Skip to main content
SpringerLink
Log in

Tracking Users Like There is No Tomorrow: Privacy on the Current Internet

  • Conference paper
  • First Online:
International Joint Conference (CISIS 2015)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 369))

Abstract

Since the beginning of the web, users have been worried about usability but not always about security or privacy. Nowadays people are starting to realize that sometimes it is important to protect their privacy not only in real life, but also in the virtual world. This paper analyzes the current privacy debate surrounding online web tracking and explains the most relevant techniques and defenses. It also presents the different companies involved and related standards and regulations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Stevenson, A.: Oxford Dictionary of English. OUP, Oxford (2010)

    Google Scholar 

  2. Milanovic, M.: Human rights treaties and foreign surveillance: privacy in the digital age. Harvard Int. L. J. (Forthcoming) (2014)

    Google Scholar 

  3. Bernal, P.: Internet Privacy Rights: Rights to Protect Autonomy, vol. 24. Cambridge University Press, Cambridge (2014)

    Google Scholar 

  4. Squicciarini, A.C., Paci, F., Sundareswaran, S.: Prima: a comprehensive approach to privacy protection in social network sites. Annals of telecommunications-annales des télécommunications 69(1–2), 21–36 (2014)

    Google Scholar 

  5. Wang, Y., Nepali, R.K., Nikolai, J.: Social network privacy measurement and simulation. In: International Conference on Computing, Networking and Communications (ICNC), pp. 802–806. IEEE (2014)

    Google Scholar 

  6. Cecere, G., Rochelandet, F.: Privacy intrusiveness and web audiences: empirical evidence. Telecommun. Policy 37(10), 1004–1014 (2013)

    Article  Google Scholar 

  7. Hayes, C.M., Kesan, J.P., Bashir, M., Hoff, K., Jeon, G.: Informed Consent and Privacy Online: A Survey. Available at SSRN 2418830 (2014)

    Google Scholar 

  8. Acar, G., Juarez, M., Nikiforakis, N., Diaz, C., Gürses, S., Piessens, F., Preneel, B.: FPDetective: dusting the web for fingerprinters. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1129–1140. ACM (2013)

    Google Scholar 

  9. Eckersley, P.: How unique is your web browser? In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 1–18. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  10. Fifield, D., Egelman, S.: Fingerprinting web users through font metrics. In: Proceedings of the 19th International Conference on Financial Cryptography and Data Security (2015)

    Google Scholar 

  11. Acar, G., Eubank, C., Englehardt, S., Juarez, M., Narayanan, A., Diaz, C.: The web never forgets: persistent tracking mechanisms in the wild. In: Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS 2014) (2014)

    Google Scholar 

  12. Mowery, K., Shacham, H.: Pixel perfect: fingerprinting canvas in html5. In: Proceedings of W2SP (2012)

    Google Scholar 

  13. Ayenson, M., Wambach, D.J., Soltani, A., Good, N., Hoofnagle, C.J.: Flash cookies and privacy ii: now with html5 and etag respawning. In: Social Science Research Network (2011)

    Google Scholar 

  14. Atterer, R., Wnuk, M., Schmidt, A.: Knowing the user’s every move: user activity tracking for website usability evaluation and implicit interaction. In: Proceedings of the 15th International Conference on World Wide Web, pp. 203–212. ACM (2006)

    Google Scholar 

  15. Keromytis, A.: Darpa, active authentication program. http://www.darpa.mil/our_work/i2o/programs/active_authentication.aspx (2015)

  16. Soltani, A., Canty, S., Mayo, Q., Thomas, L., Hoofnagle, C.J.: Flash cookies and privacy. In: AAAI Spring Symposium: Intelligent Information Privacy Management (2010)

    Google Scholar 

  17. West, W., Pulimood, S.M.: Analysis of privacy and security in html5 web storage. J. Comput. Sci. Coll. 27(3), 80–87 (2012)

    Google Scholar 

  18. Felten, E.W., Schneider, M.A.: Timing attacks on web privacy. In: Proceedings of the 7th ACM Conference on Computer and Communications Security, pp. 25–32. ACM (2000)

    Google Scholar 

  19. Focardi, R., Gorrieri, R., Lanotte, R., Maggiolo-Schettini, A., Martinelli, F., Tini, S., Tronci, E.: Formal models of timing attacks on web privacy. Electron. Notes Theor. Comput. Sci. 62, 229–243 (2002)

    Article  Google Scholar 

  20. Weinberg, Z., Chen, E.Y., Jayaraman, P.R., Jackson, C.: I still know what you visited last summer: leaking browsing history via user interaction and side channel attacks. In: 2011 IEEE Symposium on Security and Privacy (SP), pp. 147–161. IEEE (2011)

    Google Scholar 

  21. Altaweel, I., Cabrera, J., Choi, H.S., Ho, K., Good, N., Hoofnagle, C.: Web Privacy Census: Html5 Storage Takes the Spotlight as Flash Returns (2012)

    Google Scholar 

  22. Roesner, F., Kohno, T., Wetherall, D.: Detecting and defending against third-party tracking on the web. In: Proceedings of the 9th USENIX Conference on Networked Systems Design and Implementation, pp. 12–12. NSDI’12, Berkeley, CA, USA, USENIX Association (2012)

    Google Scholar 

  23. Jang, D., Jhala, R., Lerner, S., Shacham, H.: An empirical study of privacy-violating information flows in javascript web applications. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 270–283. ACM (2010)

