DOCSLIB.ORG

Factors That Affect Users' Willingness to Share Information with Online

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Factors That Affect Users' Willingness to Share Information with Online What Matters to Users? Factors that Affect Users’ Willingness to Share Information with Online Advertisers Pedro Giovanni Leon∗, Blase Ur∗, Yang Wangz, Manya Sleeper∗, Rebecca Balebako∗, Richard Shay∗, Lujo Bauer∗, Mihai Christodorescuy, Lorrie Faith Cranor∗ ∗Carnegie Mellon University yQualcomm Research Silicon Valley zSyracuse University {pedrogln, bur, msleeper, balebako, [email protected] [email protected] rshay, lbauer, lorrie}@cmu.edu ABSTRACT 1. INTRODUCTION Much of the debate surrounding online behavioral adver- Online behavioral advertising (OBA), the practice of tar- tising (OBA) has centered on how to provide users with geting online advertising based on users' past online activi- notice and choice. An important element left unexplored ties, has been the subject of a major privacy debate in recent is how advertising companies' privacy practices affect users' years. Reports released in 2012 by the U.S. Federal Trade attitudes toward data sharing. We present the results of Commission [5] and the White House [36] discuss the pri- a 2,912-participant online study investigating how facets of vacy tradeoffs inherent in this practice. At the same time, privacy practices|data retention, access to collected data, browser vendors have recently taken steps to reduce track- and scope of use|affect users' willingness to allow the col- ing: Microsoft sends a Do Not Track signal by default in IE lection of behavioral data. We asked participants to visit a 10 [22], and Mozilla has announced that Firefox will even- health website, explained OBA to them, and outlined poli- tually block third-party cookies by default [6]. cies governing data collection for OBA purposes. These poli- As battles rage about default behaviors and options, av- cies varied by condition. We then asked participants about erage users are asked to make choices about their privacy their willingness to permit the collection of 30 types of infor- preferences regarding online behavioral advertising. In some mation. We identified classes of information that most par- cases, these choices have limited granularity. For instance, ticipants would not share, as well as classes that nearly half with the Do Not Track signal under debate [31], users have of participants would share. More restrictive data-retention the choice of actively turning Do Not Track on or off, or and scope-of-use policies increased participants' willingness leaving it unset. In many other cases, however, users have to allow data collection. In contrast, whether the data was a more complex decision to make. As part of the advertis- collected on a well-known site and whether users could re- ing industry's self-regulation program, users can opt out of view and modify their data had minimal impact. We discuss behavioral advertising from individual companies [25]. Simi- public policy implications and improvements to user inter- larly, third-party privacy tools like Abine's DoNotTrackMe1 faces to align with users' privacy preferences. and Evidon's Ghostery2 enable users to see which compa- nies are tracking their activities on a particular site, and to Categories and Subject Descriptors block particular companies. In past work, researchers have found that familiarity with a third-party tracking company K.4.1 [Computers and Society]: Public Policy Issues| influences users' attitudes about data collection [34]. Privacy Unfortunately, little is known about other factors that may influence users' preferences. For instance, does the General Terms length of time behavioral data is retained actually matter to most users? Does it make a difference whether data is Human Factors, Design used to target advertisements only on a single first-party website, or on Facebook, or on any website on the Inter- Keywords net? This understanding is crucial for the design of future Privacy, User Preferences, Online Behavioral Advertising, OBA privacy tools. For instance, when a privacy tool asks OBA, Tracking, Data Retention, Do Not Track the user to decide whether to permit or block the collection of data by a particular entity, the tool could highlight that entity's privacy practices that most strongly affect users' de- cisions. Better understanding the drivers of user behavior might also influence public policy. For instance, laws and regulations designed to support consumer privacy could fo- cus on practices that most affect users' comfort with data collection and sharing, rather than focusing on distinctions Copyright is held by the author/owner. Permission to make digital or hard that have little bearing on users' preferences. copies of all or part of this work for personal or classroom use is granted without fee. 1 https://www.abine.com Symposium on Usable Privacy and Security (SOUPS) 2013, July 24–26, 2 2013, Newcastle, UK. http://www.ghostery.com 1 In this paper, we examine how four dimensions of privacy allowing users to