Transcript Online Privacy Issues Overview
Privacy
Week 5 - February 13, 15
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 1
Privacy laws
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 2
Terminology
Data subject • The person whose data is collected Data controller • The entity responsible for collected data Primary use of personal information (primary purpose) • Using information for the purposes intended by the data subjects when they provided the information Secondary use of personal information (secondary purpose) • Using information for purposes that go beyond the primary purpose
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 3
OECD fair information principles
http://www.datenschutz berlin.de/gesetze/internat/ben.htm
Collection limitation Data quality Purpose specification Use limitation Security safeguards Openness Individual participation Accountability
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 4
US FTC simplified principles
Notice and disclosure Choice and consent Data security Data quality and access Recourse and remedies US Federal Trade Commission, Privacy Online: A Report to Congress (June 1998),
http://www.ftc.gov/reports/privacy3/ Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 5
Laws and regulations
Privacy laws and regulations vary widely throughout the world US has mostly sector-specific laws, with relatively minimal protections • Federal Trade Commission has jurisdiction over fraud and deceptive practices • Federal Communications Commission regulates telecommunications European Data Protection Directive requires all European Union countries to adopt similar comprehensive privacy laws • Privacy commissions in each country (some countries have national and state commissions) • Many European companies non-compliant with privacy laws (2002 study found majority of UK web sites non-compliant) • Safe Harbor allows US companies to self-certify compliance
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 6
US law basics
Constitutional law governs the rights of individuals with respect to the government Tort law governs disputes between private individuals or other private entities
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 7
US Constitution
No explicit privacy right, but a
zone of privacy penumbras
, including • • • • • 1st amendment (right of association) recognized in its 3rd amendment (prohibits quartering of soldiers in homes) 4th amendment (prohibits unreasonable search and seizure) 5th amendment (no self-incrimination) 9th amendment (all other rights retained by the people) Penumbra: “fringe at the edge of a deep shadow create by an object standing in the light” (Smith 2000, p. 258, citing Justice William O. Douglas in
Griswold v. Connecticut
)
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 8
Federal statutes and state laws
Federal statutes • Tend to be narrowly focused State law • State constitutions may recognize explicit right to privacy (Georgia, Hawaii) • • State statutes and common (tort) law Local laws and regulations (for example: ordinances on soliciting anonymously)
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 9
Four aspects of privacy tort
You can sue for damages for the following torts (Smith 2000, p. 232-233) • Disclosure of truly intimate facts May be truthful Disclosure must be widespread, and offensive or objectionable to a person of ordinary sensibilities Must not be newsworthy or legitimate public interest • False light Personal information or picture published out of context • • Misappropriation (or right of publicity) Commercial use of name or face without permission Intrusion into a person’s solitude
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 10
Some US privacy laws
Bank Secrecy Act, 1970 Fair Credit Reporting Act, 1971 Privacy Act, 1974 Right to Financial Privacy Act, 1978 Cable TV Privacy Act, 1984 Video Privacy Protection Act, 1988 Family Educational Right to Privacy Act, 1993 Electronic Communications Privacy Act, 1994 Freedom of Information Act, 1966, 1991, 1996
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 11
US law – recent additions
HIPAA (Health Insurance Portability and Accountability Act, 1996) • When implemented, will protect medical records and other individually identifiable health information COPPA (Children‘s Online Privacy Protection Act, 1998) • Web sites that target children must obtain parental consent before collecting personal information from children under the age of 13 GLB (Gramm-Leach-Bliley-Act, 1999) • Requires privacy policy disclosure and opt-out mechanisms from financial service institutions
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 12
Safe harbor
Membership • • US companies self-certify adherence to requirements Dept. of Commerce maintains signatory list http://www.export.gov/safeharbor/ • Signatories must provide notice of data collected, purposes, and recipients choice of opt-out of 3rd-party transfers, opt-in for sensitive data access rights to delete or edit inaccurate information security for storage of collected data enforcement mechanisms for individual complaints Approved July 26, 2000 by EU • reserves right to renegotiate if remedies for EU citizens prove to be inadequate
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 13
Privacy policies
Policies let consumers know about site’s privacy practices Consumers can decide whether practices are acceptable, when to opt-out Presence increases consumer trust Make companies subject to FTC privacy related enforcement Rapid adoption 1998-2001* * G.R. Milne and M.J. Culnan 2002. Using the Content of Online Privacy Notices to Inform Public Policy: A Longitudinal Analysis of the 1998-2002 US Web Surveys.
