According to a recent research a feature of the HTML5 can be used by websites to find out how much battery life a visitor has left on their laptop or smartphone which could in turn help them track online users.
Beware: Your Smartphone or Laptop Battery May be Spying on You
Four French and Belgian security researchers claim that an online user’s privacy is no more. The reason is that the websites receive very specific data about how long it will take for a battery to die out. Moreover they also receive data about the capacity of the remaining battery. When these two numbers are taken together, websites get an ID number which can be used to identify browsers across websites.
Those who use a private browsing option are not safe either. The researchers said,
“Users who try to revisit a website with a new identity may use browsers’ private mode or clear cookies and other client side identifiers. When consecutive visits are made within a short interval, the website can link users’ new and old identities by exploiting battery level and charge or discharge times. The website can then reinstantiate users’ cookies and other client side identifiers, a method known as respawning.”
The researchers also found that on some platforms, it is possible to determine the maximum battery capacity of the device with enough queries which creates a semi-permanent metric to compare devices.
In 2012, the World Wide Consortium (W3C) had introduced the battery status API, which is supported in the Firefox, Opera and Chrome browsers. It was designed to help online users to conserve their battery power. This enables a website and web app to notice when a visitor has limited battery power left and shift to a low-power mode and disable minor features to help preserve energy.
Moreover, websites do not even take user’s permission to find out how much battery life is left because, according to the W3C:
“The information disclosed has minimal impact on privacy or fingerprinting, and therefore is exposed without permission grants”.
However, the recent research has claimed that websites get an ID number which can be used to identify browsers across websites which raised doubts about the W3C’s claims.