Crumbled Cookie Exploring E-commerce Websites Cookie Policies with Data Protection Regulations

• URL: http://arxiv.org/abs/2401.05826v1
• Date: Thu, 11 Jan 2024 10:49:14 GMT
• Title: Crumbled Cookie Exploring E-commerce Websites Cookie Policies with Data Protection Regulations
• Authors: Nivedita Singh, Yejin Do, Yongsang Yu. Imane Fouad, Jungrae Kim, Hyoungshick Kim
• Abstract summary: Many websites continue to use cookies to track user activities. Motivated by the question of why these data protection violations occur, we examined whether websites in multiple countries comply with regulations.
• Score: 7.515555018682104
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Despite stringent data protection regulations such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other country-specific regulations, many websites continue to use cookies to track user activities. Recent studies have revealed several data protection violations, resulting in significant penalties, especially for multinational corporations. Motivated by the question of why these data protection violations continue to occur despite strong data protection regulations, we examined 360 popular e-commerce websites in multiple countries to analyze whether they comply with regulations to protect user privacy from a cookie perspective.

Related papers

• Dual-Technique Privacy & Security Analysis for E-Commerce Websites Through Automated and Manual Implementation [2.7039386580759666]
  38.5% of the websites deployed over 50 cookies per session, many of which were categorized as unnecessary or unclear in function. Our manual assessment uncovered critical gaps in standard security practices, including the absence of mandatory multi-factor authentication and breach notification protocols. Based on these findings, we recommend targeted improvements to privacy policies, enhanced transparency in cookie usage, and the implementation of stronger authentication protocols.
  arXiv  Detail & Related papers  (2024-10-19T03:25:48Z)
• SoK: Technical Implementation and Human Impact of Internet Privacy Regulations [2.797211052758564]
  We analyze a set of Internet privacy and data protection regulations drawn from around the world. We develop a taxonomy of rights granted and obligations imposed by these laws. We then leverage this taxonomy to systematize 270 technical research papers.
  arXiv  Detail & Related papers  (2023-12-24T01:48:07Z)
• Characterizing Browser Fingerprinting and its Mitigations [0.0]
  This work explores one of these tracking techniques: browser fingerprinting. We detail how browser fingerprinting works, how prevalent it is, and what defenses can mitigate it.
  arXiv  Detail & Related papers  (2023-10-12T20:31:24Z)
• PrivacyMind: Large Language Models Can Be Contextual Privacy Protection Learners [81.571305826793]
  We introduce Contextual Privacy Protection Language Models (PrivacyMind) Our work offers a theoretical analysis for model design and benchmarks various techniques. In particular, instruction tuning with both positive and negative examples stands out as a promising method.
  arXiv  Detail & Related papers  (2023-10-03T22:37:01Z)
• Protecting User Privacy in Online Settings via Supervised Learning [69.38374877559423]
  We design an intelligent approach to online privacy protection that leverages supervised learning. By detecting and blocking data collection that might infringe on a user's privacy, we can restore a degree of digital privacy to the user.
  arXiv  Detail & Related papers  (2023-04-06T05:20:16Z)
• How Do Input Attributes Impact the Privacy Loss in Differential Privacy? [55.492422758737575]
  We study the connection between the per-subject norm in DP neural networks and individual privacy loss. We introduce a novel metric termed the Privacy Loss-Input Susceptibility (PLIS) which allows one to apportion the subject's privacy loss to their input attributes.
  arXiv  Detail & Related papers  (2022-11-18T11:39:03Z)
• An Example of Privacy and Data Protection Best Practices for Biometrics Data Processing in Border Control: Lesson Learned from SMILE [0.9442139459221784]
  Misuse of data, compromising the privacy of individuals and/or authorized processing of data may be irreversible. This is partly due to the lack of methods and guidance for the integration of data protection and privacy by design in the system development process. We present an example of privacy and data protection best practices to provide more guidance for data controllers and developers.
  arXiv  Detail & Related papers  (2022-01-10T15:34:43Z)
• The Impact of User Location on Cookie Notices (Inside and Outside of the European Union) [3.719580143660037]
  We crawl 1,500 European, American, and Canadian websites from each of 18 countries. Using a series of regression models, we find that the website's Top Level Domain explains a substantial portion of the variance in cookie notice metrics. There is one exception to this finding: cookie notices differ when accessing.com domains from inside versus outside of the EU.
  arXiv  Detail & Related papers  (2021-10-19T10:42:39Z)
• Second layer data governance for permissioned blockchains: the privacy management challenge [58.720142291102135]
  In pandemic situations, such as the COVID-19 and Ebola outbreak, the action related to sharing health data is crucial to avoid the massive infection and decrease the number of deaths. In this sense, permissioned blockchain technology emerges to empower users to get their rights providing data ownership, transparency, and security through an immutable, unified, and distributed database ruled by smart contracts.
  arXiv  Detail & Related papers  (2020-10-22T13:19:38Z)
• A vision for global privacy bridges: Technical and legal measures for international data markets [77.34726150561087]
  Despite data protection laws and an acknowledged right to privacy, trading personal information has become a business equated with "trading oil" An open conflict is arising between business demands for data and a desire for privacy. We propose and test a vision of a personal information market with privacy.
  arXiv  Detail & Related papers  (2020-05-13T13:55:50Z)
• Beyond privacy regulations: an ethical approach to data usage in transportation [64.86110095869176]
  We describe how Federated Machine Learning can be applied to the transportation sector. We see Federated Learning as a method that enables us to process privacy-sensitive data, while respecting customer's privacy.
  arXiv  Detail & Related papers  (2020-04-01T15:10:12Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.