How do those ads know where I live?

//
I live in Baltimore. When I go to a website,  the content will often say things like, “Find sexy singles in Baltimore,” and stuff like that. I use spyware software religiously. So, how do they know where I live? And how do I get rid of it? These aren’t local websites that I’m visiting by the way.

Spooky, isn’t it? I see the same thing when I visit certain websites. It’s not always about “sexy singles,” but they frequently nail me down to the Seattle area.

There are a couple of ways this can happen.

You told them

The most obvious is one we often overlook.

Ever register with a site? At a minimum, I’ll bet that it required a city, state, or postal code. Well, you just told them where you are. That’s now information that that site (and possibly other sites operated by the same entity or entities) can use to customize your experience. That “customization” could include local news, weather, and yes, even advertising.

In most cases, all it takes is a postal code. If a site has that and passes it on to other sites or advertising services, then it’s trivial for those sites and services to know – at least in general terms – where you are.

Your ISP told them


… it’s nearly impossible to determine the specific location of a computer based on only its IP address.
The spooky one is where you visit a site for the first time and up pop those ads for your city.

As I’ve discussed in many other articles, it’s nearly impossible to determine the specific location of a computer based on only its IP address. The reason is simply that the publicly available information about IP addresses only resolves down to the ISP that assigned it. If you need to get more detailed, you need the ISP’s help. They typically won’t help without legal requirements.

But even without the ISP’s help, you do have something. You have the location of the ISP.

In fact, that’s exactly how I get located when I’m at home. Even though I’m located well outside of Seattle, my ISP is based there. Hence, ads that use “geo-targeting” based on the IP address resolve to the greater Seattle area.

They can get it wrong, too. I’ve had several ISPs over the years in this same place and location services have at various times reported that I’m in:

  • Southern California
  • Portland, Oregon
  • Seattle
  • Woodinville

Even the last one, which is indeed correct, narrows down my location only to somewhere within 18 square miles.

The most egregious are cases where they attempt to geo-target an AOL customer. Do a lookup on AOL’s IP range and it looks like every AOL customer lives in Manassas, Virginia, regardless of where they really are.

You Are HereGoogle told them

I say Google, but in reality, this could apply to any service which includes geo-location information and probably applies equally well to Apple, Microsoft, Facebook and others.

This information can be collected from known Wi-Fi hotspots and also from mobile devices that include GPS.

It should be no surprise that GPS-enabled devices have the ability to determine exactly where you are. That’s their point, after all. When the information from these devices is associated with your Google, Apple, Microsoft or Facebook account, that information can be applied or correlated with your internet access using other devices – like your desktop computer.

That is shared anonymously with advertising networks, which show you ads that relate specifically to where you live.

So the bottom line is that advertisers can often (but not always) make a reasonably intelligent guess as to your general location. It’s nothing new really and certainly nothing to be concerned about.

This is an update to an article originally posted :  Feb 10, 2006

There are 20 comments:

  1. samir

    very useful leo
    i appreciate that
    my best regards

  2. Blake Patterson

    The fact that the word “cookie” and likely the word “Amazon.com” were’nt mentioned suggests to me that the author might well have done a bit more research before “answering” this baffling queston.

  3. eeeeee

    uhhh, cookies anyone? check out your cookie cache – you’ll see various ad engines set cookies. they only have to know you once to track you from there. it isn’t hard. Philip Greenspun wrote about this back in, oh, 1997 or so: http://philip.greenspun.com/panda/user-tracking (that page has since been updated).

  4. Rick Wieland

    So what’s your point Blake? You say other websites get to read the Amazon.com cookie? Since the web browsers submits the cookie only to the site it belongs too this can’t be happening (at least in a computer that hasn’t been hijacked by some sort of adware/malware)

    And if you say Amazon.com is illegally selling private info to relate personal data and IP address how would this guys (Amazon.com) make sure every pal behind an IP is the same guy they recorded the info once when we all get different IPs assigned randomly when we reset our routers?

  5. Jyothi Karthik Raja

    I agree with Balke. Very poorly researched article. Like someone with a few extra minutes in hand decided to write quickly about something he had very pedastrian knowledge to begin with.

  6. Ace

    I wonder if they may be using the same technique google uses to geo target users: First response to DNS query. Typing http://www.google.com in the address bar is translated to http://www.google.ca (canadian location) Geo position ad farms and the first response wins. Usually this means that the nearest to the user reponds with a local server address, and thus local versions of the ads.

  7. Paul

    Another thing to keep in mind is that often times they don’t know where you live. I noticed that banner ads on dictionary.com were targeting my location. When I deleted my cookies and went back it had a classmates.com add to find students from “West Springfield High School” or “Martin Luther King High School”. There just so happens to be a “West Springfield” high school in my area, but there are also 5 zillion West Springfields and Martin Luther Kings all over the US.

    So sometimes they just guess with a common city name or something.

  8. Mikywutz

    “I use spyware software religiously” That’s the reason…

    Ok, Ok… I guess what he really meant was antispyware.

  9. vitriolic1

    Okay, dumb comment people. His answer is accurate and the logical place to start. Once the adserver resolves a close approximation of your location this information can be included in a cookie. If the adserver is part of a network like Advertising.com or Revenue Science it can fine tune depending on the sites your frequent. So if this guy looks at the Baltimore Sun site and checks the local job postings the server can give the Baltimore location in the cookie another point. This will help validate the association. You can get a lot more sophisticated but starting from this base is all you need. No nefarious plots between Amazon.com and any other advertiser. Sheesh, take off your foil hats.

  10. J

    I think the article is right about it locating the ISP I got ads for nacogdoches, an unusual name, when
    I just started using the computer there, there is no other way the could have done this besides the ip ranges. I might look for a good proxy server to see if it counters their technique, which it should.

  11. Lucian

    Probably they are using a database with IP’s associated to regions/cities, you can find information about IP addresses too using http://www.ipgp.net

  12. Anonymous

    Whil using a proxy (e.g. hidemyass.com) you will get a defauly banner ad and not one labeling you city.

    Case in point:
    There is one of those “cam-whore” banner ads that show the model with a piece of paper says “I love “. Viewed through a proxy the same piece of paper says “I love my town”. Kinda cool!

  13. Leo A. Notenboom

    —–BEGIN PGP SIGNED MESSAGE—–
    Hash: SHA1

    Oh yeah, only *300 MILES* off for me.

    Sorry, but these services are simple NOT reliable and RARELY lead people close
    enough to you home for anything significant.

    Leo

    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v1.4.7 (MingW32)

    iD8DBQFHargKCMEe9B/8oqERAjGwAJ9RlFUAqaVzM+dM5hTRr3fR1MWTegCfeMul
    wOctEKl4p7HmgDTLz5eixdI=
    =UkxJ
    —–END PGP SIGNATURE—–

  14. LaurieP

    I don’t think anyone here really knows what they are talking about. When I go on a site for the first time, the ads mention the exact town where I live. My ISP is located over 500 miles from me so the ads are not locking onto my ISP, they know where I am. How is this possible? I saw similar on a chat room where a guests info would include their location and I used to freak people out by guessing correctly where they were, I did’t think about privacy at that time. There must be a way to block your info.

  15. LaurieP

    I don’t think anyone here really knows what they are talking about. When I go on a site for the first time, the ads mention the exact town where I live. My ISP is located over 500 miles from me so the ads are not locking onto my ISP, they know where I am. How is this possible? I saw similar on a chat room where a guests info would include their location and I used to freak people out by “guessing” correctly where they were, I did’t think about privacy at that time. There must be a way to block your info.

Comments are closed.