Online Profiling - analysis and intervention to protect privacy

Online-Profiling wird insbesondere im Online-Marketing intensiv genutzt, um eigentlich anonyme Webseitenbesucher_innen zu kategorisieren und ihnen auf Basis ihres Surfverhaltens bestimmte Eigenschaften zuzuschreiben. Erweiterte Einsatzzwecke, wie etwa das Kreditscoring, zeigen allerdings, dass die vermeintlich anonymen Profile Auswirkungen auf die informationelle Selbstbestimmung und letztlich die Autonomie des_der Betroffenen haben. Neben einer Analyse der Hintergründe von Profiling und den Auswirkungen auf Privatheit, stellt diese Arbeit Möglichkeiten für Nutzer_innen vor, die Transparenz von und Intervenierbarkeit in Profile herstellen können. Dazu wurde ein neues Verfahren zur user-zentrierten Online-Tracking-Analyse entwickelt und der Nachweis erbracht, dass die vorgestellten Methoden zur Obfuscation (Verschleierung) einen Effekt auf die Interessenprofile eines Anbieters haben.Online-Profiling is heavily used in online marketing to categorize website visitors that consider themselves to be anonymous. Profiles are assigned based on Online-Tracking techniques that try to reconstruct a user's web history. The use for these profiles is continuously expanded and currently also in use for credit scoring. This development highlights the influence profiling has on the informational self-determination and therefore the autonomy of those being profiled. Besides an analysis of Online-Profiling this dissertation contains new approaches to transparency and intervenability for web users. A new methodology is used for a user-centered Online-Tracking study and we provide evidence that the obfuscation method we developed is effective in influencing the interest profiles created by one large tracking provider

We Value Your Privacy ... Now Take Some Cookies: Measuring the GDPR's Impact on Web Privacy

The European Union's General Data Protection Regulation (GDPR) went into effect on May 25, 2018. Its privacy regulations apply to any service and company collecting or processing personal data in Europe. Many companies had to adjust their data handling processes, consent forms, and privacy policies to comply with the GDPR's transparency requirements. We monitored this rare event by analyzing the GDPR's impact on popular websites in all 28 member states of the European Union. For each country, we periodically examined its 500 most popular websites - 6,579 in total - for the presence of and updates to their privacy policy. While many websites already had privacy policies, we find that in some countries up to 15.7 % of websites added new privacy policies by May 25, 2018, resulting in 84.5 % of websites having privacy policies. 72.6 % of websites with existing privacy policies updated them close to the date. Most visibly, 62.1 % of websites in Europe now display cookie consent notices, 16 % more than in January 2018. These notices inform users about a site's cookie use and user tracking practices. We categorized all observed cookie consent notices and evaluated 16 common implementations with respect to their technical realization of cookie consent. Our analysis shows that core web security mechanisms such as the same-origin policy pose problems for the implementation of consent according to GDPR rules, and opting out of third-party cookies requires the third party to cooperate. Overall, we conclude that the GDPR is making the web more transparent, but there is still a lack of both functional and usable mechanisms for users to consent to or deny processing of their personal data on the Internet.Comment: Published at NDSS 201

Cost Effectiveness of Molecular Diagnostic Testing Algorithms for the Treatment Selection of Frontline Ibrutinib for Patients with Chronic Lymphocytic Leukemia in Australia

BACKGROUND: Clinical indications for ibrutinib reimbursement in Australia should consider the inclusion of patients with chronic lymphocytic leukemia (CLL) harboring prognostically unfavorable TP53/IGHV genomic aberrations. This study assessed the cost effectiveness of five first-line treatment strategies in CLL for young (aged ≤ 65 years), fit patients without significant comorbidities: (1) no testing (fludarabine, cyclophosphamide and rituximab [FCR] for all), (2) test for del(17p) only, (3) test for TP53 gene mutation status, (4) test for TP53 and IGHV gene mutation status and (5) no testing (ibrutinib for all).METHOD: A decision analytic model (decision tree and partitioned survival model) was developed from the Australian healthcare system perspective with a lifetime horizon. Comparative treatment effects were estimated from indirect treatment comparisons and survival analysis using several studies. Costs, utility and adverse events were derived from public literature sources. Deterministic and probabilistic sensitivity analyses explored the impact of modeling uncertainties on outcomes.RESULTS: Strategy 1 was associated with 5.69 quality-adjusted life-years (QALYs) and cost 458,836 Australian dollars (AUD). All other strategies had greater effectiveness but were more expensive than Strategy 1. At the willingness-to-pay (WTP) threshold of 100,000 AUD per QALY gained, Strategy 1 was most cost effective with an estimated probability of 68.8%. Strategy 4 was cost effective between thresholds 155,000-432,300 AUD per QALY gained, and Strategy 5 &gt;432,300 AUD per QALY gained.CONCLUSION: Population targeting using mutation testing for TP53 and IGHV when performed with del(17p) testing specifically in the context of frontline ibrutinib choice does not make a cost-ineffective treatment into a cost-effective treatment.</p

