Online advertising: analysis of privacy threats and protection approaches

Online advertising, the pillar of the “free” content on the Web, has revolutionized the marketing business in recent years by creating a myriad of new opportunities for advertisers to reach potential customers. The current advertising model builds upon an intricate infrastructure composed of a variety of intermediary entities and technologies whose main aim is to deliver personalized ads. For this purpose, a wealth of user data is collected, aggregated, processed and traded behind the scenes at an unprecedented rate. Despite the enormous value of online advertising, however, the intrusiveness and ubiquity of these practices prompt serious privacy concerns. This article surveys the online advertising infrastructure and its supporting technologies, and presents a thorough overview of the underlying privacy risks and the solutions that may mitigate them. We first analyze the threats and potential privacy attackers in this scenario of online advertising. In particular, we examine the main components of the advertising infrastructure in terms of tracking capabilities, data collection, aggregation level and privacy risk, and overview the tracking and data-sharing technologies employed by these components. Then, we conduct a comprehensive survey of the most relevant privacy mechanisms, and classify and compare them on the basis of their privacy guarantees and impact on the Web.Peer ReviewedPostprint (author's final draft

Investigating the information-seeking behaviour of academic lawyers: From Ellis's model to design.

Information-seeking is important for lawyers, who have access to many dedicated electronic resources.However there is considerable scope for improving the design of these resources to better support information-seeking. One way of informing design is to use information-seeking models as theoretical lenses to analyse users’ behaviour with existing systems. However many models, including those informed by studying lawyers, analyse information-seeking at a high level of abstraction and are only likely to lead to broad-scoped design insights. We illustrate that one potentially useful (and lowerlevel) model is Ellis’s - by using it as a lens to analyse and make design suggestions based on the information-seeking behaviour of twenty-seven academic lawyers, who were asked to think aloud whilst using electronic legal resources to find information for their work. We identify similar information-seeking behaviours to those originally found by Ellis and his colleagues in scientific domains, along with several that were not identified in previous studies such as ‘updating’ (which we believe is particularly pertinent to legal information-seeking). We also present a refinement of Ellis’s model based on the identification of several levels that the behaviours were found to operate at and the identification of sets of mutually exclusive subtypes of behaviours

Evaluating the End-User Experience of Private Browsing Mode

Nowadays, all major web browsers have a private browsing mode. However, the mode's benefits and limitations are not particularly understood. Through the use of survey studies, prior work has found that most users are either unaware of private browsing or do not use it. Further, those who do use private browsing generally have misconceptions about what protection it provides. However, prior work has not investigated \emph{why} users misunderstand the benefits and limitations of private browsing. In this work, we do so by designing and conducting a three-part study: (1) an analytical approach combining cognitive walkthrough and heuristic evaluation to inspect the user interface of private mode in different browsers; (2) a qualitative, interview-based study to explore users' mental models of private browsing and its security goals; (3) a participatory design study to investigate why existing browser disclosures, the in-browser explanations of private browsing mode, do not communicate the security goals of private browsing to users. Participants critiqued the browser disclosures of three web browsers: Brave, Firefox, and Google Chrome, and then designed new ones. We find that the user interface of private mode in different web browsers violates several well-established design guidelines and heuristics. Further, most participants had incorrect mental models of private browsing, influencing their understanding and usage of private mode. Additionally, we find that existing browser disclosures are not only vague, but also misleading. None of the three studied browser disclosures communicates or explains the primary security goal of private browsing. Drawing from the results of our user study, we extract a set of design recommendations that we encourage browser designers to validate, in order to design more effective and informative browser disclosures related to private mode

Literature Overview - Privacy in Online Social Networks

In recent years, Online Social Networks (OSNs) have become an important\ud part of daily life for many. Users build explicit networks to represent their\ud social relationships, either existing or new. Users also often upload and share a plethora of information related to their personal lives. The potential privacy risks of such behavior are often underestimated or ignored. For example, users often disclose personal information to a larger audience than intended. Users may even post information about others without their consent. A lack of experience and awareness in users, as well as proper tools and design of the OSNs, perpetuate the situation. This paper aims to provide insight into such privacy issues and looks at OSNs, their associated privacy risks, and existing research into solutions. The final goal is to help identify the research directions for the Kindred Spirits project