    Google Scholar 

  24. Narayanan, A., Mayer, J.: Do not track, universal web tracking opt out. http://donottrack.us (2011)

  25. World Wide Web Consortium: Platform for privacy preferences (p3p) project. http://www.w3.org/P3P (2002)

  26. Byers, S., Cranor, L.F., Kormann, D., McDaniel, P.: Searching for privacy: design and implementation of a P3P-enabled search engine. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 314–328. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  27. Mayer, J.: Tracking the trackers: early results. http://cyberlaw.stanford.edu/blog/2011/07/tracking-trackers-early-results (2011)

  28. Teltzrow, M., Kobsa, A.: Impacts of user privacy preferences on personalized systems. In: Designing Personalized User Experiences in eCommerce, pp. 315–332. Springer, Berlin (2004)

    Google Scholar 

  29. De Groef, W., Devriese, D., Nikiforakis, N., Piessens, F.: Flowfox: a web browser with flexible and precise information flow control. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 748–759. ACM (2012)

    Google Scholar 

  30. Pan, X., Cao, Y., Chen, Y.: I do not know what you visited last summer: protecting users from third-party web tracking with trackingfree browser. In: NDSS: Proceedings of the Network and Distributed System Security Symposium (2015)

    Google Scholar 

  31. Hedin, D., Birgisson, A., Bello, L., Sabelfeld, A.: Jsflow: Tracking information flow in javascript and its APIs. In: Proceedings of 29th ACM Symposium on Applied Computing (2014)

    Google Scholar 

  32. Sen, K., Kalasapur, S., Brutch, T., Gibbs, S.: Jalangi: A selective record-replay and dynamic analysis framework for javascript. In: Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering, pp. 488–498. ACM (2013)

    Google Scholar 

  33. Chugh, R., Meister, J.A., Jhala, R., Lerner, S.: Staged information flow for javascript. In: ACM Sigplan Notices, vol. 44, pp. 50–62. ACM (2009)

    Google Scholar 

  34. Aggarwal, G., Bursztein, E., Jackson, C., Boneh, D.: An analysis of private browsing modes in modern browsers. In: USENIX Security Symposium, pp. 79–94 (2010)

    Google Scholar 

  35. Nikiforakis, N., Kapravelos, A., Joosen, W., Kruegel, C., Piessens, F., Vigna, G.: Cookieless monster: exploring the ecosystem of web-based device fingerprinting. In: 2013 IEEE Symposium on Security and privacy (SP), pp. 541–555. IEEE (2013)

    Google Scholar 

  36. Mayer, J.R., Mitchell, J.C.: Third-party web tracking: policy and technology. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 413–427. IEEE (2012)

    Google Scholar 

  37. Goldfarb, A., Tucker, C.E.: Privacy regulation and online advertising. Manag. Sci. 57(1), 57–71 (2011)

    Article  Google Scholar 

  38. Federal Trade Commission: Protecting consumer privacy in an era of rapid change: recommendations for businesses and policymakers. https://www.ftc.gov/reports/protecting-consumer-privacy-era-rapid-change-recommendations-businesses-policymakers (2012)

  39. Federal Trade Commission: Protecting consumer privacy in an era of rapid change, a proposed framework for businesses and policymakers. https://www.ftc.gov/reports/preliminary-ftc-staff-report-protecting-consumer-privacy-era-rapid-change-proposed-framework (2010)

  40. European Parliament: Directive 2002/58/ec. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32002L0058:en:HTML (2002)

  41. Article 29 Data Protection Working Party: Opinion 04/2012 on cookie consent exemption. http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2012/wp194_en.pdf (2012)

  42. Article 29 Data Protection Working Party: Opinion 9/2014 on the application of directive 2002/58/ec to device fingerprinting. http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp224_en.pdf (2014)

  43. Digital Advertising Alliance: Self-regulatory principles for online behavioral advertising, behavioral advertising. http://www.aboutads.info/resource/download/seven-principles-07-01-09.pdf (2009)

  44. Digital Advertising Alliance: Self-regulatory principles for multi-site data. http://www.aboutads.info/resource/download/Multi-Site-Data-Principles.pdf (2011)

Download references

Acknowledgments

This research was partially supported by the Basque Government under the pre-doctoral grants given to Iskander Sánchez-Rola and Xabier Ugarte-Pedrero.

Author information

Authors and Affiliations

  1. S3lab, DeustoTech—Computing, University of Deusto, Bilbao, Spain

    Iskander Sánchez-Rola, Xabier Ugarte-Pedrero, Igor Santos & Pablo G. Bringas

Authors
  1. Iskander Sánchez-Rola
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xabier Ugarte-Pedrero
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Igor Santos
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Pablo G. Bringas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Iskander Sánchez-Rola .

Editor information

Editors and Affiliations

  1. Department of Civil Engineering, Escuela Politécnica Superior, University of Burgos, Burgos, Spain

    Álvaro Herrero

  2. Department of Civil Engineering, Escuela Politécnica Superior, University of Burgos, Burgos, Spain

    Bruno Baruque

  3. Technological Institute of Castilla y León, Burgos, Spain

    Javier Sedano

  4. University of Salamanca, Salamanca, Spain

    Héctor Quintián

  5. Plaza de la Merced S/N, University of Salamanca, Salamanca, Spain

    Emilio Corchado

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Sánchez-Rola, I., Ugarte-Pedrero, X., Santos, I., Bringas, P.G. (2015). Tracking Users Like There is No Tomorrow: Privacy on the Current Internet. In: Herrero, Á., Baruque, B., Sedano, J., Quintián, H., Corchado, E. (eds) International Joint Conference. CISIS 2015. Advances in Intelligent Systems and Computing, vol 369. Springer, Cham. https://doi.org/10.1007/978-3-319-19713-5_41

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-19713-5_41

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-19712-8

  • Online ISBN: 978-3-319-19713-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation