Transcript PRIVAD: Practical Privacy in ONLINE ADVERTISING

PRIVAD: PRACTICAL PRIVACY
IN ONLINE ADVERTISING
Offense: Arindam Paul
An “Utopian” Assumption

“Our design assumes that privacy advocates will be
hard to win over, and therefore favors privacy concerns
over business concerns”
 We
are talking about advertisement
 This has got to do everything with business
 Nothing which affects profitability of the big players is
going to work in the real world

Why would the brokers (e.g. Google) even agree to
be bound to such a model ?
What they themselves say?


“Entrenched players like Google have strong
incentives, lobbying power and the capital needed
to maintain the status quo”
“Powerful ISPs successfully resisted new regulations
threatening their business model”
 So,
why now they would be ready now ?
Third Parties

None of the models which have suggested usage of a
3rd party has worked in real life.
 “For
sale: Your Data, By: You” by Riederer et.al
 This paper

How to arrange for trusted/untrusted 3rd parties is an
unsolved problem in the Internet community
 Reasons
 Greed
cited:
(business sense), politics, etc.
Significant change from current model

Adding two extra redirections in an already
complex model (Publisher, Broker, Advertiser)
 Dealer
 Monitor
(at Client)
Dealer


Run by “untrusted third party organizations”
Paper states cost of dealer will be met by
 “privacy
advocates” ???
 No such instance of funding found even in “more”
privacy aware EU
Monitor at Client

No real incentive
 For
testing, MSR paid money for installing
 Depended on “forgetfulness” of these paid users to
collect data
BETTER & SIMPLER ALTERNATIVES
What Privacy Advocates say?

Softer requirements of “Privacy Advocates”
 “Individuals
be able to control their personal information”
 “Hold accountable organizations responsible”

Much easily possible by simple browser extensions
and “Opt Out” features
Ad Block Plus


Gives option of removing ads altogether
“Privad is not aimed for users that disable ads
altogether”
Ad Block Plus also allows option of keeping of relevant
ads
 Present well before 2011

Do Not Track
Other Extensions

Some Internet and software development firms have
created individual browser extensions that permit
users to opt out of tracking cookies from a wide
range of advertising networks.
 Targeted
Advertising Cookie Opt-Out (TACO) helps
Internet users avoid and remove tracking cookies from
27 advertising networks.
SERIOUS LIMITATIONS
CLICK-FRAUD
 Per
User Thresholds
 Blacklist
 Honeyfarms
 Historical Statistics
 Premium Clicks
 Bait Ads

“Overall these mechanisms have effect of more-orless putting Privad back on an even footing with
current ad networks as far as click-fraud”
CLICK FRAUD AND DEPLOYMENT


No mention of click-fraud detection success in the
evaluation
If this is so successful, why not any measurement
results ?
Ads at localhost



Does Google or well-known brokers not better at
understanding user profiles and giving ads ?
Tries to mimic the broker algorithms ???
They suggest a “simple” broker model
 Doubt
Google would like or trust these “Ads”
 Most of their money is driven by
personalized/contextual ads
Malware

“Malware today can learn anything. The client is able to
learn, and so not protecting against this threat does not
qualitatively change anything.”
 ???
 Malware
gets ready-made profiled data
 No need to monitor over time to build data

Actually, this gives an incentive to un-trusted
organizations to steal and then sell private data
 Google
 The
or XYZ ?
assumption of “honest but curious” no longer holds for XYZ
Practicality and Novelty

“Privad scales to present-day needs”

No testing on mobile users ???


“During 12 months deployment, we have not received any
negative feedback”


Battery usage
7 days contract ???
General lack of Novelty
Very similar to previous Hotnets Paper
 No real addition
 Still only pilot testing
 No mention of any revenue model

“After the click happens”

“Privad gives unscrupulous advertisers more
information than they get today”
 Will

the “privacy-advocates” not say anything now?
No clear mention of CPI, CPC and CPA
 Almost
every ad paper has these terms
What the research community say ?

First author in his next paper: “Need to adequately
explore how to operate the auctions that are critical
to current advertising systems. Without this
component, these systems leave unanswered what
revenue the broker (i.e. an ad network like Google)
can earn, thereby reducing the likelihood that a nontracking advertising system will be of commercial
interest.”
What the research community say ?


“These proposals require a shift in the paradigm of
online advertising, where the ad brokers relinquish the
control of the way profiling and matching is
performed and rely on a weaker client-side model of
the user, which seems unlikely in the near-term.”Korolova A., Journal of Privacy and Confidentiality
“Privad can not trust ad-networks and anonymizes
every piece of information sent by the client. This
anonymization impacts performance and makes clickfraud harder to detect.”-Toubiana et. Al (Adnostic)
THANK YOU