be linked to one or more social networking practices impact users' willingness to permit the collection profiles. They also found that some websites directly leaked of data for OBA. These dimensions are the length of time personally identifiable information [15]. Roosendaal found data will be retained, whether or not a user will have access that Facebook tracked both users and non-users of Facebook to review and modify this data, the range of websites on across the Internet using cookies attached to \Like" buttons which advertising will be targeted based on this data, and embedded in other pages [28]. whether the data was collected on a well-known website. This large data footprint leads to privacy concerns. Re- To this end, we conducted a 2,912-participant online sur- tailers can combine credit or debit card histories with data vey. We asked participants to visit a health website. After from online tracking to create detailed customer profiles re- they explored this page, we explained the value proposi- vealing potentially sensitive \lifestyle or medical issue[s]" [9]. tion of online behavioral advertising: that advertising and Even when data is collected in an aggregated, ostensibly the collection of data for targeted ads enable websites to be anonymized manner, bulk collection leaves the potential for free. We then showed the participant this website's data- re-identification [7, 24]. collection practices, with details varied based on the partic- Users tend to dislike the idea of being tracked and profiled ipant's condition. In different conditions, participants were by third parties [8]. Based on 48 semi-structured interviews, told that data would be retained for one day or indefinitely; Ur et al. found that participants recognized both pros and they were told or not told that they would be provided ac- cons of OBA, pointing out that OBA can be useful to both cess to review and modify collected data; participants were users and companies, yet also privacy-invasive. Participants told that data would be used for targeted advertising only did not understand how ads were targeted and believed com- on the health site, on both the health site and Facebook, panies collected more information than they generally col- or on any website; and the health site itself was either well lect [34]. Respondents to a 2011 survey conducted by Mc- known or a site we invented. We then asked participants Donald and Peha also believed that websites could collect to rate their willingness to allow the collection of 30 differ- more data than is currently accessible [21]. Wills and Zeli- ent types of information, and to answer additional questions jkovic created a JavaScript tool to show a user's location, related to their OBA preferences. age range and gender, all of which could be determined by Nearly half of our participants were unwilling to allow the third-party sites. Approximately half of their 1,800 partici- collection of any data, while the site's privacy practices im- pants were concerned about third-party tracking, the level of pacted the remaining participants' attitudes. Of the four data collection, and the ability of third-party data trackers dimensions we examined, the scope of use and the period of to infer demographic information after seeing these data [38]. data retention had the greatest impact on participants' will- OBA is currently self-regulated under guidelines created ingness to allow their information to be collected. Having by the advertising industry. These guidelines require that access to view and modify data collected, as well as par- users be provided the option to opt out of targeted ads [25], ticipants' familiarity with the website on which data was but do not mandate options for fine-grained control [19]. Un- being collected, did not appear to affect their willingness to der current guidelines, users are notified of the presence of allow data collection, at least in the narrow scenario we in- behavioral advertising through an AdChoices icon that ap- vestigated. Furthermore, the majority of participants were pears near or inside the ad. However, Leon et al. found that not willing to pay any money to prevent data collection or most users did not understand the purpose of this icon [17]. remove advertising, believing websites should be free. Users are currently able to limit online behavioral adver- We provide background on the debate surrounding online tising in several ways. By clicking on the AdChoices icon, behavioral advertising and highlight related work in Sec- users can visit an opt-out page that allows them to opt out of tion2. In Section3, we describe our methodology. We ad networks individually. Alternatively, they can use third- present our results in Section4, beginning with our factor party tools that block tracking, or even block ads entirely. analysis and proceeding through the four dimensions of pri- However, there are problems with all of these opt-out mech- vacy practices we investigated. We discuss our results in anisms. For instance, Komanduri et al. found many gaps Section5 before concluding in Section6.