Web 2.0 and folksonomies in a library context

This is the post-print version of the Article. The official published version can be accessed from the link below - Copyright @ 2011 ElsevierLibraries have a societal purpose and this role has become increasingly important as new technologies enable organizations to support, enable and enhance the participation of users in assuming an active role in the creation and communication of information. Folksonomies, a Web 2.0 technology, represent such an example. Folksonomies result from individuals freely tagging resources available to them on a computer network. In a library environment folksonomies have the potential of overcoming certain limitations of traditional classification systems such as the Library of Congress Subject Headings (LCSH). Typical limitations of this type of classification systems include, for example, the rigidity of the underlying taxonomical structures and the difficulty of introducing change in the categories. Folksonomies represent a supporting technology to existing classification systems helping to describe library resources more flexibly, dynamically and openly. As a review of the current literature shows, the adoption of folksonomies in libraries is novel and limited research has been carried out in the area. This paper presents research into the adoption of folksonomies for a University library. A Web 2.0 system was developed, based on the requirements collected from library stakeholders, and integrated with the existing library computer system. An evaluation of the work was carried out in the form of a survey in order to understand the possible reactions of users to folksonomies as well as the effects on their behavior. The broad conclusion of this work is that folksonomies seem to have a beneficial effect on users’ involvement as active library participants as well as encourage users to browse the catalogue in more depth

Reducing risky security behaviours:utilising affective feedback to educate users

Despite the number of tools created to help end-users reduce risky security behaviours, users are still falling victim to online attacks. This paper proposes a browser extension utilising affective feedback to provide warnings on detection of risky behaviour. The paper provides an overview of behaviour considered to be risky, explaining potential threats users may face online. Existing tools developed to reduce risky security behaviours in end-users have been compared, discussing the success rate of various methodologies. Ongoing research is described which attempts to educate users regarding the risks and consequences of poor security behaviour by providing the appropriate feedback on the automatic recognition of risky behaviour. The paper concludes that a solution utilising a browser extension is a suitable method of monitoring potentially risky security behaviour. Ultimately, future work seeks to implement an affective feedback mechanism within the browser extension with the aim of improving security awareness

CHORUS Deliverable 2.2: Second report - identification of multi-disciplinary key issues for gap analysis toward EU multimedia search engines roadmap

After addressing the state-of-the-art during the first year of Chorus and establishing the existing landscape in multimedia search engines, we have identified and analyzed gaps within European research effort during our second year. In this period we focused on three directions, notably technological issues, user-centred issues and use-cases and socio- economic and legal aspects. These were assessed by two central studies: firstly, a concerted vision of functional breakdown of generic multimedia search engine, and secondly, a representative use-cases descriptions with the related discussion on requirement for technological challenges. Both studies have been carried out in cooperation and consultation with the community at large through EC concertation meetings (multimedia search engines cluster), several meetings with our Think-Tank, presentations in international conferences, and surveys addressed to EU projects coordinators as well as National initiatives coordinators. Based on the obtained feedback we identified two types of gaps, namely core technological gaps that involve research challenges, and “enablers”, which are not necessarily technical research challenges, but have impact on innovation progress. New socio-economic trends are presented as well as emerging legal challenges

Revisiting revisitation in computer interaction: organic bookmark management.

According to Milic-Frayling et al. (2004), there are two general ways of user browsing i.e. search (finding a website where the user has never visited before) and revisitation (returning to a website where the user has visited in the past). The issue of search is relevant to search engine technology, whilst revisitation concerns web usage and browser history mechanisms. The support for revisitation is normally through a set of functional built-in icons e.g. History, Back, Forward and Bookmarks. Nevertheless, for returning web users, they normally find it is easier and faster to re-launch an online search again, rather than spending time to find a particular web site from their personal bookmark and history records. Tauscher and Greenberg (1997) showed that revisiting web pages forms up to 58% of the recurrence rate of web browsing. Cockburn and McKenzie (2001) also stated that 81% of web pages have been previously visited by the user. According to Obendorf et al. (2007), revisitation can be divided into four classifications based on time: short-term (72.6% revisits within an hour), medium-term (12% revisits within a day and 7.8% revisits within a week), and long-term (7.6% revisits longer than a week)