third party tracking on the web
play

Third-party Tracking on the Web: A Swedish Perspective Joel Purra - PowerPoint PPT Presentation

Jan 14, 2023 •153 likes •562 views

Third-party Tracking on the Web: A Swedish Perspective Joel Purra and Niklas Carlsson Linkping University, Sweden @ IEEE LCN, Dubai, Nov. 2016 Bullet 1 Bullet 2 We are all tracked When browsing, information is recorded by the

  1. Third-party Tracking on the Web: A Swedish Perspective Joel Purra and Niklas Carlsson Linköping University, Sweden @ IEEE LCN, Dubai, Nov. 2016

  2. • Bullet 1 • Bullet 2

  3. We are all tracked … • When browsing, information is recorded by the servers you communicate directly with • Resources from other services might be requested as well, with or without being visible. • Information can be passively recorded during transmission; some of which can't be avoided • Specialized tracking code can actively extract extended information

  4. Why is tracking used? • Information is collected and stored to gain knowledge about the visitors a website has. • Website owners: to improve/personalize content • Advertisement firms: to sell targeted ads • Media analytics firms: to verify statistics (for ads). • Data brokers: to package and sell (inferred) user data

  5. The downside • Users lose control over who they share information with. This can be considered an invasion of privacy. • Information is easily stored and easily retrieved, • Anything done online in the past can haunt you for ever. • Self-censorship, effectively limiting freedom of speech. • What is illegal for governments, companies are allowed to do, through user agreements. Governments still have control over companies within their jurisdiction. • The full scope of the tracking is still unknown • Could become a historical thought police. • Could mean online companies have a grip on all current and future politicians, company leaders and celebrities.

  6. Passive tracking and HTTPS • Bullet 1 • Bullet 2

  7. Passive vs active tracking • Passive tracking: Anyone can listen in anywhere along the network path ... • People are becoming increasingly aware of monitoring by ISPs and nation state ... • HTTPS prevents passive tracking of some information (e.g., exact page, browser model, OS, language settings, cookies, etc.)

  8. Passive vs active tracking • Passive tracking: Anyone can listen in anywhere along the network path ... • People are becoming increasingly aware of monitoring by ISPs and nation state ... • HTTPS prevents passive tracking of some information (e.g., exact page, browser model, OS, language settings, cookies, etc.) • Active tracking: A script or plugin executed in the browser to extract and collect extended information. • HTTPS does not prevent this. • Example info include time spent on each page, window size, screen resolution, color depth, mouse movements, scrollbar location, installed fonts, plugins and extensions.

  9. Passive vs active tracking • Passive tracking: Anyone can listen in anywhere along the network path ... • People are becoming increasingly aware of monitoring by ISPs and nation state ... • HTTPS prevents passive tracking of some information (e.g., exact page, browser model, OS, language settings, cookies, etc.) • Active tracking: A script or plugin executed in the browser to extract and collect extended information. • HTTPS does not prevent this. • Example info include time spent on each page, window size, screen resolution, color depth, mouse movements, scrollbar location, installed fonts, plugins and extensions. • We focus on third-party tracking, but ask if sites implementing HTTPS use less tracking themselves

  10. This paper … • … presents measurement methodology and characterization of the current third-party tracking landscape

  11. This paper … • … presents measurement methodology and characterization of the current third-party tracking landscape • Third-party usage across a number of website classes and breakdown the coverage of different tracker types • Aggregate analysis that combines the tracker services based on the organizations operating them so to gain insights into the big players aggregate coverage • Try to answer if websites that have adopted HTTPS in fact are more privacy conscious (on behalf of their users) and use less third-party tracking.

  12. This paper … • … presents measurement methodology and characterization of the current third-party tracking landscape • Third-party usage across a number of website classes and breakdown the coverage of different tracker types • Aggregate analysis that combines the tracker services based on the organizations operating them so to gain insights into the big players aggregate coverage • Try to answer if websites that have adopted HTTPS in fact are more privacy conscious (on behalf of their users) and use less third-party tracking.