Load more

Recommended publications
  • Personal Data Processing Policy
    PERSONAL DATA PROCESSING POLICY (website, customers and prospects) Cisbio Bioassays is a business-to-business (B2B) company and in most cases, the information we process concerns legal entities and not individuals. Nevertheless, behind the companies, there are men and women. Respect for your privacy and the protection of your personal data is a priority and constant concern for Cisbio Bioassays, who have adopted a "privacy by design" approach. This notably implies that your personal data is protected by default both in terms of the system design and Cisbio Bioassays internal practices. Everyone in our company that is required to view or use personal data has been trained to respect the applicable law and the issues of confidentiality. Data processing is performed transparently within the rights granted to you by the laws and regulations, but also by this personal data processing policy. The protection of your privacy is ensured from end to end, from the design of the application to the erasure of your data. Cisbio Bioassays ensures a high level of protection in accordance with the European standards for the protection of personal data to all its customers and users, whatever their country of origin and, subject to legal and regulatory obligations, regardless of where they access the services. OUR PRINCIPLES, OUR ETHICS Our ethics on privacy protection and personal data is based on the following principles: • Transparency and loyalty: you know what information is collected, by whom, by what means and for which use. At any moment you can also request details on the processing implemented by contacting our services.
    [Show full text]
  • Browsercookies Und Alternative Tracking-Technologien: Technische Und Datenschutzrechtliche Aspekte
    Browsercookies und alternative Tracking-Technologien: technische und datenschutzrechtliche Aspekte Inhaltsübersicht 1. Einleitung 2. Tracking und Datenschutz 2.1. Personenbezogene Daten 2.2. Nutzungsdaten 2.3. Pseudonyme Daten 2.4. Anonyme Daten 2.5. Praktische Relevanz der Unterscheidung 3. Browser-Cookies 3.1. First- und Third-Party-Cookies 3.2. Einsatz von Browser-Cookies zur Messung, Steuerung und Profilbildung 3.3. Cookies und Datenschutz 3.3.1. Datenschutzrechtliche Regelungen im Telemediengesetz (TMG) 3.3.2. Die Cookie-Richtlinie 3.3.3. Fazit 4. Alternative Tracking-Technologien 4.1. Browser-basierte Technologien 4.1.1. Fingerprinting 4.1.2. Common-IDs 4.1.3. eTag 4.1.4. Local Storage (auch Web Storage, DOM Storage) 4.1.5. Flash-Cookies 4.1.6. Authentication Cache 4.2. Mobile app-basierte Technologien 4.2.1. Device abhängige IDs von Apple iOS 4.2.2. Device abhängige IDs von Google Android 4.3. Datenschutzrechtliche Aspekte bei alternativen Tracking-Technologien 5. Selbstregulierung in Deutschland (DDOW) 5.1. Technologieneutraler Geltungsbereich 5.2. Die Informationspflichten 5.3. Die Kontrollmöglichkeiten für Verbraucher 5.4. Weitere Verpflichtungen 6. Ausblicke – Regelungen einer künftigen Datenschutzgrundverordnung 1. Einleitung Im Internet versteht man unter Tracking die quantitative Messung und das Nachvollziehen des Nutzerverhaltens auf Websites sowie in einem weiteren Nutzungskontext die Messung von Werbeeinblendungen zum Zweck der Auslieferungskontrolle und -steuerung. Ein verlässlich funktionierendes Tracking, das eindeutige Ergebnisse über alle benötigten Metriken liefert und zugleich eine optimale Aussteuerung erlaubt, ist für Webangebote und werbetreibende Unternehmen im heute bestehenden wirtschaftlichen Konkurrenzumfeld absolut unerlässlich. Den technologischen Schlüssel zu einem leistungsfähigen Tracking liefert bis heute das Browsercookie, das häufig auch einfach nur als „Cookie“ bezeichnet wird.