The Information Society 18,
5, 245-359.
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 14
Privacy policy problems
BUT policies are often • • • • difficult to understand hard to find take a long time to read change without notice
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 15
Privacy policy components
Identification of site, scope, contact info Security assurances Types of information collected • Including information about cookies Children’s privacy How information is used Conditions under which information might be shared Information about opt-in/opt-out There is lots of information to convey -- but policy should be brief and easy-to-read too!
Information about access Information about data retention policies Information about seal programs What is opt-in? What is opt-out?
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 16
How are online privacy concerns different from offline privacy concerns?
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 17
Web privacy concerns
Data is often collected silently • Web allows large quantities of data to be collected inexpensively and unobtrusively Data from multiple sources may be merged • Non-identifiable information can become identifiable when merged Data collected for business purposes may be used in civil and criminal proceedings Users given no meaningful choice • Few sites offer alternatives
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 18
Browser Chatter
Browsers chatter about • IP address, domain name, organization, • • • Referring page Platform: O/S, browser What information is requested URLs and search terms • Cookies To anyone who might be listening • • • End servers System administrators Internet Service Providers • Other third parties Advertising networks • Anyone who might subpoena log files later
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 19
Typical HTTP request with cookie
GET /retail/searchresults.asp?qu= beer HTTP/1.0
Referer:
http://www.us.buy.com/default.asp
User-Agent:
i386) Mozilla/4.75 [en] (X11; U; NetBSD 1.5_ALPHA
Host:
www.us.buy.com
Accept:
image/gif, image/jpeg, image/pjpeg, */*
Accept-Language:
en
Cookie:
buycountry=us ; dcLocName=Basket; dcCatID=6773; dcLocID=6773; dcAd=buybasket; loc=; parentLocName=Basket; parentLoc=6773; ShopperManager%2F=ShopperManager%2F=66FUQU LL0QBT8MMTVSC5MMNKBJFWDVH7; Store=107; Category=0 Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 20
Referer log problems
GET methods result in values in URL
These URLs are sent in the referer header to next host
Example:
http://www.merchant.com/cgi_bin/o rder?name=Tom+Jones&address=here +there&credit+card=234876923234& PIN=1234&->index.html
Access log example
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 21
Cookies
What are cookies?
What are people concerned about cookies?
What useful purposes do cookies serve?
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 22
Cookies 101
Cookies can be useful • Used like a staple to attach multiple parts of a form together • Used to identify you when you return to a web site so you don’t have to remember a password • Used to help web sites understand how people use them Cookies can do unexpected things • Used to profile users and track their activities, especially across web sites
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 23
How cookies work – the basics
A cookie stores a small string of characters A web site asks your browser to “set” a cookie Whenever you return to that site your browser sends the cookie back automatically Please store cookie xyzzy Here is cookie xyzzy
site browser site browser First visit to site Later visits Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 24
How cookies work – advanced
Cookies are only sent back to the “site” that set them – but this may be any host in domain • Sites setting cookies indicate path, domain, and expiration for cookies Cookies can store user info or a database key that is used to look up user info – either way the cookie enables info to be linked to the current browsing session Send me with any request to x.com until 2008 Send me with requests for index.html on y.x.com for this session only User=Joe Email= Joe@ x.com
Visits=13
Database Users … Email … Visits …
User=4576 904309
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 25
Cookie terminology
Cookie Replay – sending a cookie back to a site Session cookie – cookie replayed only during current browsing session Persistent cookie – cookie replayed until expiration date First-party cookie – cookie associated with the site the user requested Third-party cookie – cookie associated with an image, ad, frame, or other content from a site with a different domain name that is embedded in the site the user requested • Browser interprets third-party cookie based on domain name, even if both domains are owned by the same company
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 26
Web bugs
Invisible “images” (1-by-1 pixels, transparent) embedded in web pages and cause referer info and cookies to be transferred Also called web beacons, clear gifs, tracker gifs,etc.