  13. This paper … • … presents measurement methodology and characterization of the current third-party tracking landscape • Third-party usage across a number of website classes and breakdown the coverage of different tracker types • Aggregate analysis that combines the tracker services based on the organizations operating them so to gain insights into the big players aggregate coverage • Try to answer if websites that have adopted HTTPS in fact are more privacy conscious (on behalf of their users) and use less third-party tracking

  14. Methodology • Developed data collection tool • Headless phantom.js browser • Visit front page of large number of sites • HTTP vs HTTPS (with and without www) • Measure redirects etc. • Process/execute scripts to build pages • No blocking • Extract URL, domain, and other info • Classify resources • Internal vs. external • Known trackers (using Disconnect.me) • Type of resource; e.g., advertising, analytics, content

  15. Swedish perspective • Measurements performed from Sweden • Important and popular Swedish domains • Global baseline

  16. What are third-party resources? • A resource belonging to the origin's primary domain is called internal. Otherwise it's an external resource. • Assumption: Any external resource is a third-party resource. Domain examples Resource examples example.se (primary domain) Branded (videos, services, images) www.example.se (subdomain) Unbranded (fonts, useful scripts, images) Ads (scripts, images, flash) example.org (third-party domain) Web beacons (hidden images, analytics doubleclick.net (known tracker domain) scripts)

  17. Blocked domains on Disconnect.me • Many have few: 521 out of 980 organization have 1 domain; 331 have 2 domain. • Some have many: Google has 271, Yahoo 71, AOL 40, Microsoft 32.

  18. Blocked domains on Disconnect.me • Many have few: 521 out of 980 organization have 1 domain; 331 have 2 domain. • Some have many: Google has 271, Yahoo 71, AOL 40, Microsoft 32. • Spread over advertising, analytics, content

  19. Blocked domains on Disconnect.me • Many have few: 521 out of 980 organization have 1 domain; 331 have 2 domain. • Some have many: Google has 271, Yahoo 71, AOL 40, Microsoft 32. • Spread over advertising, analytics, content • “Disconnect category”: Google, Facebook, Twitter

  20. • Bullet 1 • Bullet 2

  21. • Bullet 1 • Bullet 2

  22. • Bullet 1 • Bullet 2

  23. • Bullet 1 • Bullet 2

  24. External third-party resources • Upper bound: Third-parties typically have server logs and/or analytics software to record your online habits • Each third-party (external) resource leaks at least some info

  25. External third-party resources • Upper bound: Third-parties typically have server logs and/or analytics software to record your online habits • Each third-party (external) resource leaks at least some info

  26. External third-party resources • Upper bound: Third-parties typically have server logs and/or analytics software to record your online habits • Each third-party (external) resource leaks at least some info • External resource usage high • Especially among most popular domains (e.g., 93% at least some)

  27. External third-party resources • Upper bound: Third-parties typically have server logs and/or analytics software to record your online habits • Each third-party (external) resource leaks at least some info • External resource usage high • Especially among most popular domains (e.g., 93% at least some)

  28. External third-party resources • Upper bound: Third-parties typically have server logs and/or analytics software to record your online habits • Each third-party (external) resource leaks at least some info • External resource usage high • Especially among most popular domains (e.g., 93% at least some) • HTTP and HTTPS results similar (except for rand 100k .se)

  29. Known trackers • Lower bound • Use Disconnect’s tracker list (2,149 known domains: resp. for <10% external) • Only front page

  30. Known trackers Swedish domain categories Global categories • Lower bound • Use Disconnect’s tracker list (2,149 known domains: resp. for <10% external) • Only front page

  31. Known trackers Global categories • Lower bound • Use Disconnect’s tracker list (2,149 known domains: resp. for <10% external) • Only front page • Biggest differences: popular vs. less popular (e.g., advertising)

  32. Known trackers Global categories • Lower bound • Use Disconnect’s tracker list (2,149 known domains: resp. for <10% external) • Only front page • Biggest differences: popular vs. less popular (e.g., advertising) • Popular has at least one known tracker in 95+ % of cases

Recommend

Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done

Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done

Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done Party!!!!!! Party!!!!!! Curling Orientation Party!!!!!! Party!!!!!! Party!!!!!! National day parade Airport picking-uping Party!!!!!!

1.18k views • 69 slides
Reverse-engineering Online Tracking From niche research field to easy-to-use tool Steven

Reverse-engineering Online Tracking From niche research field to easy-to-use tool Steven

Reverse-engineering Online Tracking From niche research field to easy-to-use tool Steven Englehardt webtap.princeton.edu Source: Mayer &amp; Mitchell; Third-Party Web Tracking: Policy and Technology Evercookies Respawn cookies using

752 views • 50 slides
Tracking by learning Arnold W.M. Smeulders Tracking Online tracking is to determine the location

Tracking by learning Arnold W.M. Smeulders Tracking Online tracking is to determine the location

Tracking by learning Arnold W.M. Smeulders Tracking Online tracking is to determine the location of one target in video starting from a bounding box in the first frame. When conceived as an instant learning problem, the task is to discriminate