    [Show full text]
  • Understanding Ad Blockers
    Understanding Ad Blockers A Major Qualifying Project Submitted to the Faculty of Worcester Polytechnic Institute In partial fulfillment of the requirements for the Degree of Bachelor of Science In Computer Science By _________________________________ Doruk Uzunoglu March 21, 2016 _______________________ Professor Craig E. Wills, Project Advisor Professor and Department Head Department of Computer Science ABSTRACT This project aims to provide useful information for users and researchers who would like to learn more about ad blocking. Three main research areas are explored in this project. The first research area provides general information about ad blocking tools and aims to explore ad blockers from a user’s perspective. The second research area provides analyses regarding third­party sites that appear on popular first­party sites in order to explore the behavior of third­parties. Finally, the third research area provides analyses regarding filter lists, which are sets of ad filtering rules used by ad blocking tools. The third research area aims to convey the differences and similarities between individual filter lists as well as sets of filter lists that form the defaults of ad blocking tools. 1 ACKNOWLEDGEMENTS I would like to thank Professor Craig Wills for advising my project, providing insight, and gathering the popular third­party domains data which I analyzed as part of this project. In addition, I would like to thank Jinyan Zang for sharing the third­party data regarding mobile apps, which they have gathered as part of their 2015 paper named “Who Knows What About Me? A Survey of Behind the Scenes Personal Data Sharing to Third Parties by Mobile Apps.” The data provided by Jinyan Zang was also analyzed as part of this project.
    [Show full text]
  • PRIVACY in ONLINE ADVERTISING PLATFORMS a Dissertation
    PRIVACY IN ONLINE ADVERTISING PLATFORMS a dissertation submitted to the department of telematics engineering and the committee on graduate studies of universitat politecnica` de catalunya in partial fulfillment of the requirements for the degree of doctor of philosophy Jos´eAntonio Estrada Jim´enez July 2020 c Copyright by Jos´eAntonio Estrada Jim´enez2020 All Rights Reserved ii I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. (Jordi Forn´eMu~noz) Principal Co-Adviser I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. (Javier Parra Arnau) Principal Co-Adviser Approved for the University Committee on Graduate Studies. iii iv A A. A. v Abstract Online advertising is consistently considered as the pillar of the \free" content on the Web. By giving websites a way of financing their operation, advertising would be preventing users from being charged for the content consumed on the Web. Besides promoting content creation, this revolution of the marketing business created a myriad of new opportunities for advertisers to reach potential customers at the right time. Furthermore, the option of delivering personalized ads has turned advertising into a service that can be really valuable for end users, who thank receiving ads tailored to their interests. Given its apparent success in getting paying customers, online advertising is fueling a billionaire business in which the largest tech companies are involved.
    [Show full text]
  • Mass Surveillance Part 1 - Risks and Opportunities Raised by the Current Generation of Network Services and Applications
    Science and Technology Options Assessment (STOA) Mass Surveillance Part 1 - Risks and opportunities raised by the current generation of network services and applications ANNEX EPRS | European Parliamentary Research Service Scientific Foresight (STOA) Unit PE 527.409 EN Mass Surveillance What are the risks for the citizens and the opportunities for the European Information Society? What are the possible mitigation strategies? Part 1 - Risks and opportunities raised by the current generation of network services and applications Annex IP/G/STOA/FWC-2013-1 - LOT 9 – Safety and security technologies December 2014 STOA - Science and Technology Options Assessment The STOA project “Mass Surveillance – Risks, Opportunities and Mitigation Strategies Part 1” was carried out by TECNALIA Research and Investigation. AUTHORS Arkaitz Gamino Garcia Concepción Cortes Velasco Eider Iturbe Zamalloa Erkuden Rios Velasco Iñaki Eguía Elejabarrieta Javier Herrera Lotero José Javier Larrañeta Ibañez Stefan Schuster (Editor) STOA RESEARCH ADMINISTRATOR Peter Ide-Kostic Scientific Foresight Unit Directorate for Impact Assessment and European Added Value Directorate-General for Parliamentary Research Services European Parliament, Rue Wiertz 60, B-1047 Brussels E-mail: [email protected] LINGUISTIC VERSION Original: EN ABOUT THE PUBLISHER To contact STOA or to subscribe to its newsletter please write to: [email protected] This document is available on the Internet at: http://www.ep.europa.eu/stoa/ Manuscript completed in November, 2014 Brussels, © European Union, 2014 DISCLAIMER The content of this document is the sole responsibility of the author and any opinions expressed therein do not necessarily represent the official position of the European Parliament. It is addressed to the Members and staff of the EP for their parliamentary work.
