Standardizing and Implementing Do Not Sell

Zimmeck, Sebastian; Alicki, Kuba

doi:10.1145/3411497.3420224

Cited by 12 publications

(11 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…. is considered a sufficiently clear manifestation of opting out" [26]. This argument may not apply in other jurisdictions, especially given some users may adopt Brave for features beyond privacy protection (e.g., cryptotokens).…”

Section: Discussionmentioning

confidence: 99%

“…Do Not Sell signals can also be collected via webpages and stored as cookies, which use the standardized US Privacy String format [4]. These cookies were successfully reset using the OptMeowt add-on for 17 of 30 websites in a recent study [26]. A technical specification for the Advanced Data Protection Control [11] was proposed that could automatically send privacy preference signals including TCF and Do Not Sell, but does not define any new signals in terms of semantics.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Conflicting Privacy Preference Signals in the Wild

Hils¹,

Woods²,

Böhme³

2021

Preprint

View full text Add to dashboard Cite

Privacy preference signals allow users to express preferences over how their personal data is processed. These signals become important in determining privacy outcomes when they reference an enforceable legal basis, as is the case with recent signals such as the Global Privacy Control and the Transparency & Consent Framework. However, the coexistence of multiple privacy preference signals creates ambiguity as users may transmit more than one signal. This paper collects evidence about ambiguity flowing from the aforementioned two signals and the historic Do Not Track signal. We provide the first empirical evidence that ambiguous signals are sent by web users in the wild. We also show that preferences stored in the browser are reliable predictors of privacy preferences expressed in web dialogs. Finally, we provide the first evidence that popular cookie dialogs are blocked by the majority of users who adopted the Do Not Track and Global Privacy Control standards. These empirical results inform forthcoming legal debates about how to interpret privacy preference signals.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Conflicting Privacy Preference Signals in the Wild

Hils¹,

Woods²,

Böhme³

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Further, it is doubtful that many people would find their way to the sites with the choice tools. The identification of privacy choice links in privacy policy text and surfacing the links to the user may ameliorate this problem [5,64], though, it is even easier to write the opt out cookies directly into the browser storage via a browser extension [87]. In any event, as browser vendors are phasing out support for third party cookies [11], cookie-based ad industry opt out sites will be of little relevance going forward.…”

Section: Ad Industry Third Party Opt Out Toolsmentioning

confidence: 99%

Usability and Enforceability of Global Privacy Control

Zimmeck

Wang

Alicki

et al. 2023

PoPETs

View full text Add to dashboard Cite

Web tracking by ad networks and other data-driven businesses is often privacy-invasive. Privacy laws, such as the California Consumer Privacy Act, aim to give people more control over their data. In particular, they provide a right to opt out from web tracking via privacy preference signals, notably Global Privacy Control (GPC). GPC holds the promise of enabling people to exercise their opt out rights on the web. Broad adoption of GPC hinges on its usability. In a usability survey we find that 94% of the participants would turn on GPC indicating a need for such efficient and effective opt out mechanism. 81% of the participants in our survey also have a correct understanding of what GPC does ensuring that their intent is accurately represented by their choice. The effectiveness of GPC is dependent on whether websites' GPC compliance can be enforced. A site's GPC compliance can be analyzed based on privacy flags, such as the US Privacy String, which is used on many sites to indicate the opt out status of a web user. Leveraging the US Privacy String for GPC purposes we implement a proof-of-concept browser extension that successfully and correctly analyzes sites' GPC compliance at a rate of 89%. We further implement a web crawler for our browser extension demonstrating that our analysis approach is scalable. We find that many sites do not respect GPC opt out signals despite being legally obligated to do so. Only 54/464 (12%) sites with a US Privacy String opt out users after having received a GPC signal.

show abstract

“…Furthermore, up to 46.7% of websites that appear in both the 2016 and 2018 Alexa top 100,000 sites stopped using persistent cookies without consumer permission. In the standardization realm, Zimmeck and Alicki [63] focused on "Do Not Sell" requests, which inform the websites that they may not share the consumer's information with third parties. [63] developed a browser extension (OptMeowt) which conveys "Do Not Sell" requests to the websites through headers and cookies.…”

Section: Related Workmentioning

confidence: 99%

VICEROY: GDPR-/CCPA-compliant Enforcement of Verifiable Accountless Consumer Requests

Jordan¹,

Nakatsuka²,

Öztürk³

et al. 2023

Proceedings 2023 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Recent data protection regulations (notably, GDPR and CCPA) grant consumers various rights, including the right to access, modify or delete any personal information collected about them (and retained) by a service provider. To exercise these rights, one must submit a verifiable consumer request proving that the collected data indeed pertains to them. This action is straightforward for consumers with active accounts with a service provider at the time of data collection, since they can use standard (e.g., password-based) means of authentication to validate their requests. However, a major conundrum arises from the need to support consumers without accounts to exercise their rights. To this end, some service providers began requiring such accountless consumers to reveal and prove their identities (e.g., using government-issued documents, utility bills, or credit card numbers) as part of issuing a verifiable consumer request. While understandable and reasonable as a short-term fix, this approach is cumbersome and expensive for service providers as well as privacy-invasive for consumers.Consequently, there is a strong need to provide better means of authenticating requests from accountless consumers. To achieve this, we propose VICEROY, a privacy-preserving and scalable framework for producing proofs of data ownership, which form a basis for verifiable consumer requests. Building upon existing web techniques and features, VICEROY allows accountless consumers to interact with service providers, and later prove that they are the same person in a privacy-preserving manner, while requiring minimal changes for both parties. We design and implement VICEROY with emphasis on security/privacy, deployability, and usability. We also assess its practicality via extensive experiments.

show abstract

Standardizing and Implementing Do Not Sell

Cited by 12 publications

References 4 publications

Conflicting Privacy Preference Signals in the Wild

Conflicting Privacy Preference Signals in the Wild

Usability and Enforceability of Global Privacy Control

VICEROY: GDPR-/CCPA-compliant Enforcement of Verifiable Accountless Consumer Requests

Contact Info

Product

Resources

About