Conference on Web Privacy Measurement


Berkeley Center for Law & Technology
May 31-June 1, 2012
http://www.law.berkeley.edu/12633.htm

As the Web continues to transition from a static collection of documents to an application platform, websites are learning more and more about users. Many forms of Web information sharing pose little privacy risk and provide tremendous benefit to both consumers and businesses. But some Web information practices pose significant privacy problems and have caused concern among consumers, policymakers, advocates, researchers, and others. Data collection is now far more complex than HTTP cookies, and the information available to websites can include a user’s name, contact details, sensitive personal information, and even real-time location. At present there are few restrictions on and scant transparency in Web information practices. There is a growing chasm between what society needs to know about Web tracking and what the privacy measurement community has been able to bring to light.

A number of practitioners, researchers, and advocates have begun to more formally study how websites collect, use, and share information about their users. The goal of the (WPM) is to advance the state of the art and foster a community on how to detect, quantify, and analyze Web information vectors across the desktop and mobile landscapes. Such vectors include browser tracking, such as cookies, flash cookies, the geolocation API, microphone API, and camera API; and server-side tracking, such as browser fingerprinting. We are also interested in the deployment of privacy-preserving technologies, such as HTTPS and proper deployment of P3P. Much work needs to be done in this field. At WPM, we will focus on topics including:

  • How do we standardize measurement terminology and methods to facilitate building on each other’s work?
  • How can we measure the use of personal information once it has been collected?
  • What tools are available for measurement? Are there opportunities for developing collaborative open-source projects or sharing measurement data?
  • Which tracking technologies are possible? Which have been deployed?
  • Are researchers studying the right tracking technologies? How can we tell? How can researchers detect and react to shifts in tracking vectors?
  • What should be the ethics of measurement, including responsible disclosure and terms of service breaches?
  • How can we measure the effectiveness of privacy-preserving personalization technologies?
  • How can measurements be most effectively communicated to users and other stakeholders?