research-article

Non-tracking web analytics

Authors:

Istemi Ekin Akkus,

Michaela Hardt,

Johannes GehrkeAuthors Info & Claims

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Pages 687 - 698

https://doi.org/10.1145/2382196.2382268

Published: 16 October 2012 Publication History

Abstract

Today, websites commonly use third party web analytics services t obtain aggregate information about users that visit their sites. This information includes demographics and visits to other sites as well as user behavior within their own sites. Unfortunately, to obtain this aggregate information, web analytics services track individual user browsing behavior across the web. This violation of user privacy has been strongly criticized, resulting in tools that block such tracking as well as anti-tracking legislation and standards such as Do-Not-Track. These efforts, while improving user privacy, degrade the quality of web analytics. This paper presents the first design of a system that provides web analytics without tracking. The system gives users differential privacy guarantees, can provide better quality analytics than current services, requires no new organizational players, and is practical to deploy. This paper describes and analyzes the design, gives performance benchmarks, and presents our implementation and deployment across several hundred users.

Supplementary Material

ZIP File (fp002.zip)

zip file of all sources and figures.

Download
1.81 MB

References

[1]

Abine. http://www.abine.com/.

[2]

Analytics Technology Web Usage Statistics. http://trends.builtwith.com/analytics. Aug 2, 2012.

[3]

AW Stats - Free log file analyzer for advanced statistics (GNU GPL). http://awstats.sourceforge.net.

[4]

BlueKai Consumers. http://bluekai.com/consumers_optout.php.

[5]

BrightTag ONE-Click Privacy. http://www.brighttag.com/privacy/.

[6]

Doubleclick Ad Planner by Google. https://www.google.com/adplanner/planning/site_profile#siteDetailsuid=rottentomatoes.com&geo=US. Aug 2, 2012.

[7]

EasyPrivacy. http://easylist.adblockplus.org/.

[8]

FatCow Web Hosting. http://www.fatcow.com.

[9]

Ghostery. http://www.ghostery.com/.

[10]

Google Public Policy Blog | Keep your opt-outs. http://googlepublicpolicy.blogspot.com/2011/01/keep-your-opt-outs.html.

[11]

Internet Explorer 9 Tracking Protection Lists. http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/faq.html.

[12]

iPage Web Hosting. http://www.ipage.com.

[13]

Lawsuit accuses comScore of extensive privacy violations. http://www.computerworld.com/s/article/9219444/Lawsuit_accuses_comScore_of_extensive_privacy_violations.

[14]

Open Web Analytics. http://openwebanalytics.com.

[15]

Piwik Web Analytics. http://piwik.org.

[16]

Piwik Web Hosting. http://www.arvixe.com/piwik_hosting.

[17]

Privacy Lawsuit Targets Net Giants Over 'Zombie' Cookies. http://www.wired.com/threatlevel/2010/07/zombie-cookies-lawsuit.

[18]

Quantcast Clearspring Flash Cookie Class Action Settlement. http://www.topclassactions.com/lawsuit-settlements/lawsuit-news/920.

[19]

Quantcast Opt-Out. http://www.quantcast.com/how-we-do-it/consumer-choice/opt-out/.

[20]

Safari Adds Do Not Track Features. http://mashable.com/2011/04/14/safari-do-not-track.

[21]

The Mozilla Blog | Mozilla Firefox 4 Beta, now including "Do Not Track" capabilities. http://blog.mozilla.com/blog/2011/02/08.

[22]

Tor Project. https://www.torproject.org/.

[23]

Traffic and Demographic Statistics by Quantcast. http://www.quantcast.com/rottentomatoes.com? country=US#!demo. Aug 2, 2012.

[24]

Usage Statistics and Market Share of Traffic Analysis Tools. http://w3techs.com/technologies/overview/traffic_analysis/all. Aug 2, 2012.

[25]

W3 - BlueKai Proposal for Browser Based Do-Not-Track Functionality. http://www.w3.org/2011/track-privacy/papers/BlueKai.pdf.

[26]

M. Abe and E. Fujisaki. How to date blind signatures. In Advances in Cryptology -- ASIACRYPT '96. 1996.

Digital Library

[27]

B. Applebaum, H. Ringberg, M. J. Freedman, M. Caesar, and J. Rexford. Collaborative, Privacy-preserving Data Aggregation at Scale. In PETS, 2010.

Digital Library

[28]

B. Barak, K. Chaudhuri, C. Dwork, S. Kale, F. McSherry, and K. Talwar. Privacy, accuracy, and consistency too: a holistic solution to contingency table release. In PODS, 2007.

