Respecting Users’ Individual Privacy Constraints in Web Personalization

  • Yang Wang
  • Alfred Kobsa
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4511)


Web personalization has demonstrated to be advantageous for both online customers and vendors. However, its benefits may be severely counter acted by privacy constraints. Personalized systems need to take users’ privacy concerns into account, as well as privacy laws and industry self-regulation that may be in effect. In this paper, we first discuss how these constraints may affect web-based personalized systems. We then explain in what way current approaches to this problem fall short of their aims, specifically regarding the need to tailor privacy to the constraints of each individual user. We present a dynamic privacy-enhancing user modeling framework as a superior alternative, which is based on a software product line architecture. Our system dynamically selects personalization methods during runtime that respect users’ current privacy concerns as well as the privacy laws and regulations that apply to them.


User Modeling Privacy Concern Software Product Line Privacy Preference Privacy Constraint 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Personal Communication, Chief Privacy Officer, Disney Corporation (2002)Google Scholar
  2. 2.
    Personal Communication, Chief Privacy Officer, IBM Zurich (2003)Google Scholar
  3. 3.
    ArchStudio: ArchStudio 3.0 (2005)
  4. 4.
    Bosch, J.: Design and Use of Software Architectures: Adopting and Evolving a Product-Line Approach. Addison-Wesley, New York (2000)Google Scholar
  5. 5.
    Buffett, S., Jia, K., Liu, S., Spencer, B., Wang, F.: Negotiating Exchanges of P3P-Labeled Information for Compensation. Computational Intelligence 20, 663–677 (2004)CrossRefMathSciNetGoogle Scholar
  6. 6.
    Cranor, L., Langheinrich, M., Marchiori, M.: A P3P Preference Exchange Language 1.0 (APPEL1.0): W3C Working Draft (April 15, 2002)Google Scholar
  7. 7.
    German Teleservices Data Protection Act 1997, as amended on (December 14, 2001)Google Scholar
  8. 8.
    Directive 95/46/EC of the European Parliament and of the Council of 24 October, on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of such Data. Official Journal of the European Communities, p. 31ff (1995)Google Scholar
  9. 9.
    Directive 2002/58/EC of the European Parliament and of the Council Concerning the Processing of Personal Data and the Protection of Privacy in the Electronic Communications Sector (2002)Google Scholar
  10. 10.
    Gandon, F.L., Sadeh, N.M.: Semantic Web Technologies to Reconcile Privacy and Context Awareness. Journal of Web Semantics 1, 241–260 (2004)Google Scholar
  11. 11.
    Gelle, E., Sabin, M.: Solving Methods for Conditional Constraint Satisfaction. In: The Eighteenth International Joint Conference on Artificial Intelligence, Workshop on Configuration, Acapulco, Mexico, pp. 7–12 (2003)Google Scholar
  12. 12.
    Gray, J., Bapty, T., Neema, S., Tuck, J.: Handling crosscutting constraints in domain-specific modeling. Communications of the ACM 44, 87–93 (2001)CrossRefGoogle Scholar
  13. 13.
    Hoek, A.v.d.: Design-Time Product Line Architectures for Any-Time Variability. Science of Computer Programming, special issue on Software Variability Management 53, 285–304 (2004)Google Scholar
  14. 14.
    Hoek, A.v.d., Mikic-Rakic, M., Roshandel, R., Medvidovic, N.: Taming Architectural Evolution. In: The Sixth European Software Engineering Conference (ESEC) and the Ninth ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE-9), Vienna, Austria, pp. 1–10 (2001)Google Scholar
  15. 15.
    Kobsa, A.: A Component Architecture for Dynamically Managing Privacy in Personalized Web-based Systems. In: Privacy Enhancing Technologies: Third International Workshop, pp. 177–188. Dresden, Germany (2003)Google Scholar
  16. 16.
    Kobsa, A.: Generic User Modeling Systems. In: Brusilovsky, P., Kobsa, A., Nejdl, W. (eds.) The Adaptive Web: Methods and Strategies of Web Personalization, pp. 136–154. Springer-Verlag, Heidelberg, Germany (2007)Google Scholar
  17. 17.
    Kobsa, A.: Privacy-Enhanced Web Personalization. In: Brusilovsky, P., Kobsa, A., Nejdl, W. (eds.) The Adaptive Web: Methods and Strategies of Web Personalization, pp. 628–670. Springer-Verlag, Heidelberg, Germany (2007)Google Scholar
  18. 18.
    Kobsa, A., Fink, J.: An LDAP-Based User Modeling Server and its Evaluation. User Modeling and User-Adapted Interaction: The Journal of Personalization Research 16, 129–169 (2006)CrossRefGoogle Scholar
  19. 19.
    Kobsa, A., Schreck, J.: Privacy through Pseudonymity in User-Adaptive Systems. ACM Transactions on Internet Technology 3, 149–183 (2003)CrossRefGoogle Scholar
  20. 20.
    Preibusch, S.: Personalized Services with Negotiable Privacy Policies. PEP06, CHI 2006 Workshop on Privacy-Enhanced Personalization, Montreal, Canada, pp. 29–38 (2006)Google Scholar
  21. 21.
    Schunter, M., Powers, C.: The Enterprise Privacy Authorization Language (EPAL 1.1): Reader’s Guide to the Documentation. IBM Research Laboratory (2003)Google Scholar
  22. 22.
    Teltzrow, M., Kobsa, A.: Impacts of User Privacy Preferences on Personalized Systems: a Comparative Study. In: Karat, C.-M., Blom, J., Karat, J. (eds.) Designing Personalized User Experiences for eCommerce, pp. 315–332. Kluwer Academic Publishers, Dordrecht, Netherlands (2004)CrossRefGoogle Scholar
  23. 23.
    Wang, Y., Kobsa, A., van der Hoek, A., White, J.: PLA-based Runtime Dynamism in Support of Privacy-Enhanced Web Personalization. In: The 10th International Software Product Line Conference, Baltimore, MD, pp. 151–162 (2006)Google Scholar
  24. 24.
    Wang, Y., Zhaoqi, C., Kobsa, A.: A Collection and Systematization of International Privacy Laws, with Special Consideration of Internationally Operating Personalized Websites (2006)
  25. 25.
    Wenning, R., Schunter, M.(eds.): The Platform for Privacy Preferences 1.1 (P3P1.1) Specification: W3C Working Group Note (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Yang Wang
    • 1
  • Alfred Kobsa
    • 1
  1. 1.Donald Bren School of Information and Computer Sciences, University of California, IrvineU.S.A.

Personalised recommendations