Abstract
The main goal of this chapter is to present a state-of the-art of behavioural tracking on the Internet and to highlight some of the resulting potential privacy threats. This chapter is structured as follows: First section introduces the concept of behavioural tracking. The following sections describe how tracking is performed by web sites, location-based services and social networks, respectively. Final section presents some of the existing tracking-prevention solutions. Finally, the author concludes the report and proposes some recommendations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Computational advertising is a new scientific sub-discipline whose main challenge is to find the best ad to present to a user engaged in a given context (Broder and Josifovski 2010).
- 2.
Some sites included JavaScript code and third-party cookies from more than ten different tracking domains (Eckersley 2009).
- 3.
The largest third-party Ad-network companies include Advertising.com, Tacoda, DoubleClick and Omniture. Most of these networks are owned by Google, Yahoo, AOL or Microsoft. Since Ad-networks are typically partnered with many publishers, they can track users across several publishers and build these users’ browsing profiles.
- 4.
http://foursquare.com/.
- 5.
http://gowalla.com/.
- 6.
http://twitter.com/.
- 7.
http://pleaserobme.com/.
- 8.
http://www.google.com/latitude/.
- 9.
http://maps.google.com/.
- 10.
http://maps.yahoo.com/.
- 11.
http://earth.google.com/.
- 12.
http://facebook.com/.
- 13.
http://www.myspace.com/.
- 14.
http://www.orkut.com/.
- 15.
http://www.linkedin.com/.
- 16.
http://www.tribe.net/.
- 17.
http://www.loopts.com/.
- 18.
http://www.reclaimprivacy.org/.
- 19.
The Disapora project, see http://www.joindiaspora.com/.
References
Aggrawal, G., E. Bursztein, C. Jackson, and D. Boneh. 2010. An analysis of private browsing modes in modern browsers. Proceedings of 19th Usenix Security Symposium. Washington D.C., U.S.A.
Ashkan, S., S. Canty, M. Quentin, T. Lauren, and J. Chris. 2009. Flash cookies and privacy. Technical report, University of California, Berkeley. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1446862. Accessed in November 2010.
Barbaro, M., and T. Zeller. 2006. A face is exposed for AOL searcher no. 4417749. New York Times, 9. August.
Blumberg, A., and P. Eckersley. 2009. On locational privacy, and how to avoid losing it forever. http://www.eff.org/wp/locational-privacy. Accessed in November 2010.
Boulton, C. 2010. Google CEO Schmidt Pitches autonomous search, flirts with aI. http://www.eweek.com/c/a/Search-Engines/Google-CEO-Schmidt-Pitches-Autonomous-Search-Flirts-with-AI-259984/1/. Accessed in November 2010.
Broder, A., and V. Josifovski. 2010. Introduction to computational advertising. http://www.stanford.edu/class/msande239/. Accessed in November 2010.
Campbell, A. T., S. B. Eisenman, N. D. Lane, E. Miluzzo, and R. A. Peterson. 2006. People-centric urban sensing (invited paper). Proceedings of the Second ACM/IEEE International Conference on Wireless Internet. Boston, MA, U.S.A.
Castelluccia, C., E. De Cristofaro, and D. Perito. 2010. Private information disclosure from web searches. Proceedings of the 2010 Privacy Enhancing Technologies Symposium (PETS). Berlin, Germany.
Castelluccia, C., and D. Kaafar. 2009. Ocn: Owner-centric networking. In Future Internet Security and Trust (FIST) workshop. Seattle, WA, U.S.A.
Chew, M., D. Balfanz, and B. Laurie. 2008. (under) mining privacy in social networks. Web 2.0 Security and Privacy workshop. Oakland, CA, U.S.A.
Cleff, E. B. 2007. Privacy issues in mobile advertising. International Review of Law, Computers & Technology 21 (3): 225–236.
Conti, G. 2009. Googling security: How much does Google know about you? Boston: Addison-Wesley.
Conti, G., and E. Sobiesk. 2007. An honest man has nothing to fear: User perceptions on web-based information disclosure. Proceedings of the 3rd SOUPS’ 07, New York, pp. 112–121.
Daniel, L. M. 2010. Privacy by design: A matter of choice. In Data protection in a profiled world, ed. S. Gutwirth, Y. Poullet, P. De Hert, 323. Verlag: Springer.
Dingledine, R., N. Mathewson, and P. Syverson. 2004. Tor: The second-generation onion router. Proceedings of Usenix security symposium. San Diego, CA, U.S.A.
Dixon, P. 2011. Consumer tips: How to opt-out of cookies that track you. http://www.worldprivacyforum.org/cookieoptout.html. Accessed in July 2011.
Dwyer, C. 2009. Behavioral targeting: A case study of consumer tracking on levis.com. Proceedings of Fifteen Americas Conference on Information Systems. San Francisco, CA, U.S.A.
Eckersley, P. 2009. How online tracking companies know most of what you do online. https://www.eff.org/deeplinks/2009/09/online-trackers-and-social-networks. Accessed in November 2010.
Eckersley, P. 2010. How unique is your web browser? Proceedings of the 2010 Privacy Enhancing Technologies Symposium (PETS). Berlin, Germany.
ENISA. 2011. Privacy, accountability and trust challenges and opportunities. Technical report, ENISA.
