Enhancing User Privacy in Adaptive Web Sites with Client-Side User Profiles

Web personalization is an elegant and flexible process of making a web site responsive to the unique needs of each individual user. Data that reflects user prefe-rences and likings, comprising therefore a user profile, are gathered to an adaptive web site in a non transpa-rent manner. This situation however raises serious privacy concerns to the end user. When browsing a web site, users are not aware of several important pri-vacy parameters i.e., which behavior will be monitored and logged, how it will be processed, how long it will be kept, and with whom it will be shared in the long run. In this paper we propose an abstract architecture that enhances user privacy during interaction with adaptive web sites. This architecture enables users to create and update their personal privacy preferences for the adaptive web sites they visit by holding their (user) profiles in the client side instead of the server side. By doing so users will be able to self-confine the personalization experience the adaptive sites offer, thus enhancing privacy

Personalised privacy in pervasive and ubiquitous systems

Our world is edging closer to the realisation of pervasive systems and their integration in our everyday life. While pervasive systems are capable of offering many benefits for everyone, the amount and quality of personal information that becomes available raise concerns about maintaining user privacy and create a real need to reform existing privacy practices and provide appropriate safeguards for the user of pervasive environments. This thesis presents the PERSOnalised Negotiation, Identity Selection and Management (PersoNISM) system; a comprehensive approach to privacy protection in pervasive environments using context aware dynamic personalisation and behaviour learning. The aim of the PersoNISM system is twofold: to provide the user with a comprehensive set of privacy protecting tools and to help them make the best use of these tools according to their privacy needs. The PersoNISM system allows users to: a) configure the terms and conditions of data disclosure through the process of privacy policy negotiation, which addresses the current “take it or leave it” approach; b) use multiple identities to interact with pervasive services to avoid the accumulation of vast amounts of personal information in a single user profile; and c) selectively disclose information based on the type of information, who requests it, under what context, for what purpose and how the information will be treated. The PersoNISM system learns user privacy preferences by monitoring the behaviour of the user and uses them to personalise and/or automate the decision making processes in order to unburden the user from manually controlling these complex mechanisms. The PersoNISM system has been designed, implemented, demonstrated and evaluated during three EU funded projects