71 Hits in 5.7 sec

We Value Your Privacy ... Now Take Some Cookies: Measuring the GDPR's Impact on Web Privacy [article]

Martin Degeling, Christine Utz, Christopher Lentzsch, Henry Hosseini, Florian Schaub, Thorsten Holz
2018 arXiv   pre-print
We monitored this rare event by analyzing the GDPR's impact on popular websites in all 28 member states of the European Union.  ...  While many websites already had privacy policies, we find that in some countries up to 15.7 % of websites added new privacy policies by May 25, 2018, resulting in 84.5 % of websites having privacy policies  ...  ACKNOWLEDGMENTS The authors would like to thank Yana Koval for her help with manual website annotation and all native speakers who helped us verify the word lists.  ... 
arXiv:1808.05096v2 fatcat:kyhckb6mzrfkbgbgfxrswsuqte

(Un)informed Consent

Christine Utz, Martin Degeling, Sascha Fahl, Florian Schaub, Thorsten Holz
2019 Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS '19  
We also show that the wide-spread practice of nudging has a large effect on the choices users make.  ...  In this work, we identify common properties of the graphical user interface of consent notices and conduct three experiments with more than 80,000 unique users on a German website to investigate the influence  ...  ACKNOWLEDGMENTS The authors would like to thank the owner of their partner website for allowing them to display different sets of consent notices on this site.  ... 
doi:10.1145/3319535.3354212 dblp:conf/ccs/UtzDFSH19 fatcat:5twq56csdfbi7momzh3pbjrzse

GDPR Myopia: how a well-intended regulation ended up favouring large online platforms - the case of ad tech

Damien Geradin, Theano Karanikioti, Dimitrios Katsifis
2020 European Competition Journal  
The purpose of this paper is not to call for the weakening of the GDPR, whose positive impact on users cannot be ignored.  ...  While from a policy standpoint regulators should thus maintain or even increase the level of protection offered by this legislation, it is vital that they take steps to mitigate its adverse effects on  ...  Acknowledgements The authors advise a variety of ad tech vendors and publishers, including on matters adverse to Google. The views expressed in this paper are the authors' only.  ... 
doi:10.1080/17441056.2020.1848059 fatcat:m6omgqcqyjcnndkh2m5qipi3jm

The Unwanted Sharing Economy: An Analysis of Cookie Syncing and User Transparency under GDPR [article]

Tobias Urban, Dennis Tatang, Martin Degeling, Thorsten Holz, Norbert Pohlmann
2018 arXiv   pre-print
In a first step, we measure the impact of the legislation on the connections (regarding cookie syncing) between third-parties and show that the general structure how the entities are arranged is not affected  ...  However, we find that the new regulation has a statistically significant impact on the number of connections, which shrinks by around 40%.  ...  Acknowledgment This work was partially supported by the Ministry of Culture and Science of the German State of North Rhine-Westphalia (MKW grant 005-1703-0021 "MEwM" and "NERD.NRW") and the German Federal  ... 
arXiv:1811.08660v1 fatcat:fefujj2xzra2pjbycsxraytnci

Understanding Privacy-Related Advice on Stack Overflow

Mohammad Tahaei, Tianshi Li, Kami Vaniea
2022 Proceedings on Privacy Enhancing Technologies  
We find that the advice is mostly around compliance with regulations and ensuring confidentiality with a focus on the inform, hide, control, and minimize of the Hoepman's privacy design strategies.  ...  We qualitatively analyzed 119 privacy-related accepted answers on Stack Overflow from the past five years and extracted 148 pieces of advice from these answers.  ...  Acknowledgments We thank the reviewers whose constructive feedback helped improve the paper greatly. This work was sponsored in part by Microsoft Research through its Ph.D. Scholarship Program.  ... 
doi:10.2478/popets-2022-0038 fatcat:4fkhpppsqvax5my2ke64w6veti

"It may be a pain in the backside but..." Insights into the impact of GDPR on business after three years [article]

Gerard Buckley, Tristan Caulfield, Ingolf Becker
2021 arXiv   pre-print
We find the threat of fines has focused the corporate mind and made business more privacy aware. Organisationally, it has created new power bases within companies to advocate GDPR.  ...  The General Data Protection Regulation (GDPR) came into effect in May 2018 and is designed to safeguard EU citizens' data privacy.  ...  It is used to say we care about your data, and you can trust us.  ... 
arXiv:2110.11905v1 fatcat:jkocey54jngtfg6yupebubexsy

Dark and Bright Patterns in Cookie Consent Requests

Paul Graßl, Hanna Schraffenberger, Frederik Zuiderveen Borgesius, Moniek Buijzen
2021 Journal of Digital Social Research  
In the second experiment (N = 255) we reversed the direction of the design nudges towards the privacy-friendly option, which we title "bright patterns".  ...  In the first experiment (N = 228) we explored the effects of design nudges towards the privacy-unfriendly option (dark patterns).  ...  ACKNOWLEDGEMENTS We would like to thank the reviewers for their valuable comments to improve the manuscript.  ... 
doi:10.33621/jdsr.v3i1.54 fatcat:pvdxn3mxwnezjb5xq37hnxe6sy

Opted Out, Yet Tracked: Are Regulations Enough to Protect Your Privacy? [article]