Friedland, G., and R. Sommer. 2010. Cybercasing the joint: On the privacy implication of geo-tagging. Usenix Workshop on Hot Topics in Security. Washington D.C., U.S.A.
Greene, K. 2008. Reality mining. http://www.technologyreview.com/read_article.aspx?id=20247&ch=specialsections&sc=emerging08&pg=1. Accessed in November 2010.
Gross, R., A. Acquisti, and H. Heinz. 2005. Information revelation and privacy in online social networks. WPES. Alexandria, VA, U.S.A.
Hildebrandt, M. 2006. Profiling: from data to knowledge. DuD: Datenschutz und Datensicherheit 30(9).
Johnson, C. 2009. Project Gaydar. http://www.boston. com/bostonglobe/ideas/articles/2009/09/20/project_gaydar_an_mit_ experiment_raises_new_questions_about_online_privacy/. Accessed in November 2010.
Kamkar, S. 2010. Evercookie—never forget. http://samy.pl/evercookie/. Accessed in November 2010.
Kirkpatrick, M. 2010. Google CEO Schmidt: ”people aren’t ready for the technology revolution”,. http://www.readwriteweb.com/archives/google_ceo_schmidt_people_arent_ready_for_the_tech.php. Accessed in November 2010.
Krishnamurthy, B., and C. Wills 2008. Characterizing privacy in online social networks. In WOSN’ 08: Proceedings of the first workshop on Online social networks. Seattle, WA, U.S.A.
Krishnamurthy, B., and C. Wills 2009a. On the leakage of personally identifiable information via online social networks. In WOSN’ 09: the second workshop on Online social networks. Barcelona, Spain.
Krishnamurthy, B., and C. Wills. 2009b. Privacy diffusion on the web: a longitudinal perspective. In WWW’ 09: Proceedings of the 18th international conference on World wide web. ACM. Madrid, Spain.
Krishnamurthy, B., and C. Wills. 2009c. Privacy diffusion on the web: A longitudinal perspective (updated graphs). http://www.ftc.gov/os/comments/privacyroundtable/544506-00009.pdf. Accessed in November 2010.
Krishnamurthy, B., and C. Wills. 2010. Privacy leakage in mobile online social networks. In WOSN’ 10: Proceedings of the third workshop on Online social networks. Boston, MA, U.S.A.
Krumm, J. 2010. Ubiquitous advertising: The killer application for the 21st century. IEEE Pervasive Computing.
Macmanus, M. 2009. A guide to recommender systems. http://www.readwriteweb.com/archives/recommender_systems.php. Accessed in November 2010.
McKinley, K. 2008. Cleaning up after cookies. Technical report, iSEC PARTNERS. https://www.isecpartners.com/files/iSEC_Cleaning_Up_After_Cookies.pdf. Accessed in November 2010.
Miluzzo, E., N. Lane, K. Fodor, R. Peterson, H. Lu, M. Musolesi, S. B. Eis, X. Zheng, S. EisenMan, and A. Campbell 2008. Sensing meets mobile social networks: The design, implementation and evaluation of the cenceme application. Proceedings 6th ACM Conference on Embedded Networked Sensor Systems (SenSys’ 08). Raleigh, NC, U.S.A.
Narayanan, A. 2010. Do not track explained. http://33bits.org/2010/09/20/do-not-track-explained/. Accessed in November 2010.
Raphael, J. R. 2011. Apple vs. Android location tracking: Time for some truth. http://blogs.computerworld.com/18190/apple_android_location_tracking. Accessed in July 2011.
Schneier, B. 2009. Architecture of privacy. IEEE Security and Privacy.
Schoen, S. 2009. New cookie technologies: Harder to see and remove, widely used to track you. http://www.eff.org/deeplinks/2009/09/new-cookie-technologies-harder-see-and-remove-wide. Accessed in November 2010.
Zheleva, E., and L. Getoor. 2009. To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles. In International World Wide Web Conference (WWW). Madrid, Spain.
Zhong, G., I. Goldberg, and U. Hengartner. 2007. Louis, lester and pierre: Three protocols for location privacy. Proceedings of the 2007 Privacy Enhancing Tsechnologies Symposium (PETS). Ottawa, Canada.
Acknowledgement
The author would like to thank the members of the INRIA Planete group for discussions and for proofreading this chapter. He would also thank Levente Buttyan, Imad Aad, Aurelien Francillon, Bala Krishnamurthy, Emiliano De Cristofaro and many others for providing comments on this chapter. Finally, the author would like to thank ENISA and more particularly Rodica Tirtea who was at the origin of this work and chapter. This chapter was published as a section of the Privacy, Accountability and Trust Challenges and Opportunities report, published by ENISA (2011).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer Science+Business Media B.V.
About this chapter
Cite this chapter
Castelluccia, C. (2012). Behavioural Tracking on the Internet: A Technical Perspective. In: Gutwirth, S., Leenes, R., De Hert, P., Poullet, Y. (eds) European Data Protection: In Good Health?. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-2903-2_2
Download citation
DOI: https://doi.org/10.1007/978-94-007-2903-2_2
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-2902-5
Online ISBN: 978-94-007-2903-2
eBook Packages: Humanities, Social Sciences and LawLaw and Criminology (R0)