Your Battery Life Might Just Reveal your Internet History

A recent study conducted at the Princeton University has found that web trackers use the battery life of your tablets and mobile phones to monitor user activity on the internet. They discovered that two popularly used web scripts can target people by reading their Battery Status’ API, which is an indicator of the battery life that devices send to the web browsers like Chrome and Firefox.

It is the first time that researchers have found evidence for battery life being used for tracking users. Unlike prevalent tracking mechanisms like cookies, the API used for reading the battery status cannot ever be turned off, which means that it can be used to track the activity of users even when they disable the cookies, activate private browsing or use a VPN.

How does it happen?

The API used to read the battery status was introduced in HTML 5, which is the currently deployed web standard. It can give several readings, the time it would take to charge or discharge the battery fully, the present charging status, and a lot more. This information is sent to the web browsers so that they can adjust their power usage by activating the low power mode when the life of the battery drops to a particular level. However, there are web scripts which can use these to identify the users who want to remain hidden.

For instance, someone can switch their internet network and web browser, thereby altering their cookies and IP address or browse incognito, but the battery readings can be used to figure out the identity of the user. A script is then used to reinstate the old cookies and track them. This process is referred to as respawning.

What steps are being taken?

The scripts found by the Princeton researchers were not as common as other novel signals, like “audio fingerprinting”, in which a script is used to read a unique audio signature used by a device which does not require microphone access. These signals are much harder to stop than commonly used tracking technologies, such as cookies. One of the researchers pointed out that web browsers might begin to shut off the access to battery life readings. He said that companies might take advantage of it. For example, users might be willing to pay more for their cab rides when the battery life on their devices is low. So, if you think that you are safe from any intrusion, think again. Privacy threats and risks can arise from a seemingly innocuous mechanism.