Abstract
User-adaptive (or ”personalized”) systems on the web cater their interaction to each individual user and provide considerable benefits to both users and web vendors. These systems pose privacy problems, however, since they must collect large amounts of personal information to be able to adapt to users, and often do this in a rather inconspicuous manner. The interaction with personalized systems is therefore likely to be affected by users’ privacy concerns, and is in many cases also subject to privacy laws and self-regulatory privacy principles. An analysis of nearly 30 international privacy laws revealed that many of them impose severe restrictions not only on the data that may be collected but also on the personalization methods that may be employed. For many personalization goals, more than one methods can be used that differ in their data and privacy requirements and their anticipated accuracy and reliability. This paper presents a software architecture that encapsulates the different personalization methods in individual components and, at any point during runtime, ascertains the dynamic selection of the component with the optimal anticipated personalization effects among those that are permissible under the currently prevailing privacy constraints.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Corbett, A., McLaughlin, M., Scarpinatto, K.C.: Modeling Student Knowledge: Cognitive Tutors in High School and College. User Modeling and User-Adapted Interaction 10, 81–108 (2000)
Strachan, L., Anderson, J., Sneesby, M., Evans, M.: Minimalist User Modelling in a Complex Commercial Software System. User Modeling and User-Adapted Interaction 10, 109–146 (2000)
Linton, F., Schaefer, H.-P.: Recommender Systems for Learning: Building User and Expert Models through Long-Term Observation of Application Use. User Modeling and User-Adapted Interaction 10, 181–208 (2000)
Billsus, D., Pazzani, M.J.: User Modeling for Adaptive News Access. User Modeling and User-Adapted Interaction 10, 147–180 (2000)
Keates, S., Langdon, P., Clarkson, P., Robinson, P.: User Models and User Physical Capability. User Modeling and User-Adapted Interaction 12, 139–169 (2002)
Kobsa, A.: Adapting Web Information to Disabled and Elderly Users (invited talk). Web- Net-99, Honolulu, HI (1999), http://www.ics.uci.edu/~kobsa/papers/1999-webnet99-kobsa.pdf
Peppers, D., Rogers, M.: The One to One Future: Building Relationships One Customer at a Time. Currency Doubleday, New York (1993)
Peppers, D., Rogers, M.: Enterprise One to One: Tools for Competing in the Interactive Age. Currency Doubleday, New York (1997)
Forrester Research: The Privacy Best Practise. Cambridge, MA (September 1999)
Hof, R., Green, H., Himmelstein, L.: Now it’s YOUR WEB. Business Week October 5, pp. 68–75 (1998)
Personalization & Privacy Survey. Personalization Consortium (2000), http://www.personalization.org/SurveyResults.pdf
Thompson, M.: Registered Visitors Are a Portal’s Best Friend. The Industry Standard, June 7 (1999), http://www.thestandard.net
Brand Conversion. ICONOCAST (1999), http://www.iconocast.com/issue/1999102102.html
Recommender Systems in E-Commerce (2000), http://www.cs.umn.edu/Research/GroupLens/slides-2.pdf
Cooperstein, D., Delhagen, K., Aber, A., Levin, K.: Making Net Shoppers Loyal. Forrester Research, Cambridge, MA (June 1999)
Peppers, D., Rogers, M., Dorf, B.: The One to One Fieldbook. Currency Doubleday, New York (1999)
Kobsa, A., Koenemann, J., Pohl, W.: Personalized Hypermedia Presentation Techniques for Improving Customer Relationships. The Knowledge Engineering Review 16, 111–155 (2001), http://www.ics.uci.edu/~kobsa/papers/2001-KER-kobsa.pdf
Teltzrow, M., Kobsa, A.: Impacts of User Privacy Preferences on Personalized Systems - a Comparative Study. In: CHI-2003 Workshop Designing Personalized User Experiences for eCommerce: Theory, Methods, and Research, Fort Lauderdale, FL (2003), http://www.ics.uci.edu/~kobsa/papers/2003-CHI-teltzrow-kobsa.pdf
Spiekermann, S., Grossklags, J., Berendt, B.: E-privacy in 2nd Generation ECommerce: Privacy Preferences versus Actual Behavior. In: EC 2001: Third ACM Conference on Electronic Commerce, Tampa, FL, pp. 38–47 (2001), http://doi.acm.org/10.1145/501158.501163
A Collection and Systematization of International Privacy Laws, with Special Consideration of Internationally Operating Personalized Websites (2002), http://www.ics.uci.edu/~kobsa/privacy
