9,786 research outputs found
XRay: Enhancing the Web's Transparency with Differential Correlation
Today's Web services - such as Google, Amazon, and Facebook - leverage user
data for varied purposes, including personalizing recommendations, targeting
advertisements, and adjusting prices. At present, users have little insight
into how their data is being used. Hence, they cannot make informed choices
about the services they choose. To increase transparency, we developed XRay,
the first fine-grained, robust, and scalable personal data tracking system for
the Web. XRay predicts which data in an arbitrary Web account (such as emails,
searches, or viewed products) is being used to target which outputs (such as
ads, recommended products, or prices). XRay's core functions are service
agnostic and easy to instantiate for new services, and they can track data
within and across services. To make predictions independent of the audited
service, XRay relies on the following insight: by comparing outputs from
different accounts with similar, but not identical, subsets of data, one can
pinpoint targeting through correlation. We show both theoretically, and through
experiments on Gmail, Amazon, and YouTube, that XRay achieves high precision
and recall by correlating data from a surprisingly small number of extra
accounts.Comment: Extended version of a paper presented at the 23rd USENIX Security
Symposium (USENIX Security 14
PrivacyScore: Improving Privacy and Security via Crowd-Sourced Benchmarks of Websites
Website owners make conscious and unconscious decisions that affect their
users, potentially exposing them to privacy and security risks in the process.
In this paper we introduce PrivacyScore, an automated website scanning portal
that allows anyone to benchmark security and privacy features of multiple
websites. In contrast to existing projects, the checks implemented in
PrivacyScore cover a wider range of potential privacy and security issues.
Furthermore, users can control the ranking and analysis methodology. Therefore,
PrivacyScore can also be used by data protection authorities to perform
regularly scheduled compliance checks. In the long term we hope that the
transparency resulting from the published benchmarks creates an incentive for
website owners to improve their sites. The public availability of a first
version of PrivacyScore was announced at the ENISA Annual Privacy Forum in June
2017.Comment: 14 pages, 4 figures. A german version of this paper discussing the
legal aspects of this system is available at arXiv:1705.0888
On the Change in Archivability of Websites Over Time
As web technologies evolve, web archivists work to keep up so that our
digital history is preserved. Recent advances in web technologies have
introduced client-side executed scripts that load data without a referential
identifier or that require user interaction (e.g., content loading when the
page has scrolled). These advances have made automating methods for capturing
web pages more difficult. Because of the evolving schemes of publishing web
pages along with the progressive capability of web preservation tools, the
archivability of pages on the web has varied over time. In this paper we show
that the archivability of a web page can be deduced from the type of page being
archived, which aligns with that page's accessibility in respect to dynamic
content. We show concrete examples of when these technologies were introduced
by referencing mementos of pages that have persisted through a long evolution
of available technologies. Identifying these reasons for the inability of these
web pages to be archived in the past in respect to accessibility serves as a
guide for ensuring that content that has longevity is published using good
practice methods that make it available for preservation.Comment: 12 pages, 8 figures, Theory and Practice of Digital Libraries (TPDL)
2013, Valletta, Malt
Don\u27t Confuse Metatags with Initial Interest Confusion
This Comment focuses on whether the legal doctrine of initial interest confusion should be applied in metatag related trademark infringement cases. The Comment agues that because initial interest confusion does not improve or clarify the existing process of legal inquiry in a trademark infringement litigation, the doctrine is a superfluous legal tool and may even be harmful from a public policy perspective
- …