[user17843]

This is overkill.

A way simpler solution is to simply not have a registered account with those companies. That's where the problems start, when they tie certain browsing and telemetry data to your true identity.

For everything else a good content blocker + the typical pihole list that include telemetry domains are enough protection.

I am registered with Apple and Amazon, and there's no way for me to change that because there is simply no one else that delivers this kind of value.

Long-term I could see the possibility of leaving Amazon, but there is a security-advantage when using amazon because otherwise I would leave all my personal data to countless small vendors who regularly get hacked, etc.

[csydas]

This is actually not feasible as a solution because of shadow profiles. Google et. al. track you even when you are not logged in. Simply landing on a page is enough to capture your use habit and infer browsing/purchasing patterns from it. Look at Google Purchases revealed to many just a bit a go. It was retroactive for sure just scanning our inboxes which Google does have access to, but it can use known information to find seemingly anonymous data from referred info in the Anon chain.

It's not really a choice to say "just don't use it", because even appearing on a site with Google tie ins feeds mineable information.

[user17843]

You contradict yourself. Google Purchase history requires a google account, they can't connect it to you if you are not logged in.

The reason google pushes the log-in in their browser is exactly because they want to be able to tie this all to your account.

[csydas]

No, that was an example, not a requirement. Google has this history they associate whether or not you have a Google account. The account just solidifies it. You're still being tracked and identified without the account.

[user17843]

and that's an assumption you make that requires evidence. Your claim is that there is not only this kind of identification happening, but that it happens even if I have the common tracking blockers. Otherwise the blocklist in this thread would be completely overkill, just as I said.

[zymhan]

It's folly to think an account is the only way for advertisers and retailers to identify and track you.

Signing up for an account is just more explicitly forking over and sharing data. But you're being tracked by every possible method, and it is possible to piece together the remaining information.

[user17843]

Where is your evidence?

Did you even read my comment? The typical pihole lists already include tracking domains.

What you imply is that if I visit youtube.com with tracking disabled, they still create a profile of me. Then tell me, what unique identifier do they use?

[dmitriid]

Browser fingerprint, referrers, available cookies, IP address immediately come to mind.

[user17843]

OK, but how do you account for changing IP-Addresses? You would need to take one identifier that never changes.

Maybe they have machine learning which combines a couple of factors and then create long-term profiles based on the likelihood of some data belonging to the same person.

That would be illegal though.

[dmitriid]

That’s what shadow profiles are: they are not necessarily illegal (depends on jurisdiction, illegal under GDPR), they act on probabilities (this particular set of data identifies a person and is significantly different from/similar to other sets of data), they look for patterns in data and behaviour (a user with browser fingerprint A from Pasadena that looks at youtube videos of category X yesterday and today is likely to be the same person even if IP changes)