Teleservices Data Protection Law (Article 3 of the Law on the Legal Requirements for Electronic Business Dealings of 14 December 2001). German Federal Law Gazette 1, 3721 (2001), http://www.iid.de/iukdg/aktuelles/fassung_tdg_eng.pdf
Kobsa, A.: Generic User Modeling Systems. User Modeling and User-Adapted Interaction 11, 49–63 (2001), http://www.ics.uci.edu/~kobsa/papers/2001-UMUAI-kobsa.pdf
EU: Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of such Data. Official Journal of the European Communities (1995) 31ff (October 1995), http://158.169.50.95:10080/legal/en/dataprot/directiv/directiv.html.7
Brusilivsky, P.: Adaptive and Intelligent Technologies for Web-based Education. KI 4, 19–25 (2000), http://www2.sis.pitt.edu/~peterb/papers/KI-review.html
EU: Directive 2002/58/EC of the European Parliament and of the Council Concerning the Processing of Personal Data and the Protection of Privacy in the Electronic Communications Sector (2002), http://register.consilium.eu.int/pdf/en/02/st03/03636en2.pdf
Décret no 99-200 du 17 mars 1999 définissant les catégories de moyens et de prestations de cryptologie dispensées de toute formalité préalable. Le Journal officiel de la République française (1999), http://www.legifrance.gouv.fr/WAspad/UnTexteDeJorf?numjo=PRMX9903477D
Self-Regulatory Principles for Online Preference Marketing by Network Advisers. Network Advertising Initiative (2000), http://www.networkadvertising.org/images/NAI_Principles.pdf
Schreck, J.: Security and Privacy in User Modeling. Kluwer Academic Publishers, Dordrecht (2003), http://www.security-and-privacy-in-user-modeling.info
Kobsa, A., Schreck, J.: Privacy through Pseudonymity in User-Adaptive Systems. ACM Transactions on Internet Technology 3, 149–183 (2003), http://www.ics.usi.edu/~kobsa/papers/2003-TOIT-kobsa.pdf
GVU’s 10th WWW User Survey. Graphics, Visualization and Usability Lab, Georgia Tech (1998), http://www.cc.gatech.edu/gvu/user_surveys/survey-1998-10/
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic Databases. In: 28th International Conference on Very Large Databases, Hong Kong, China (2002), http://www.vldb.org/conf/2002/S05P02.pdf
Enterprise Privacy Architecture: Securing Returns on E-Business (2002), http://www-1.ibm.com/services/files/epaexecbrief.pdf
Karjoth, G., Schunter, M., Waidner, M.: Privacy-Enabled Services for Enterprises. In: International Workshop on Trust and Privacy in Digital Business (Trustbus 2002), Aix-en- Provence, France, pp. 483–487 (2002)
Karjoth, G., Schunter, M., Waidner, M.: Platform for Enterprise Privacy Practices: Privacy-enabled Management of Customer Data. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 69–84. Springer, Heidelberg (2003)
Karjoth, G., Schunter, M.: A Privacy Policy Model for Enterprises. In: 15th Computer Security Foundations Workshop (CSFW 2002), Cape Breton, Nova Scotia, Canada, pp. 271–281 (2002)
Fischer-Hübner, S.: IT-Security and Privacy: Design and Use of Privacy-Enhancing Security Mechanisms. LNCS, vol. 1958. Springer, Heidelberg (2001)
Szyperski, C.: Component Software: Beyond Object-Oriented Programming. Addison-Wesley, Reading (1998)
Heineman, G.T., Councill, W.T.: Component Based Software Engineering: Putting the Pieces Together. Addison-Wesley, Reading (2001)
Liu, C.: Redundant Arrays of Independent Components. School of Information and Computer Science, Irvine, CA. University of California, Berkeley (2002)
Liu, C., Richardson, D.J.: Research Directions in RAICs. ACM SIGSOFT Software Engineering Notes 27 (2002)
Liu, C., Richardson, D.J.: The RAIC Architectural Style. School of Information and Computer Science, Irvine, CA. University of California, Berkeley (2002)
A P3P Preference Exchange Language 1.0 (APPEL1.0): W3C Working Draft April 15 (2002), http://www.w3.org/TR/P3P-preferences
The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. W3C Recommendation April 16 (2002), http://www.w3.org/TR/P3P/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kobsa, A. (2003). A Component Architecture for Dynamically Managing Privacy Constraints in Personalized Web-Based Systems. In: Dingledine, R. (eds) Privacy Enhancing Technologies. PET 2003. Lecture Notes in Computer Science, vol 2760. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-40956-4_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-40956-4_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20610-1
Online ISBN: 978-3-540-40956-4
eBook Packages: Springer Book Archive