    [Show full text]
  • A Comparison of Web Privacy Protection Techniques
    A comparison of web privacy protection techniques Johan Mazel Richard Garnier Kensuke Fukuda National Institute of Informatics/JFLI ENSIMAG National Institute of Informatics/Sokendai [email protected] [email protected] [email protected] Abstract—Tracking is pervasive on the web. Third party users regarding their interests. To this end, advertisers leverage trackers acquire user data through information leak from context (e.g. visited website) or previous browsing interests. websites, and user browsing history using cookies and device Advertisers use techniques such as cookies to identify users fingerprinting. In response, several privacy protection techniques (e.g. the Ghostery browser extension) have been developed. To the across websites and build their browsing history. Other tech- best of our knowledge, our work is the first study that proposes niques have also been developed to allow advertising actors a reliable methodology for privacy protection comparison, and to communicate with each other (such as cookie syncing [2]), extensively compares a wide set of privacy protection techniques. or circumvent cookie removal by respawning cookies using Our contributions are the following. First, we propose a robust diverse types of data storage inside the browser (e.g. using methodology to compare privacy protection techniques when crawling many websites, and quantify measurement error. To this Flash [3]). Browser fingerprinting [4] allows a tracking entity end, we reuse the privacy footprint [1] and apply the Kolmogorov- to follow a user across websites without any in-browser data Smirnov test on browsing metrics. This test is likewise applied storage. In response to these techniques, several counter- to HTML-based metrics to assess webpage quality degradation.
    [Show full text]
  • Measurement and Detection of Security Properties of Client-Side Web Applications
    Measurement and Detection of Security Properties of Client-Side Web Applications A Thesis Presented by Michael Weissbacher to The College of Computer and Information Science in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Information Assurance Northeastern University Boston, Massachusetts April 2018 For my parents. Contents List of Figures v List of Tables vii Acknowledgments viii Abstract of the Thesis ix 1 Introduction 1 1.1 Structure of the Thesis .............................. 4 2 Background 5 2.1 HTTP Security Headers ............................. 5 2.1.1 Overview of Security Headers ...................... 5 2.1.2 Browser policy frameworks ....................... 6 2.1.3 Content Security Policy ......................... 7 2.1.4 Evasion and Attacks Against CSP ................... 8 2.1.5 Beyond Level 1 of CSP .......................... 8 2.2 Browser Extensions ................................ 8 2.2.1 Extension Security Aspects for Browsers ................ 8 2.2.2 Privacy leaks in Extensions ....................... 11 2.2.3 Privacy leaks in Other Platforms .................... 11 2.2.4 Extension Ad Injection .......................... 12 2.2.5 Extension Analysis Systems ....................... 12 2.2.6 Tracking: Extensions and the Web ................... 13 2.3 Vulnerabilities in Web Applications ....................... 14 2.3.1 Measuring and Reducing Complexity .................. 14 2.3.2 Single Page Applications ......................... 15 2.3.3 Mash-ups or Widgets ........................... 15 2.3.4 Client-side communication ........................ 16 2.3.5 Popular JavaScript Frameworks ..................... 16 2.3.6 Server-Side Pre-Rendering ........................ 18 2.3.7 Vulnerability Scanners .......................... 19 2.3.8 Analysis of Web Vulnerability Scanners ................. 20 ii 3 Investigating Content Security Policy 22 3.1 Introduction .................................... 22 3.2 Content Security Policy ............................