Work just like banner ads from ad networks, but you can’t see them unless you look at the code behind a web page Also embedded in HTML formatted email messages, MS Word documents, etc. For software to detect web bugs see:
http://www.bugnosis.org
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 27
How data can be linked
Every time the same cookie is replayed to a site, the site may add information to the record associated with that cookie • • • • Number of times you visit a link, time, date What page you visit What page you visited last Information you type into a web form If multiple cookies are replayed together, they are usually logged together, effectively linking their data • Narrow scoped cookie might get logged with broad scoped cookie
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 28
Ad networks
search for medical information set cookie Ad buy CD replay cookie Ad
Search Service
Ad company can get your name and address from CD order and link them to your search
CD Store Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 29
What ad networks may know…
Personal data: • • • Email address Full name Mailing address (street, city, state, and Zip code) • Phone number Transactional data: • • Details of plane trips Search phrases used at search engines • Health conditions
“It was not necessary for me to click on the banner ads for information to be sent to DoubleClick servers.” –
Richard M. Smith
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 30
Online and offline merging
In November 1999, DoubleClick purchased Abacus Direct, a company possessing detailed consumer profiles on more than 90% of US households.
In mid-February 2000 DoubleClick announced plans to merge “anonymous” online data with personal information obtained from offline databases By the first week in March 2000 the plans were put on hold • Stock dropped from $125 (12/99) to $80 (03/00)
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 31
Offline data goes online…
The Cranor family’s 25 most frequent grocery purchases (sorted by nutritional value)!
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 32
Subpoenas
Data on online activities is increasingly of interest in civil and criminal cases The only way to avoid subpoenas is to not have data In the US, your files on your computer in your home have much greater legal protection that your files stored on a server on the network
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 33
P3P: Introduction
Original Idea behind P3P
A framework for automated privacy discussions • Web sites disclose their privacy practices in standard machine-readable formats • Web browsers automatically retrieve P3P privacy policies and compare them to users’ privacy preferences • Sites and browsers can then negotiate about privacy terms
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 34
P3P: Introduction
P3P history
Idea discussed at November 1995 FTC meeting Ad Hoc “Internet Privacy Working Group” convened to discuss the idea in Fall 1996 W3C began working on P3P in Summer 1997 • Several working groups chartered with dozens of participants from industry, non-profits, academia, government • Numerous public working drafts issued, and feedback resulted in many changes • • • Early ideas about negotiation and agreement ultimately removed Automatic data transfer added and then removed Patent issue stalled progress, but ultimately became non-issue P3P issued as official W3C Recommendation on April 16, 2002 •
http://www.w3.org/TR/P3P/ Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 35
P3P: Introduction
P3P1.0 – A first step
Offers an easy way for web sites to communicate about their privacy policies in a standard machine-readable format • Can be deployed using existing web servers This will enable the development of tools that: • • • Provide snapshots of sites’ policies Compare policies with user preferences Alert and advise the user
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 36
P3P: Introduction
The basics
P3P provides a standard XML format that web sites use to encode their privacy policies Sites also provide XML “policy reference files” to indicate which policy applies to which part of the site Sites can optionally provide a “compact policy” by configuring their servers to issue a special P3P header when cookies are set No special server software required User software to read P3P policies called a “P3P user agent”
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 37
P3P: Enabling your web site – overview and options
What’s in a P3P policy?
