Web of Trust (WoT) is a browser add-on, designed to inform users whether the websites they’re visiting are safe. Unfortunately, it turns out the company behind WoT has been collecting and selling user data, without anonymizing it.
According to the BBC, WoT has been downloaded more than 140 million times by people looking to keep their browsing habits safe and private. It’s likely that most of them weren’t expecting the actual add-on to publish their history and personally identifiable traits.
An investigation by German broadcaster NDR found that the company behind Web of Trust didn’t anonymize the user data it was collecting and selling. As such, the investigators were able to identify individuals" surfing histories, health queries and even sexual preferences. But if that’s not enough, the data actually contained email addresses and phone numbers, all in plain sight.
For its part, Web of Trust admitted that this was “unacceptable”, and said that it will take steps to address these issues. The company added:
If the data allows the identification of even a small number of WoT users, we consider that unacceptable.
One of those steps to be taken is to alter the privacy policy of WoT to actually inform users that their data is being gathered and sold. Another step that the company is taking - arguably a much more important one - is to overhaul its anonymization systems to make sure this doesn’t happen again.
It’s unfortunate that even systems designed to protect users online sometimes seem to have such wildly opposite effects.
Source: BBC