651 views • 39 slides
Machine Learning: A Promising Direction for Web Tracking Countermeasures Jason Bau, Jonathan

Machine Learning: A Promising Direction for Web Tracking Countermeasures Jason Bau, Jonathan

Stanford Computer Security Lab Machine Learning: A Promising Direction for Web Tracking Countermeasures Jason Bau, Jonathan Mayer, Hristo Paskov and John C. Mitchell Stanford University Motivation Consumers want control over third-party

208 views • 19 slides
EGUS CDE Agreement Terminology/Updates Agreement Types : AB (2 Party) Party A,

EGUS CDE Agreement Terminology/Updates Agreement Types : AB (2 Party) Party A,

EGUS CDE Agreement Terminology/Updates Agreement Types : AB (2 Party) Party A, Party B ABA (3 Party) Party A, Party B, Party A Clearing Member ABB (3 Party) Party A, Party B, Party B Clearing Member

404 views • 21 slides
KIDS PARTIES Take the hassle away and party the Mundo Mana way. Contents Party rooms 4

KIDS PARTIES Take the hassle away and party the Mundo Mana way. Contents Party rooms 4

KIDS PARTIES Take the hassle away and party the Mundo Mana way. Contents Party rooms 4 Toddler packages (1-3 years) 6 Childrens packages (3+ years) 8 Package Overview 10 Party Extras | Birthday cakes 11 Bespoke party room

357 views • 24 slides
KIDS PARTIES Take the hassle away and party the Mundo Mana way. 1 Contents Party rooms 4

KIDS PARTIES Take the hassle away and party the Mundo Mana way. 1 Contents Party rooms 4

KIDS PARTIES Take the hassle away and party the Mundo Mana way. 1 Contents Party rooms 4 Toddler packages (1-3 years) 6 Childrens packages (4+ years) 8 Package Overview 10 Party Extras | Birthday cakes 12 Bespoke party room

476 views • 14 slides
CSE 599B: Technology-Enabled Misinformation Franziska (Franzi) Roesner franzi@cs.washington.edu

CSE 599B: Technology-Enabled Misinformation Franziska (Franzi) Roesner franzi@cs.washington.edu

CSE 599B: Technology-Enabled Misinformation Franziska (Franzi) Roesner franzi@cs.washington.edu Fall 2018 Third-Party Tracking Trackers included in other sites use third-party cookies containing unique identifiers to create browsing profiles.

448 views • 21 slides
NoMoATS: Towards Automatic Detection of Mobile Tracking Abstract: Todays mobile apps employ

NoMoATS: Towards Automatic Detection of Mobile Tracking Abstract: Todays mobile apps employ

Proceedings on Privacy Enhancing Technologies ; 2020 (2):4566 Anastasia Shuba* and Athina Markopoulou NoMoATS: Towards Automatic Detection of Mobile Tracking Abstract: Todays mobile apps employ third-party ad- 1 Introduction vertising and

373 views • 22 slides
Tracking Articulated Objects Alexander (Sasha) Lambert CS7495 Fall 2014 Tracking From Depth

Tracking Articulated Objects Alexander (Sasha) Lambert CS7495 Fall 2014 Tracking From Depth

Tracking Articulated Objects Alexander (Sasha) Lambert CS7495 Fall 2014 Tracking From Depth Infra-red point-clouds (structured light) Affordable sensors (Primesense) Large body of work on people-tracking Complex tracking

409 views • 23 slides
Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn

Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn

Introduction Tracking catalog Tracking mechanisms Open questions Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn Carela-Espaol Pere Barlet-Ros Computer Architecture Dept. (DAC) UPC

581 views • 10 slides
ESA and non-ESA missions (Third Party Missions TPM) 4 types of activities with Third Party

ESA and non-ESA missions (Third Party Missions TPM) 4 types of activities with Third Party

Clement Albinet - ESA / Ground Segment and Mission Management Department 18 th November 2019 ESA UNCLASSIFIED - For Official Use ESA and non-ESA missions (Third Party Missions TPM) 4 types of activities with Third Party Missions (TPM) New

629 views • 24 slides
Eye Tracking and Topics EMA in Computer Eye tracking definition Science Eye tracker

Eye Tracking and Topics EMA in Computer Eye tracking definition Science Eye tracker

Eye Tracking and Topics EMA in Computer Eye tracking definition Science Eye tracker history Eye tracking theory Computer Literacy 1 Lecture 23 Different kinds of eye trackers 11/11/2008 Electromagnetic Articulography (EMA)

459 views • 6 slides
A competitive advantage for your company through Third Party Monitoring ODIS THIRD PARTY

A competitive advantage for your company through Third Party Monitoring ODIS THIRD PARTY

A competitive advantage for your company through Third Party Monitoring ODIS THIRD PARTY (CONTRACT) MANAGEMENT (TPM) Index Introduction Complexity, governance and risk Past, Present and Future, where are you in the evolution?

