Skip to content

Latest commit

 

History

History
121 lines (94 loc) · 5.91 KB

README.md

File metadata and controls

121 lines (94 loc) · 5.91 KB

DuckDuckGo's App Tracker Blocklist

The app tracker blocklist is used by DuckDuckGo App Tracking Protection, currently available in beta on Android only. We build this list by interacting with popular Android apps and identifying common third-party requests that are sharing personal data, unique identifiers, or other information that could be used for fingerprinting. In the future, we plan to make the data and the tools used for data collection public. Questions or issues with tracker blocking in DuckDuckGo apps and extensions should be reported in the Privacy Configuration.

Questions

  • Where are the blocklists?
  • Where can I find the code that generates the blocklists? The code to generate blocklists is not yet open source but coming soon.
  • Are there any exceptions that should be applied to the blocklist? We exclude certain apps from protection if we find that they do not work with VPNs or rely on tracking domains to function. Our full list of excluded apps can be found in the unprotectedApps object here. Note that users can override this list by enabling or disabling protection for individual apps. In addition, some apps rely on very specific trackers. For such apps, we exclude the specific app/tracker pairs as listed in the appTrackerAllowList object here.
  • How do I use the blocklist? See examples file that gives an overview of the blocking algorithm and lists a couple of examples.

Format

The blocklist is in JSON format and consists of three main objects:

Trackers

Trackers are grouped by their domain (based on Public Suffix List and Tracker Radar Suffix Additions).

The domain should be matched against outgoing requests to identify tracking attempts.

Each tracker contains the following fields:

ownerEntity (usually a company) that controls this tracker
defaultThe default behavior when blocking this tracker [block or ignore]

owner

Entity (usually a company) that controls each tracker. Each entity has a corresponding entity file in Tracker Radar. Entities have the following fields defined:

nameThe name of the entity
displayNameA shortened entity name without company suffixes

default [block, ignore]

The default behavior used.

DefaultAction
blockAll third-party requests from this tracker are blocked
ignoreDo not block

PackageNames

A list of Android package names developed by entities that also engage in tracking. Each package name here comes with the corresponding developer name as found in Tracker Radar entity data.

Entities

The entities object contains an entry for each of the trackers found in the blocklist and contains a single field:

signalsThe type of data the tracker collects (e.g. gps_coordinates)

signals

The type of data the tracker is known to collect. Current list of possible values:

Personal:

  • first_name: first name as entered into a form within the app
  • last_name: last name as entered into a form within the app
  • email_address: email address

Location:

  • postal_code: postal code either as entered into a form or extracted from GPS location
  • gps_coordinates: GPS coordinates
  • city: city either as entered into a form or extracted from GPS location

Identifiers:

  • AAID: Android Advertising ID
  • unique_identifier: any unique identifier that can be set and shared across apps
  • cookies: any cookies set/received
  • local_ip: local IP of the device

Fingerprinting:

  • platform: platform of the device (e.g. "Android")
  • os_version: operating system (Android) version
  • os_build_version: build version of the operating system
  • device_make: device brand
  • timezone: time zone
  • device_free_storage: how much free storage remains on the device
  • device_total_storage: how much total storage the device has
  • external_free_storage: how much free external storage remains
  • external_total_storage: how much total external storage the device has
  • device_free_memory: how much free memory (RAM) the device has
  • device_total_memory: how much total memory (RAM) the device has
  • device_language: language of the device
  • accelerometer_data: accelerometer data
  • rotation_data: rotation of the device
  • device_orientation: orientation of the device
  • device_screen_density: density of the device screen
  • device_volume: current volume
  • device_connectivity: connectivity status
  • wifi_ssid: WiFi network name
  • device_charging_status: is the device charging or not
  • device_battery_level: battery level of the device
  • cpu_data: CPU usage of the device
  • app_name: name of an installed app
  • install_date: installation date of the app
  • device_name: device name
  • device_font_size: font size of the device
  • screen_brightness: screen brightness