    [Show full text]
  • Digital Footprints an Internet Society Reference Framework
    Digital Footprints An Internet Society Reference Framework JANUARY 2014 Table of Contents Structure and Use of This Document…………………………………………..1 Guide to the Themes and Sections……………………………………..…..….2 What Is A Digital Footprint?...........................................................................3 How Did We Start Leaving Such Big Footprints?..........................................4 Is “Monetized” the New “Free”?.....................................................................7 Who Is Tracking Me, and How?.....................................................................9 What Problems Can Digital Footprints Cause?..…………….…………..…..12 Different Devices, Different Traces...............................................................14 What Dynamics are at Work in the World of Digital Footprints?...................17 How Does Legislation Affect Digital Footprints?...........................................19 How Can I Manage my Digital Footprints?...................................................22 2 WWW.INTERNETSOCIETY.COM Structure and Use of the Document This framework document has been structured to make it simple for you to understand and manage your digital footprints. Each section deals with a particular topic: how digital footprints are created, why third parties are interested in our digital footprints, how privacy, economics, and legislation intersect, and so on. Each section has been written to be self-contained, giving a description of the problem or topic, why it matters to you, and what you can do about it. We have grouped the sections into three over-arching themes (economics, risk and context), so you can treat the whole thing as a single document, or pick out a single section that interests you most, or read the sections that related to a common theme. We finish with a guidance section, giving examples of four types of action you can take to develop your understanding and control of your digital footprint. If that's your over-riding concern, just go straight to “How can I manage my digital footprints?”.
    [Show full text]
  • Data, Trust, and Transparency in Personalized Advertising by Darren
    Data, Trust, and Transparency in Personalized Advertising by Darren M. Stevenson A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy (Communication) in the University of Michigan 2016 Doctoral Committee: Professor Christian E. Sandvig, Chair Associate Professor Sonya Dal Cin Professor Nicole B. Ellison Professor Shane M. Greenstein, Harvard Business School © Copyright Darren M. Stevenson, 2016 All Rights Reserved For my father who sacrificed much so that I might have opportunities he did not who always encouraged me to do my best ii Acknowledgements I was extremely privileged to pursue doctoral studies. I was also quite fortunate that my particular experience included working alongside so many remarkable people across several stimulating departments and institutions. At each point along the way I received generous intellectual, professional, social, and financial support. As a result, I am indebted to a great number of individuals, academic departments, and organizations willing to support me in various ways during this time. Attempting to recall and thank all those who substantively contributed to my doctoral education and the research reported in this document underscores the collective effort it is to complete a Ph.D., rather than an individualistic endeavor. Additionally, while this dissertation builds directly on the theories, ideas, and in many cases the precise suggestions of numerous colleagues, any errors herein are my own. First and foremost, I am immensely grateful to Christian Sandvig, my Ph.D. supervisor. Christian guided my doctoral studies and this entire research project. Unbeknownst to us at the onset, these efforts would span multiple universities.
