Low phone battery level may be an unavoidable part of our everyday routine, but this seemingly mundane daily annoyance could be used to track your online activity, new research has found. According to a team of Princeton University security researchers who scoured the top one million websites, there have been instances of sites using HTML5 Battery Status API to track users online.
Battery Status API is used as a web standard to allow site owners to provide users with "low power" versions of their site or app or when one's battery is running low.
In 2015, security researchers warned that HTML Battery Status API allows website owners to access the battery status information of a mobile device or laptop, including the percentage of battery life left in your device, how long it will take for it to die and how long it will take to charge completely once it is plugged in to a power outlet.
The study found that "the capacity of the battery, as well as its level, expose a fingerprintable surface that can be used to track web users in short time intervals".
Now, Princeton security researchers Steve Engelhard and Arvind Narayanan have found that this battery level information, which could be combined with other web identifiers such as one's IP address and browser extensions, is already being used by some websites to "fingerprint" a user's device and track them online.
After creating a web privacy-tracking tool called OpenWPM, the researchers found two tracking scripts that use Battery Status API information to track users' devices. They also noted that "existing privacy tools are not effective in detecting these newer and more obscure fingerprinting techniques".
Although the researchers admit that they are not sure what the information is currently being used for, businesses can potentially try and target users with specific, personalised ads, promotions and products using your device's unique "digital fingerprint".
"Some companies may be analysing the possibility of monetising the access to battery levels," Lukasz Olejnik, one of the four researchers who examined the battery status API's potential privacy issues in 2015, wrote in a blog post. "When battery is running low, people might be prone to some - otherwise different - decisions. In such circumstances, users will agree to pay more for a service."
In May, popular ride-hailing service Uber's head of economic research Keith Chen, told NPR that more users are willing to pay higher "surge prices" up to 9.9 times the usual rate especially if their phone is running low.
"One of the strongest predictors of whether or not you're going to be sensitive to surge... is how much battery you have left on your cellphone," Chen said. "We absolutely don't use that to push you a higher surge price, but it's an interesting psychological fact of human behaviour."