Digital Library

[29]

A. Birgisson, F. McSherry, and M. Abadi. Differential privacy with information flow control. In PLAS, 2011.

Digital Library

[30]

T. Cao, D. Lin, and R. Xue. A Randomized RSA-based Partially Blind Signature Scheme for Electronic Cash. Computers & Security, 24(1), 2005.

[31]

D. L. Chaum. Blind Signatures for Untraceable Payments. Advances in Cryptology (CRYPTO), 1982.

[32]

R. Chen, A. Reznichenko, P. Francis, and J. Gehrke. Towards Statistical Queries over Distributed Private User Data. In NSDI, 2012.

Digital Library

[33]

Y. Duan, J. Canny, and J. Z. Zhan. P4p: Practical large-scale privacy-preserving distributed computation robust against malicious users. In USENIX Security Symposium, pages 207--222, 2010.

Digital Library

[34]

C. Dwork. Differential Privacy. In ICALP, 2006.

Digital Library

[35]

C. Dwork. Differential Privacy: A Survey of Results. In TAMC, pages 1--19, 2008.

Digital Library

[36]

C. Dwork, K. Kenthapadi, F. McSherry, I. Mironov, and M. Naor. Our Data, Ourselves: Privacy Via Distributed Noise Generation. In EUROCRYPT, pages 486--503, 2006

Digital Library

[37]

C. Dwork, F. McSherry, K. Nissim, and A. Smith. Calibrating Noise to Sensitivity in Private Data Analysis. In TCC, pages 265--284, 2006.

Digital Library

[38]

Z. Eslami and M. Talebi. A New Untraceable Off-line Electronic Cash System. Electronic Commerce Research and Applications, 10(1):59 -- 66, 2011.

Digital Library

[39]

M. Gotz and S. Nath. Privacy-Aware Personalization for Mobile Advertising. In Microsoft Research Technical Report MSR-TR-2011-92, 2011.

[40]

S. Guha, B. Cheng, and P. Francis. Privad: Practical Privacy in Online Advertising. In NSDI, 2011.

Digital Library

[41]

M. Hay, V. Rastogi, G. Miklau, and D. Suciu. Boosting the accuracy of differentially private histograms through consistency. Proc. VLDB Endow., 3(1-2), Sept. 2010.

Digital Library

[42]

D. Kifer and B.-R. Lin. Towards an axiomatization of statistical privacy and utility. In PODS, 2010.

Digital Library

[43]

A. Korolova, K. Kenthapadi, N. Mishra, and A. Ntoulas. Releasing search queries and clicks privately. In WWW, pages 171--180, 2009.

Digital Library

[44]

F. D. McSherry. Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In SIGMOD, 2009.

Digital Library

[45]

A. Nandi, A. Aghasaryan, and M. Bouzid. P3: A Privacy Preserving Personalization Middleware for Recommendation-based Services. In HotPETS, 2011.

[46]

K. P. N. Puttaswamy, R. Bhagwan, and V. N. Padmanabhan. Anonygator: Privacy and Integrity Preserving Data Aggregation. In International Conference on Middleware, 2010.

Digital Library

[47]

V. Rastogi and S. Nath. Differentially private aggregation of distributed time-series with transformation and encryption. In SIGMOD Conference, pages 735--746, 2010.

Digital Library

[48]

F. Roesner, T. Kohno, and D. Wetherall. Detecting and Defending Against Third-Party Tracking on the Web. In NSDI, 2012.

Digital Library

[49]

A. Sabelfeld and A. Myers. Language-based information-flow security. Selected Areas in Communications, IEEE Journal on, 21(1), 2003.

Digital Library

[50]

E. Shi, T.-H. H. Chan, E. G. Rieffel, R. Chow, and D. Song. Privacy-Preserving Aggregation of Time-Series Data. In NDSS, 2011.

[51]

V. Toubiana, A. Narayanan, D. Boneh, H. Nissenbaum, and S. Barocas. Adnostic: Privacy preserving targeted advertising. In NDSS, 2010.

Cited By

Sakas DKamperos ITerzi M(2022)The Long-Term Risk Familiarity Effect on Courier Services’ Digital Branding during the COVID-19 CrisisJournal of Theoretical and Applied Electronic Commerce Research10.3390/jtaer1704008417:4(1655-1684)Online publication date: 1-Dec-2022
https://doi.org/10.3390/jtaer17040084
Ullah IBoreli RKanhere S(2022)Privacy in targeted advertising on mobile devices: a surveyInternational Journal of Information Security10.1007/s10207-022-00655-x22:3(647-678)Online publication date: 24-Dec-2022
https://doi.org/10.1007/s10207-022-00655-x
Sakas DKamperos IReklitis P(2021)Estimating Risk Perception Effects on Courier Companies’ Online Customer Behavior during a Crisis, Using Crowdsourced DataSustainability10.3390/su13221272513:22(12725)Online publication date: 17-Nov-2021
https://doi.org/10.3390/su132212725
Show More Cited By

