A Quantitative Information Flow Analysis of the Topics API
- URL: http://arxiv.org/abs/2309.14746v1
- Date: Tue, 26 Sep 2023 08:14:37 GMT
- Title: A Quantitative Information Flow Analysis of the Topics API
- Authors: Mário S. Alvim, Natasha Fernandes, Annabelle McIver, Gabriel H. Nunes,
- Abstract summary: We analyze the re-identification risk for individual Internet users introduced by the Topics API from the perspective of information- and decision-theoretic framework.
Our model allows a theoretical analysis of both privacy and utility aspects of the API and their trade-off, and we show that the Topics API does have better privacy than third-party cookies.
- Score: 0.34952465649465553
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: Third-party cookies have been a privacy concern since cookies were first developed in the mid 1990s, but more strict cookie policies were only introduced by Internet browser vendors in the early 2010s. More recently, due to regulatory changes, browser vendors have started to completely block third-party cookies, with both Firefox and Safari already compliant. The Topics API is being proposed by Google as an additional and less intrusive source of information for interest-based advertising (IBA), following the upcoming deprecation of third-party cookies. Initial results published by Google estimate the probability of a correct re-identification of a random individual would be below 3% while still supporting IBA. In this paper, we analyze the re-identification risk for individual Internet users introduced by the Topics API from the perspective of Quantitative Information Flow (QIF), an information- and decision-theoretic framework. Our model allows a theoretical analysis of both privacy and utility aspects of the API and their trade-off, and we show that the Topics API does have better privacy than third-party cookies. We leave the utility analyses for future work.
Related papers
- Fingerprinting and Tracing Shadows: The Development and Impact of Browser Fingerprinting on Digital Privacy [55.2480439325792]
Browser fingerprinting is a growing technique for identifying and tracking users online without traditional methods like cookies.
This paper gives an overview by examining the various fingerprinting techniques and analyzes the entropy and uniqueness of the collected data.
arXiv Detail & Related papers (2024-11-18T20:32:31Z) - Browsing without Third-Party Cookies: What Do You See? [5.181502547611254]
Third-party web cookies are often used for privacy-invasive behavior tracking.
To understand the effects of such third-party cookieless browsing, we crawled and measured the top 10,000 Tranco websites.
We develop a framework to remove third-party cookies and analyze the differences between the appearance of web pages with and without these cookies.
arXiv Detail & Related papers (2024-10-14T17:47:43Z) - How Unique is Whose Web Browser? The role of demographics in browser fingerprinting among US users [50.699390248359265]
Browser fingerprinting can be used to identify and track users across the Web, even without cookies.
This technique and resulting privacy risks have been studied for over a decade.
We provide a first-of-its-kind dataset to enable further research.
arXiv Detail & Related papers (2024-10-09T14:51:58Z) - PriRoAgg: Achieving Robust Model Aggregation with Minimum Privacy Leakage for Federated Learning [49.916365792036636]
Federated learning (FL) has recently gained significant momentum due to its potential to leverage large-scale distributed user data.
The transmitted model updates can potentially leak sensitive user information, and the lack of central control of the local training process leaves the global model susceptible to malicious manipulations on model updates.
We develop a general framework PriRoAgg, utilizing Lagrange coded computing and distributed zero-knowledge proof, to execute a wide range of robust aggregation algorithms while satisfying aggregated privacy.
arXiv Detail & Related papers (2024-07-12T03:18:08Z) - The Privacy-Utility Trade-off in the Topics API [0.34952465649465553]
We analyze the re-identification risks for individual Internet users and the utility provided to advertising companies by the Topics API.
We provide theoretical results dependent only on the API parameters that can be readily applied to evaluate the privacy and utility implications of future API updates.
arXiv Detail & Related papers (2024-06-21T17:01:23Z) - A first look into Utiq: Next-generation cookies at the ISP level [3.434440572295625]
Third-party cookies have been widely used for years, they have also been criticized for their potential impact on user privacy.
Many browsers allow users to block third-party cookies, which limits their usefulness for advertisers.
We take a first look at Utiq, a new way of user tracking performed directly by the ISP, to substitute the third-party cookies.
arXiv Detail & Related papers (2024-05-15T09:23:59Z) - A Public and Reproducible Assessment of the Topics API on Real Data [1.1510009152620668]
The Topics API for the web is Google's privacy-enhancing alternative to replace third-party cookies.
Results of prior work have led to an ongoing discussion about the capability of Topics to trade off both utility and privacy.
This paper shows on real data that Topics does not provide the same privacy guarantees to all users and that the information leakage worsens over time.
arXiv Detail & Related papers (2024-03-28T17:03:44Z) - TeD-SPAD: Temporal Distinctiveness for Self-supervised
Privacy-preservation for video Anomaly Detection [59.04634695294402]
Video anomaly detection (VAD) without human monitoring is a complex computer vision task.
Privacy leakage in VAD allows models to pick up and amplify unnecessary biases related to people's personal information.
We propose TeD-SPAD, a privacy-aware video anomaly detection framework that destroys visual private information in a self-supervised manner.
arXiv Detail & Related papers (2023-08-21T22:42:55Z) - On the Robustness of Topics API to a Re-Identification Attack [6.157783777246449]
Google proposed the Topics API framework as a privacy-friendly alternative for behavioural advertising.
This paper evaluates the robustness of the Topics API to a re-identification attack.
We find that the Topics API mitigates but cannot prevent re-identification to take place, as there is a sizeable chance that a user's profile is unique within a website's audience.
arXiv Detail & Related papers (2023-06-08T10:53:48Z) - Having your Privacy Cake and Eating it Too: Platform-supported Auditing
of Social Media Algorithms for Public Interest [70.02478301291264]
Social media platforms curate access to information and opportunities, and so play a critical role in shaping public discourse.
Prior studies have used black-box methods to show that these algorithms can lead to biased or discriminatory outcomes.
We propose a new method for platform-supported auditing that can meet the goals of the proposed legislation.
arXiv Detail & Related papers (2022-07-18T17:32:35Z) - Algorithmic Fairness Datasets: the Story so Far [68.45921483094705]
Data-driven algorithms are studied in diverse domains to support critical decisions, directly impacting people's well-being.
A growing community of researchers has been investigating the equity of existing algorithms and proposing novel ones, advancing the understanding of risks and opportunities of automated decision-making for historically disadvantaged populations.
Progress in fair Machine Learning hinges on data, which can be appropriately used only if adequately documented.
Unfortunately, the algorithmic fairness community suffers from a collective data documentation debt caused by a lack of information on specific resources (opacity) and scatteredness of available information (sparsity)
arXiv Detail & Related papers (2022-02-03T17:25:46Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.