    [Show full text]
  • Protecting Users from Third-Party Web Tracking with Trackingfree Browser
    I Do Not Know What You Visited Last Summer: Protecting Users from Third-party Web Tracking with TrackingFree Browser Xiang Pan Yinzhi Cao Yan Chen Northwestern University Columbia University Northwestern University [email protected] [email protected] [email protected] Abstract—Stateful third-party web tracking has drawn the neither of the approaches can completely protect users from attention of public media given its popularity among top Alexa third-party tracking: in addition to browser cookies, a tracker web sites. A tracking server can associate a unique identifier can store user’s unique identifier into many other places on from the client side with the private information contained in the client-side state, such as Flash files [4] [26] [17] and browser referer header of the request to the tracking server, thus recording caches [26] [4] [17]; meanwhile, blacklist tools highly depend the client’s behavior. Faced with the significant problem, existing on all the records in the database and a tracking company can works either disable setting tracking identifiers or blacklist third- party requests to certain servers. However, neither of them can always adopt new domains to track users. completely block stateful web tracking. To address the shortcomings of existing anti-tracking ap- In this paper, we propose TrackingFree, the first anti-tracking proaches, a third-party tracking defense system should achieve browser by mitigating unique identifiers. Instead of disabling the following goals: those unique identifiers, we isolate them into different browser Complete blocking. The system can completely block all principals so that the identifiers still exist but are not unique •existing stateful third-party tracking techniques, such as those among different web sites.
    [Show full text]
  • EFF: How Facebook Monetizes
    Security Now! Transcript of Episode #404 Page 1 of 20 Transcript of Episode #404 EFF: How Facebook Monetizes Description: After catching up with the past week's updates and security news, Iyaz and I share information presented by the Electronic Frontier Foundation (EFF) which describes how Facebook manages the privacy interactions with their third-party data warehouses and advertisers. High quality (64 kbps) mp3 audio file URL: http://media.GRC.com/sn/SN-404.mp3 Quarter size (16 kbps) mp3 audio file URL: http://media.GRC.com/sn/sn-404-lq.mp3 SHOW TEASE: Coming up to Security Now!. Leo's out, but Steve is here to give us the updates on Java, the new Firefox, and to find out how you're making Facebook a lot of money, and more. IYAZ AKHTAR: This is Security Now! with Steve Gibson, Episode 404, recorded May 15th, 2013: How Facebook Monetizes. It's time for Security Now!, the show that helps you stay safe online. And Leo's obviously not in. I'm Iyaz Akhtar, and thankfully I'm joined by the star of Security Now!, the mustachioed master of security, Steve Gibson. Steve Gibson: Hey, Iyaz. Great to be with you today on Episode 404. IYAZ: 404. Steve: The "missing" Security Now!. The "not found" page of Security Now!. IYAZ: But this episode is findable, anyway. It's not going to be 404'd. We've got a full episode coming up. I'm a little fried. I'm going to get that right out, tell people right in the beginning, because this is hour, what, five of broadcasting for me.
    [Show full text]
  • Adblock Plus
    © <2016>. This manuscript version is made available under the CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0/ DOI 10.1016/j.comcom.2016.12.016 1 Online Advertising: Analysis of Privacy Threats and Protection Approaches Jose´ Estrada-Jimenez,´ Javier Parra-Arnau, Ana Rodr´ıguez-Hoyos and Jordi Forne´ Abstract—Online advertising, the pillar of the “free” content Canvas fingerprinting on the Web, has revolutionized the marketing business in recent Disconnect Repriv years by creating a myriad of new opportunities for advertisers DoNotTrackMe User profiling to reach potential customers. The current advertising model AdBlockReal-time bidding builds upon an intricate infrastructure composed of a variety Privad Lightbeam of intermediary entities and technologies whose main aim is to Ghostery Subscribe2WebPrivoxy deliver personalized ads. For this purpose, a wealth of user data Flash cookies Third-party tracking HTTP cookies is collected, aggregated, processed and traded behind the scenes Clickstream at an unprecedented rate. Despite the enormous value of online Cookie matching advertising, however, the intrusiveness and ubiquity of these prac- Privacy Bagder tices prompt serious privacy concerns. This article surveys the Adblock PlusWeb tracking online advertising infrastructure and its supporting technologies, Google Sharing Google Contributor and presents a thorough overview of the underlying privacy risks and the solutions that may mitigate them. We first analyze the Fig. 1: Word cloud of terms related to online advertising, tracking, user threats and potential privacy attackers in this scenario of online profiling, and privacy solutions in this scenario. We discuss all these terms in advertising. In particular, we examine the main components of this work.
    [Show full text]