Comparing Large-Scale Privacy and Security Notifications

Over the last decade, web security research has used notification campaigns as a tool to help web operators fix security problems or stop infrastructure abuse. First attempts at applying this approach to privacy issues focused on single services or vendors. Hence, little is known if notifications can also raise awareness and encourage remediation of more complex, vendor-independent violations of privacy legislation at scale, such as informed consent to cookie usage under the EU's ePrivacy Directive or the General Data Protection Regulation's requirement for a privacy policy. It is also unclear how privacy notifications perform and are perceived compared to those about security vulnerabilities. To fill this research gap, we conduct a large-scale, automated email notification study with more than 115K websites we notify about lack of a privacy policy, use of third-party cookies without or before informed consent, and input forms for personal data that do not use HTTPS. We investigate the impact of warnings about fines and compare the results with security notifications to more than 40K domains about openly accessible Git repositories. Based on our measurements and interactions with operators through email and a survey, we find that notifications about privacy issues are not as well received as security notifications. They result in lower fix rates, less incentive to take immediate action, and more negative feedback. Specific reasons include a lack of awareness and knowledge of privacy laws' applicability, difficulties to pinpoint the problem, and limited intrinsic motivation

A Tale of Two Regulatory Regimes: Creation and Analysis of a Bilingual Privacy Policy Corpus

Over the past decade, researchers have started to explore the use of NLP to develop tools aimed at helping the public, vendors, and regulators analyze disclosures made in privacy policies. With the introduction of new privacy regulations, the language of privacy policies is also evolving, and disclosures made by the same organization are not always the same in different languages, especially when used to communicate with users who fall under different jurisdictions. This work explores the use of language technologies to capture and analyze these differences at scale. We introduce an annotation scheme designed to capture the nuances of two new landmark privacy regulations, namely the EU\u27s GDPR and California\u27s CCPA/CPRA. We then introduce the first bilingual corpus of mobile app privacy policies consisting of 64 privacy policies in English (292K words) and 91 privacy policies in German (478K words), respectively with manual annotations for 8K and 19K fine-grained data practices. The annotations are used to develop computational methods that can automatically extract “disclosures” from privacy policies. Analysis of a subset of 59 “semi-parallel” policies reveals differences that can be attributed to different regulatory regimes, suggesting that systematic analysis of policies using automated language technologies is indeed a worthwhile endeavor. © European Language Resources Association (ELRA), licensed under CC-BY-NC-4.0

Privacy Rarely Considered: Exploring Considerations in the Adoption of Third-Party Services by Websites

Modern websites frequently use and embed third-party services to facilitate web development, connect to social media, or for monetization. This often introduces privacy issues as the inclusion of third-party services on a website can allow the third party to collect personal data about the website’s visitors. While the prevalence and mechanisms of third-party web tracking have been widely studied, little is known about the decision processes that lead to websites using third-party functionality and whether efforts are being made to protect their visitors' privacy. We report results from an online survey with 395 participants involved in the creation and maintenance of websites. For ten common website functionalities we investigated if privacy has played a role in decisions about how the functionality is integrated, if specific efforts for privacy protection have been made during integration, and to what degree people are aware of data collection through third parties. We find that ease of integration drives third-party adoption but visitor privacy is considered if there are legal requirements or respective guidelines. Awareness of data collection and privacy risks is higher if the collection is directly associated with the purpose for which the third-party service is used