Zengrui Liu and Umar Iqbal and Nitesh Saxena
2022 arXiv   pre-print
Using our framework, we conduct a measurement study to evaluate two of the most widely deployed CMPs, i.e., OneTrust and CookieBot, as well as advertiser-offered opt-out controls, i.e., National Advertising  ...  Overall, our work casts a doubt if regulations are effective at protecting users' online privacy.  ...  Acknowledgments The authors would like to thank Zubair Shafiq for discussions in the early phases of the work.  ... 
arXiv:2202.00885v1 fatcat:vm7ahtr4z5co3iuwoq2uon3pua

CookieEnforcer: Automated Cookie Notice Analysis and Enforcement [article]

Rishabh Khandelwal, Asmit Nayak, Hamza Harkous, Kassem Fawaz
2022 arXiv   pre-print
Finally, we use our system to perform several measurements on the top 5k websites from the Tranco list (as accessed from the US and the UK), drawing comparisons and observations at scale.  ...  In this work, we develop CookieEnforcer, a new system for automatically discovering cookie notices and deciding on the options that result in disabling all non-essential cookies.  ...  Cookie Notice Studies Cookie Notice Analysis Degeling et al. [10] measured the GDPR's impact on cookie notices by manually examining the top 500 websites in each of the EU member states.  ... 
arXiv:2204.04221v2 fatcat:sdtvmodjwrbvplxjimvgrn76rm

Claudette Meets GDPR: Automating the Evaluation of Privacy Policies Using Artificial Intelligence

Giuseppe Contissa, Koen Docter, Francesca Lagioia, Marco Lippi, Hans-W. Micklitz, Przemysław Pałka, Giovanni Sartor, Paolo Torroni
2018 Social Science Research Network  
The experiments we conducted on these documents, using various machine learning techniques, lead us to the conclusion that this task can be, to a significant degree, realized by computers, if a sufficiently  ...  Hence, there is a significant room for improvement on the side of business, as well as for action on the side of consumer organizations and supervisory authorities.  ...  We would welcome any feedback from the readers.  ... 
doi:10.2139/ssrn.3208596 fatcat:jro5to24brbdvn62j2nveg2n2a

Are cookie banners indeed compliant with the law? Deciphering EU legal requirements on consent and technical means to verify compliance of cookie banners [article]

Cristiana Santos, Nataliia Bielova, Célestin Matte
2020 arXiv   pre-print
In this work, we analyze the legal requirements on how cookie banners are supposed to be implemented to be fully compliant with the e-Privacy Directive and the General Data Protection Regulation.  ...  and we also show which requirements are impossible to verify with certainty in the current architecture of the Web.  ...  Greek DPA, 2020 Belgian DPA, 2020 Irish DPA, 2020 Recent audits on websites Recurrent audits on websites are aimed at information-gathering assessment of the state of cookie (and related technologies  ... 
arXiv:1912.07144v2 fatcat:4nkrmy3wrrbhpibatedfzixmee

A feminist Critique to digital consent

Elinor Carmi
The online surveillance adtech industry that funds the web had to use a mechanism that commodifies people, rendering their behaviors into data - products that can be sold and traded for the highest bidder  ...  This was made possible by objectifying, dehumanizing and decontextualizing human engagement and identity into measurable and quantifiable data units.  ...  surveillance mechanisms such as web-cookies.  ... 
doi:10.7577/seminar.4291 fatcat:5vjtqjwbebae7ebiqc4mec3o5a

An analysis of violations and sanctions following the GDPR

Wanda Kristiania University College, Kaja Felix Sopra Steria
2020 International Journal of Information Systems and Project Management  
We also welcome more research on the topic.  ...  However, our study provides insight on some of the challenges.  ...  Acknowledgements We thank the experts who have provided us with valuable insights.  ... 
doi:10.12821/ijispm090102 doaj:c5cd6178a0f94265861331ee5043cdf2 fatcat:345jqebisnbg3mgwja2y5zki4q

Online Price Discrimination and EU Data Privacy Law

Frederik J. Zuiderveen Borgesius, Joost Poort
2017 Social Science Research Network  
The paper analyses how this dislike of personalized pricing may be linked to economic analysis and to other norms or values.  ...  An online shop can recognize customers, for instance through cookies, and categorize them as price-sensitive or price-insensitive.  ...  Acknowledgements The authors thank Solon Barocas, Bertin Martens, Akiva Miller, Andrew Odlyzko, Andrew Selbst, participants at the Amsterdam Privacy Conference, EuroCPR and the Privacy Law Scholars Conference  ... 
doi:10.2139/ssrn.3009188 fatcat:zihxqxkbsvhqtcnwe3l3t6t3um

Online Price Discrimination and EU Data Privacy Law

Frederik Zuiderveen Borgesius, Joost Poort
2017 Journal of Consumer Policy  
The paper analyses how this dislike of personalized pricing may be linked to economic analysis and to other norms or values.  ...  An online shop can recognize customers, for instance through cookies, and categorize them as price-sensitive or price-insensitive.  ...  Acknowledgements The authors thank Solon Barocas, Bertin Martens, Akiva Miller, Andrew Odlyzko, Andrew Selbst, participants at the Amsterdam Privacy Conference, EuroCPR and the Privacy Law Scholars Conference  ... 
doi:10.1007/s10603-017-9354-z fatcat:qzudks2geresfcrshmqbrbjk7e
« Previous Showing results 1 — 15 out of 71 results