Name and contact information for site The kind of access provided Mechanisms for resolving privacy disputes The kinds of data collected How collected data is used, and whether individuals can opt-in or opt-out of any of these uses Whether/when data may be shared and whether there is opt-in or opt-out Data retention policy
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 38
P3P/XML encoding
Site’s name and contact info
ref="#business.contact-info.online.uri">http://p3pbook.com/ Human-readable explanation
P3P: Introduction
P3P1.0 Spec Defines
A standard vocabulary for describing set of uses, recipients, data categories, and other privacy disclosures A standard schema for data a Web site may wish to collect (base data schema) An XML format for expressing a privacy policy in a machine readable way A means of associating privacy policies with Web pages or sites A protocol for transporting P3P policies over HTTP
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 40
P3P: Introduction
A simple HTTP transaction
GET /index.html HTTP/1.1
Host: www.att.com
. . .
Request web page
Web Server HTTP/1.1 200 OK Content-Type: text/html . . .
Send web page
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 41
P3P: Introduction
… with P3P 1.0 added
GET /w3c/p3p.xml HTTP/1.1
Host: www.att.com
Request Policy Reference File Send Policy Reference File
Web Server
Request P3P Policy Send P3P Policy
GET /index.html HTTP/1.1
Host: www.att.com
. . .
Request web page
HTTP/1.1 200 OK Content-Type: text/html . . .
Send web page
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 42
P3P: Introduction
Transparency
P3P clients can check a privacy policy each time it changes
http://www.att.com/accessatt/
P3P clients can check privacy policies on all objects in a web page, including ads and invisible images
http://adforce.imgis.com/?adlink|2|68523|1|146|ADFORCE Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 43
P3P: Introduction
P3P in IE6
Automatic processing of compact policies only; third-party cookies without compact policies blocked by default Privacy icon on status bar indicates that a cookie has been blocked appears – pop-up appears the first time the privacy icon Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 44
P3P: Introduction Users can click on privacy icon for list of cookies; privacy summaries are available at sites that are P3P-enabled Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 45
P3P: Introduction Privacy summary report is generated automatically from full P3P policy Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 46
P3P: Introduction
P3P in Netscape 7
Preview version similar to IE6, focusing, on cookies; cookies without compact policies (both first-party and third-party) are “flagged” rather than blocked by default Indicates flagged cookie Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 47
P3P: Introduction Users can view English translation of (part of) compact policy in Cookie Manager Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 48
P3P: Introduction A policy summary can be generated automatically from full P3P policy Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 49
Privacy Bird
Free download of beta from
http://privacybird.com/
• • Origninally developed at AT&T Labs Released as open source “Browser helper object” for IE6 Reads P3P policies at all P3P-enabled sites automatically Bird icon at top of browser window indicates whether site matches user’s privacy preferences Clicking on bird icon gives more information
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 50
Chirping bird is privacy indicator
Red bird indicates mismatch
Check embedded content too
Privacy settings
Example: Sending flowers
Privacy Finder
Prototype developed at AT&T Labs, improved and deployed by CUPS Uses Google or Yahoo! API to retrieve search results Checks each result for P3P policy Evaluates P3P policy against user’s preferences Reorders search results Composes search result page with privacy annotations next to each P3P-enabled result Users can retrieve “Privacy Report” similar to Privacy Bird policy summary
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 58
Demo
Is Privacy Finder useful?
Do users care about web site privacy?
Have enough web sites adopted P3P that typical search results contain sites with P3P policies?
• Do users have meaningful choices among privacy policies?
Do users understand information provided by Privacy Finder?
Does Privacy Finder influence online purchasing decisions?
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 60
Have enough sites adopted P3P?
We weren’t sure, so we did a study….