295 views • 15 slides
Tracking - VSO Framework Tracking Status Controlling Actions 100% Configuring Actions Device

Tracking - VSO Framework Tracking Status Controlling Actions 100% Configuring Actions Device

Tracking - VSO Framework Tracking Status Controlling Actions 100% Configuring Actions Device List 0% Device handling View drawing 100% Federico Tessmann Test-Tracking - Orchestra VSO- VSOUI Tracking VSO- Orchestra VSOAudio

76 views • 7 slides
AFJROTC More Than Just a Class ! Why Join AFJROTC? CORPS PARTY PARTY PARTY! FIELD TRIPS LAST

AFJROTC More Than Just a Class ! Why Join AFJROTC? CORPS PARTY PARTY PARTY! FIELD TRIPS LAST

AFJROTC More Than Just a Class ! Why Join AFJROTC? CORPS PARTY PARTY PARTY! FIELD TRIPS LAST THREE YEARS . Field Trip to State Fair / College Football Field Trip to the Perot Museum San Antonio Field Trip 2018 Competing Teams . Teams

631 views • 19 slides
Video Object Tracking Real-time tracking of objects in video is an important problem in various

Video Object Tracking Real-time tracking of objects in video is an important problem in various

Tracking Objects Better, Faster, Longer Assoc. Prof. Dr. Alptekin Temizel atemizel@metu.edu.tr Graduate School of Informatics, METU 18 March 2015 GPU Technology Conference Video Object Tracking Real-time tracking of objects in video is an

472 views • 19 slides
ACH and Third Party Payment Processors Definition of Third-Party Relationship Entity with

ACH and Third Party Payment Processors Definition of Third-Party Relationship Entity with

ACH and Third Party Payment Processors Definition of Third-Party Relationship Entity with which financial institution has entered into a business relationship Facilitate customer access to bank services or products Perform functions

369 views • 26 slides
Detection vs. tracking Lecture 21: Motion and tracking Thursday, Nov 29 Prof. Kristen

Detection vs. tracking Lecture 21: Motion and tracking Thursday, Nov 29 Prof. Kristen

11/30/2007 Detection vs. tracking Lecture 21: Motion and tracking Thursday, Nov 29 Prof. Kristen Grauman Tracking with dynamics : We use image measurements to estimate position of object, but also incorporate position predicted by

486 views • 12 slides
Immigration in the Party Political Agenda: A Comparative Analysis of Party Manifestos in Six

Immigration in the Party Political Agenda: A Comparative Analysis of Party Manifestos in Six

Immigration in the Party Political Agenda: A Comparative Analysis of Party Manifestos in Six European Countries Didier Ruedin, Laura Morales, Jean-Benoit Pilet, Peter Thomas ECPR Annual Conference , Bordeaux, 6 September 2013 Politicization of

163 views • 12 slides
People-Tracking-by-Detection and People-Detection-by-Tracking Mykhaylo Andriluka Stefan Roth

People-Tracking-by-Detection and People-Detection-by-Tracking Mykhaylo Andriluka Stefan Roth

People-Tracking-by-Detection and People-Detection-by-Tracking Mykhaylo Andriluka Stefan Roth Bernt Schiele Department of Computer Science TU Darmstadt People-Tracking-by-Detection and People-Detection-by-Tracking - CVPR 2008 Motivation

899 views • 89 slides
Overview Introduction Object Tracking Vehicle Tracking Theory &amp; Implementation

Overview Introduction Object Tracking Vehicle Tracking Theory &amp; Implementation

Overview Introduction Object Tracking Vehicle Tracking Theory &amp; Implementation Segmentation Tracking Results Q &amp; A Introduction Object Tracking Object Tracking Object representation Feature

500 views • 28 slides
Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D.

Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D.

Computer Vision Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D. Wagner, V Lepetit, M. Breitenstein, P. Sabzmeydani, Z. Kalal from whom I borrowed many slides and videos. We all know what

1.5k views • 137 slides
Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D.

Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D.

Computer Vision Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D. Wagner, V Lepetit, M. Breitenstein, P. Sabzmeydani, Z. Kalal from whom I borrowed many slides and videos. We all know what

1.62k views • 138 slides

More recommend