracking privacy factors.
How can I find out more about this project?
Check out the privacychoice blog for
more, Like us on Facebook, or
follow @privacychoice on Twitter.