• Draft paper at http://lorrie.cranor.org/pubs/www06.pdf
Previous studies examined lists of “most popular” web sites for P3P adoption, but this gives incomplete picture
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 61
Methodology
Compiled two lists of search terms: • Typical: 20,000 terms randomly sampled from one week of AOL user search queries • Ecommerce: 940 terms screen scraped from Froogle front page Submitted search terms to Google, Yahoo!, and AOL search engines and collected top 20 results for each term Checked each result for P3P policy and evaluated policies against 5 “rulesets” and P3P validator Saved 1,232,955 annotated search results in database Separately checked for P3P policies on 30,000 domains most clicked on by AOL search engine users
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 62
Results: P3P deployment
10% of results from typical search terms have P3P 21% of results from ecommerce search terms have P3P More popular sites are more likely to have P3P • 5% of sites in our cache have P3P • 9% of 30K most clicked on domains have P3P • 17% of clicks to 30K most clicked on domains have P3P Most clicked on domains
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 63
Results: Most popular P3P policies
Typical Terms http://privacy.yahoo.com/ http://about.com/ http://privacy.msn.com/ http://disney.go.com/ http://images.rootsweb.com/ http://adserver.ign.com/ http://www.nlm.nih.gov/ http://www.bizrate.com/ http://www.superpages.com/ http://www.shopping.com/ Ecommerce Terms http://privacy.yahoo.com/ http://about.com/ http://www.bizrate.com/ http://www0.shopping.com/ http://www.shopping.com/ http://www.pricegrabber.com/ http://www.cpsc.gov/ http://www.overstock.com/ http://www.cooking.com/ http://www.altrec.com/
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 64
Results: Frequency of P3P-enabled hits
83% of searches had at least one P3P-enabled site in top 20 results 68% of searches had at least one P3P-enabled site in top 10 results For top 20 search results returned by AOL search engine for typical search terms: • 29% return at least 1 P3P-enabled hit that
matches medium privacy preferences
• • • 34% return at least 1 P3P-enabled hit in that
does not share data
31% return at least 1 P3P-enabled hit that
does not market without opt-in
Thus, ~ 1/3 of the time AOL users will find site with “good” privacy policy in first 2 pages of results
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 65
Does Privacy Finder influence purchases?
Studies begun and more planned….
• Pay users to make online purchases with their own credit cards • Some use Privacy Finder and some use generic search engine • Experiment with more and less privacy sensitive purchases • Experiment with price-sensitivity Our studies have found that Privacy Finder does influence purchases for some people
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 66
P3P: Introduction
Why web sites adopt P3P
Demonstrate corporate leadership on privacy issues • • Show customers they respect their privacy Demonstrate to regulators that industry is taking voluntary steps to address consumer privacy concerns Distinguish brand as privacy friendly Prevent IE6 from blocking their cookies Anticipation that consumers will soon come to expect P3P on all web sites Individuals who run sites value personal privacy
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 67
P3P: Introduction
P3P early adopters
News and information sites – CNET, About.com, BusinessWeek Search engines – Yahoo, Lycos Ad networks – DoubleClick, Avenue A Telecom companies – AT&T Financial institutions – Fidelity Computer hardware and software vendors – IBM, Dell, Microsoft, McAfee Retail stores – Fortunoff, Ritz Camera Government agencies – FTC, Dept. of Commerce, Ontario Information and Privacy Commissioner Non-profits - CDT
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 68
P3P: The future
Impacts
Some companies that P3P-enable think about privacy in new ways and change their practices • • • Systematic assessment of privacy practices Concrete disclosures – less wiggle room Disclosures about areas previously not discussed in privacy policy Hopefully we will see greater transparency, more informed consumers, and ultimately better privacy policies
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 69
Research and Communication Skills
Evaluating information sources
Don’t believe everything you read!
News sources are usually a reporter's interpretation of what someone else did Conference and journal papers are first hand reports of research studies that have been peer reviewed • but journals usually have more review than conferences Technical reports are usually first hand reports of research studies that have not been peer reviewed (yet) • Look for subsequent conference or journal publications Web sites and books are anything goes, but books at least have an editor (usually) When possible, cite research results and technical information from peer reviewed sources
Computers and Society • Carnegie Mellon University • Spring 2007 • Cranor/Tongia • http://cups.cs.cmu.edu/courses/compsoc-sp07/ 70