Index Terms

Non-tracking web analytics
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Web analytics and metrics: a survey
ICACCI '12: Proceedings of the International Conference on Advances in Computing, Communications and Informatics

This is a survey paper which gives some different types of Web Analytics metrics and how the data is collected related to these metrics. As we know with the increasing need to meet customer preferences and to understand customer behavior, Web Analytics ...
Evolution of web tracking protection in Chrome
Abstract
In our society, protecting users’ privacy is of utmost importance, especially when users access websites. Increased awareness of privacy concerns has led web browsers to implement new mechanisms to improve privacy while browsing the Internet. In ...
A Privacy-Protecting Business-Analytics Service for On-Line Transactions

Analysis of consumer-related and consumer-generated data is a very important way to measure the success of on-line retailing. The software packages for data analysis have two major shortcomings: (1) solutions are not offered as a service reachable by ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

October 2012

1088 pages

ISBN:9781450316514

DOI:10.1145/2382196

General Chair:
Ting Yu
North Carolina State University, USA
,
Program Chairs:
George Danezis
Microsoft Research Cambridge, UK
,
Virgil Gligor
Carnegie Mellon University, USA

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 October 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'12

Sponsor:

SIGSAC

CCS'12: the ACM Conference on Computer and Communications Security

October 16 - 18, 2012

North Carolina, Raleigh, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

28
Total Citations
View Citations
1,248
Total Downloads

Downloads (Last 12 months)32
Downloads (Last 6 weeks)2

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Sakas DKamperos ITerzi M(2022)The Long-Term Risk Familiarity Effect on Courier Services’ Digital Branding during the COVID-19 CrisisJournal of Theoretical and Applied Electronic Commerce Research10.3390/jtaer1704008417:4(1655-1684)Online publication date: 1-Dec-2022
https://doi.org/10.3390/jtaer17040084
Ullah IBoreli RKanhere S(2022)Privacy in targeted advertising on mobile devices: a surveyInternational Journal of Information Security10.1007/s10207-022-00655-x22:3(647-678)Online publication date: 24-Dec-2022
https://doi.org/10.1007/s10207-022-00655-x
Sakas DKamperos IReklitis P(2021)Estimating Risk Perception Effects on Courier Companies’ Online Customer Behavior during a Crisis, Using Crowdsourced DataSustainability10.3390/su13221272513:22(12725)Online publication date: 17-Nov-2021
https://doi.org/10.3390/su132212725
Mikheev AKrasnov AGriffith RDraganov M(2021)The Interaction Model within Phygital Environment as an Implementation of the Open Innovation ConceptJournal of Open Innovation: Technology, Market, and Complexity10.3390/joitmc70201147:2(114)Online publication date: Jun-2021
https://doi.org/10.3390/joitmc7020114
Jakobi TStevens GSeufert ABecker Mvon Grafenstein M(2020)Web Tracking Under the New Data Protection Law: Design Potentials at the Intersection of Jurisprudence and HCIi-com10.1515/icom-2020-000419:1(31-45)Online publication date: 7-Apr-2020
https://doi.org/10.1515/icom-2020-0004
Xiao YWang CGao X(2020)Evade Deep Image Retrieval by Stashing Private Images in the Hash Space2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)10.1109/CVPR42600.2020.00967(9648-9657)Online publication date: Jun-2020
https://doi.org/10.1109/CVPR42600.2020.00967
Qin LLapets AJansen FFlockhart PAlbab KGlobus-Harris IRoberts SVaria M(2019)From usability to secure computing and back againProceedings of the Fifteenth USENIX Conference on Usable Privacy and Security10.5555/3361476.3361490(191-210)Online publication date: 12-Aug-2019
https://dl.acm.org/doi/10.5555/3361476.3361490
Maffei MMalavolta GReinert MSchröder D(2019)Group ORAM for privacy and access control in outsourced personal recordsJournal of Computer Security10.3233/JCS-17103027:1(1-47)Online publication date: 11-Jan-2019
https://doi.org/10.3233/JCS-171030
Sanchez-Rola IBalzarotti DSantos IBalenson D(2019)BakingTimerProceedings of the 35th Annual Computer Security Applications Conference10.1145/3359789.3359803(478-488)Online publication date: 9-Dec-2019
https://dl.acm.org/doi/10.1145/3359789.3359803
Jakobi TStevens GSeufert ABecker M(2019)Webtracking under the New Data Protection LawProceedings of Mensch und Computer 201910.1145/3340764.3340790(309-319)Online publication date: 8-Sep-2019
https://dl.acm.org/doi/10.1145/3340764.3340790
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents