and interaction based
play

and Interaction-based Third-party Cookie Policy Istemi Ekin Akkus 1 - PowerPoint PPT Presentation

The Case for a General and Interaction-based Third-party Cookie Policy Istemi Ekin Akkus 1 , Nicholas Weaver 2 1 Max Planck Institute for Software Systems (MPI-SWS) 2 ICSI & UC Berkeley Sample Web Page Content Optimized with Ad web


  1. The Case for a General and Interaction-based Third-party Cookie Policy Istemi Ekin Akkus 1 , Nicholas Weaver 2 1 Max Planck Institute for Software Systems (MPI-SWS) 2 ICSI & UC Berkeley

  2. Sample Web Page • Content – Optimized with Ad web analytics • Advertisements – Monetization Best • Social widgets Kitty Food – Engagement and exposure The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 2 based Third-party Cookie Policy

  3. Third-party Tracking Ad Network Data Aggregator Publisher Online Social Network Client The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 3 based Third-party Cookie Policy

  4. Current State of Tracking Criticisms of third parties Mostly aggregators/ad networks  Do-Not-Track proposal  Client-side tools to  Voluntary opt-outs by block tracking aggregators Not easily enforced Hinder functionality OSNs can still track Suffering web analytics & Status quo! social engagement Users unhappy  Publishers unhappy  The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 4 based Third-party Cookie Policy

  5. Goal Devise a general cookie policy that  Prevents third parties from tracking  Enables social features on-demand  Does not penalize non-tracking services The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 5 based Third-party Cookie Policy

  6. Outline • Assumptions • Existing approaches and shortcomings – Cookie policies – Blacklist-based client tools • Our policy – Two-click control – Generalization • Discussion • Implementation and preliminary evaluation • Future & ongoing work The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 6 based Third-party Cookie Policy

  7. Assumptions • No attempts to circumvent cookie preferences – No ‘ stateless ’ tracking (i.e., fingerprinting) – No ‘ behind-the-scenes ’ cookie synching  Considered frowned upon if not illegal – (e.g., Doubleclick vs. Safari) • Interactive mashups – No passive mashups requiring user cookies The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 7 based Third-party Cookie Policy

  8. Existing Cookie Policies • Allow all third-party cookies – Default policy; allows tracking • Deny all third-party cookies – Prevents tracking – Breaks functionality of social widgets • Allow third-party cookies from ‘ visited sites ’ – Aimed to prevent tracking by data aggregators, but enable social widgets – Allows OSNs to track The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 8 based Third-party Cookie Policy

  9. Blacklist-based Client Tools 1. Scan the page while loading 2. Check page elements against a blacklist 3. Don ’ t load blacklisted elements Examples: Ghostery, Disconnect, ShareMeNot, … The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 9 based Third-party Cookie Policy

  10. Blacklist Issues  Require maintenance – Update and distribute the blacklist  Any errors interfere with non-tracking services – Require fine-tuning  Can be bypassed – Cannot handle third-party server tricks The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 10 based Third-party Cookie Policy

  11. Our Approach 1. Load all third-party content without sending any cookies – Allow whitelisting desired third-party content 2. Reload third-party content with associated cookies if the user interacts with it 1. First click to activate the third-party content 2. Second click to register the action 1. User interaction 2. Generalization with two-clicks with whitelisting The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 11 based Third-party Cookie Policy

  12. Interaction-based Policy: 1 st Click <FB Like/> Sign up to see … Alice likes this. Bob “ Alice likes this. ” “ Sign up to see …” The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 12 based Third-party Cookie Policy

  13. Interaction-based Policy: 2 nd Click “ I like this. ” “ You and Alice Alice likes this. like this. ” Bob “ You and Alice like this. ” The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 13 13 based Third-party Cookie Policy

  14. Generalization For any third party content! 3rd 3rd Bob The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 14 14 based Third-party Cookie Policy

  15. User Interaction All previous tools utilize it: • Reload the entire page – Ghostery, Disconnect, ShareMeNot • Selectively reload the interacted element – Priv3 Still based on a blacklist! 1. We add the two-click control! 2. We generalize the concept! The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 15 based Third-party Cookie Policy

  16. Handling User Interaction • Social widgets – Loaded in a single iframe; reload it Ad • Behavioral advertisements – Loaded in nested iframes; pass the click Best Kitty  No interaction with ‘ invisible items ’ Food – Small gif images, invisible iframes, … The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 16 based Third-party Cookie Policy

  17. Limitation of the Heuristic • Advertisements loaded in a single iframe – Our policy will trigger a reload of the ad with potentially adverse side effects • Future work: prevalence of this issue – Crawl the web and see how many ads are loaded in a single iframe The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 17 based Third-party Cookie Policy

  18. Outline • Assumptions • Existing approaches and shortcomings • Our policy • Discussion – Advertisement clicks – Lessons learned • Implementation and preliminary evaluation – Priv3+ • Future & ongoing work The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 18 based Third-party Cookie Policy

  19. Advertisement Clicks Why not also reload the advertisements? • Nested iframes – Reload parent iframe? – Reload child iframe? – What if there is no source URL for the iframe? • Click on the advertisement – “ The user wanted to click that advertisement, not another. ” The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 19 based Third-party Cookie Policy

  20. Third-party Cookie Access “ Append-only ” writing of visited sites 1. Third party script accesses its cookies on the user ’ s browser 2. Adds pages visited to the cookies 3. Receives the cookies when the user visits it as a first party  Original Priv3 implementation prevents as does Priv3+ The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 20 based Third-party Cookie Policy

  21. Lessons Learned • General cookie policy: No blacklists – Unlike Ghostery, Disconnect, ShareMeNot, … • More control for the user – On-demand social widgets requiring a little more user action (i.e., two-click control) – Whitelisting desired third parties • No third-party tracking via cookies – No interference with non-tracking analytics and advertisement services – No tracking analytics and advertisement services The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 21 based Third-party Cookie Policy

  22. Priv3 + • Implemented for Firefox & Chrome – Emulates our general cookie policy in the browser – Two-click control for third-party content – Utilizes selective reload of interacted elements – Highlights various types of third-party content – Allows user to whitelist desired third-party content • Downloaded over 14K times with ~3.1K active daily users The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 22 based Third-party Cookie Policy

  23. Preliminary Evaluation • Top 1K popular sites from Quantcast, up to 10 pages – 7.3K pages • Pageload time overhead compared with “ accept all cookies ” – Priv3+: ~4% – Never accept 3 rd party cookies: ~1.7% – Accept 3 rd party cookies from visited: ~1.3 The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 23 based Third-party Cookie Policy

  24. Ongoing & Future Work • Prevalence of single-iframe ads • More comprehensive performance study – More sites, more pages • Study of potential functionality issues • User studies – Tracking expectations & treating of various 3 rd party content The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 24 based Third-party Cookie Policy

  25. Summary A general and interaction-based third-party cookie policy • Prevents third-party tracking • Enables social networking functionality on- demand • Does not interfere with non-tracking services • Implemented as browser extensions – Low overhead The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 25 based Third-party Cookie Policy

  26. The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 26 based Third-party Cookie Policy

  27. Misc • Evercookies – Flash cookies not deleted when clearing browser cookies – Revive cookie values by accessing flash cookies  Cookies never received by third parties • Cookie synching – Previous cookie values or first party cookies as GET parameters  Previously set cookies will not be sent as to third parties and third party scripts cannot access cookies The Case for a General and Interaction- Akkus and Weaver (W2SP2015) 27 based Third-party Cookie Policy

Recommend


More recommend