So what is a device fingerprint?
A device fingerprint can be defined as "a set of information elements that identifies a device or application instance". In other words, it is something that can be used to single out or infer a user or a device over time. This is particularly helpful for providers of tailored advertising or web analytics services.
Data commonly used to create this fingerprint are derived from device settings and data exposed by the device's use of network communications protocols. The data can include details such as your browser and device information that is ordinarily transferred to return the webpage sought to your particular device and in the correct format and layout.
Device fingerprinting is not limited to a desktop PC-based web browser, and it traverses many device types and protocols, applying to smart TVs, mobile devices and e-book readers. This fact contrasts with 'traditional' cookies which were largely limited to desktop web browsers and would not usually identify the same user across different browsers installed on the same computer. Consequently, as the WP notes, device fingerprints are now being used by online services as an alternative to HTTP cookies for analytics, tracking and ad tailoring.
The cookies rules
The Opinion specifically examines device fingerprinting in the context of the ePrivacy Directive, rather than from a data protection angle. One of the well-recognised aspects of the ePrivacy Directive is the regulation of cookies and the associated information and consent requirements. The WP's primary concern for device fingerprinting appears to be that users are not afforded the same information and consent options as with cookies. By utilising...