For example, if:
- I’m on a tracking website like Linkedin
- I log out and close the browser
- I turn on the vpn and open the same browser
- I create a Spotify account
Is it possible that Spotify will give me targeted ads based on my home IP due to the cookies?
Thanks in advance
Cookies don’t, but cookies are part of an IP packet which does. So yes, your scenario is possible if the website you visited first stored which IP addresses that cookie has previously been used with.
Cookies are some data that websites store in your browser, its text arranged in key-value pair, it could contain anything.
But putting an ip address in cookie does not sound something anyone would wanna do as I dont know the purpose of such a thing
deleted by creator
cookies are just text. they could literally contain an ip address or a hash or other identifier that refers to one.
spotify can’t directly obtain data from a linkedin cookie. but ad networks and other ‘third parties’ could provide ‘targeting’ or even identifying information to them.
use a different browser profile, or better–an entirely different browser–for vpn browsing.
Home IP isn’t reliable, there are much better ways of fingerprinting you. It’s more device based. People move around.
It’s also fair to point out that your browser may not know your external IP; if you’re behind a NAT, like a home LAN, your computer probably thinks its IP is the LAN IP, an address shared by millions of computers the world over. If you’re using a VPN, your external IP (which JavaScript could get) is the IP of the exit node - an IP shared with possibly dozens of other people. Of you’re not using a VPN, well… that’s on you. That’s privacy 101.
This. It’s not so much your IP address that identifies you; it’s your browser fingerprint
Yup. Entirely possible. Blocking third party cookies might somewhat reduce sites’ ability to tell that you’re the same you on the same browser between VPN and direct connection, but even that isn’t any guarantee that Linkedin (and/or the ad providers Linkedin uses) and Spotify (and/or their ad providers) don’t know you’re the same user between VPN and direct. And if there’s some amount of collusion and/or purchase of user tracking info going on between those entities, even only first-party cookies are sufficient for them to be able to prove the link between your direct and VPN IP addresses. Even without any cookies, though, there are still browser fingerprinting techniques that are worth looking into if you want to know more about defeating that sort of tracking.
Logging out and closing the browser does not delete your cookies.
Depends on your settings. Firefox has a setting for delete cookies on exit. It is not on by default though
Cookies do not directly communicate your IP address, they’re just bits of data about your visit. Logging out of LinkedIn and closing your browser should clear them, unless they’re persistent cookies.
Using a VPN to create a new Spotify account maskes your actual IP address. Meaning spotify wont know your home IP address. But, if Spotify uses cookies from your previous sessions or if you log in with the same credentials, it may still serve targeted ads based on your previous activity.
So while cookies don’t transmit your IP address, they still influence the ads you see based on your browsing history and/or account information. For enhanced privacy, it’s usually recommended to set cookies to be wiped when you close the browser. I have a handful of sites I like to keep cookies for, but everything else is gone after each session.
