Third Party Tracking in the Mobile Ecosystem

Third party tracking allows companies to identify users and track their behaviour across multiple digital services. This paper presents an empirical study of the prevalence of third-party trackers on 959,000 apps from the US and UK Google Play stores. We find that most apps contain third party tracking, and the distribution of trackers is long-tailed with several highly dominant trackers accounting for a large portion of the coverage. The extent of tracking also differs between categories of apps; in particular, news apps and apps targeted at children appear to be amongst the worst in terms of the number of third party trackers associated with them. Third party tracking is also revealed to be a highly trans-national phenomenon, with many trackers operating in jurisdictions outside the EU. Based on these findings, we draw out some significant legal compliance challenges facing the tracking industry.Comment: Corrected missing company info (Linkedin owned by Microsoft). Figures for Microsoft and Linkedin re-calculated and added to Table

Privacy as a Public Good

Privacy is commonly studied as a private good: my personal data is mine to protect and control, and yours is yours. This conception of privacy misses an important component of the policy problem. An individual who is careless with data exposes not only extensive information about herself, but about others as well. The negative externalities imposed on nonconsenting outsiders by such carelessness can be productively studied in terms of welfare economics. If all relevant individuals maximize private benefit, and expect all other relevant individuals to do the same, neoclassical economic theory predicts that society will achieve a suboptimal level of privacy. This prediction holds even if all individuals cherish privacy with the same intensity. As the theoretical literature would have it, the struggle for privacy is destined to become a tragedy. But according to the experimental public-goods literature, there is hope. Like in real life, people in experiments cooperate in groups at rates well above those predicted by neoclassical theory. Groups can be aided in their struggle to produce public goods by institutions, such as communication, framing, or sanction. With these institutions, communities can manage public goods without heavy-handed government intervention. Legal scholarship has not fully engaged this problem in these terms. In this Article, we explain why privacy has aspects of a public good, and we draw lessons from both the theoretical and the empirical literature on public goods to inform the policy discourse on privacy

Unmanned Systems Sentinel / 3 June 2016

Approved for public release; distribution is unlimited

Undetectable Communication: The Online Social Networks Case

Online Social Networks (OSNs) provide users with an easy way to share content, communicate, and update others about their activities. They also play an increasingly fundamental role in coordinating and amplifying grassroots movements, as demonstrated by recent uprisings in, e.g., Egypt, Tunisia, and Turkey. At the same time, OSNs have become primary targets of tracking, profiling, as well as censorship and surveillance. In this paper, we explore the notion of undetectable communication in OSNs and introduce formal definitions, alongside system and adversarial models, that complement better understood notions of anonymity and confidentiality. We present a novel scheme for secure covert information sharing that, to the best of our knowledge, is the first to achieve undetectable communication in OSNs. We demonstrate, via an open-source prototype, that additional costs are tolerably low

Privacy and Security Implications in COVID-19 Tracking/Tracing Apps

The problem addressed by this research paper is the lack of data security and privacy in COVID-19 tracking and tracing mobile applications. There have been reports of countless COVID-19 tracking and tracing apps leaking data and making use of geo location, which has left users fearful of their data being misused. This research intends to examine and investigate those mobile applications, their features, and their working mechanisms to disclose potential threats to user data. In case the personal user data gets in the hands of people with ill intentions, the data can be misused to commit illegal activities, putting the lives and legal records of users directly in harm. Hence, this is a crucial topic to be studied and solved in the current times. This research paper will firstly be explaining terms like tracking and tracing in order to make the concept of these mobile applications clearer to the readers. Additionally, this research paper will be presenting a list of all the COVID-19 tracking and tracing that have been available and are active around the world, including the USA. Furthermore, this research paper will be presenting cases of COVID-19 tracking and tracing apps that have been found to have violated user privacy and data security. Then, this research paper will be investigating the features of these faulty covid-19 tracking and tracing applications for flaws that result in unauthorized data sharing. After that, this research paper will be making educating recommendations and suggestions to users to prevent unauthorized data sharing and disruption of their data privacy. Lastly, this research paper will be studying multiple researches done on the same topic previously by researchers around the world and will be providing critical review on those research papers published before this one. By performing research on all the previously mentioned topics, this research paper intends to contribute to the process of solving user privacy and data security issues in COVID-19 tracking and tracing applications

Program Analysis of Commodity IoT Applications for Security and Privacy: Challenges and Opportunities

Recent advances in Internet of Things (IoT) have enabled myriad domains such as smart homes, personal monitoring devices, and enhanced manufacturing. IoT is now pervasive---new applications are being used in nearly every conceivable environment, which leads to the adoption of device-based interaction and automation. However, IoT has also raised issues about the security and privacy of these digitally augmented spaces. Program analysis is crucial in identifying those issues, yet the application and scope of program analysis in IoT remains largely unexplored by the technical community. In this paper, we study privacy and security issues in IoT that require program-analysis techniques with an emphasis on identified attacks against these systems and defenses implemented so far. Based on a study of five IoT programming platforms, we identify the key insights that result from research efforts in both the program analysis and security communities and relate the efficacy of program-analysis techniques to security and privacy issues. We conclude by studying recent IoT analysis systems and exploring their implementations. Through these explorations, we highlight key challenges and opportunities in calibrating for the environments in which IoT systems will be used.Comment: syntax and grammar error are fixed, and IoT platforms are updated to match with the submissio