-
Conflicting Privacy Preference Signals in the Wild
Authors:
Maximilian Hils,
Daniel W. Woods,
Rainer Böhme
Abstract:
Privacy preference signals allow users to express preferences over how their personal data is processed. These signals become important in determining privacy outcomes when they reference an enforceable legal basis, as is the case with recent signals such as the Global Privacy Control and the Transparency & Consent Framework. However, the coexistence of multiple privacy preference signals creates…
▽ More
Privacy preference signals allow users to express preferences over how their personal data is processed. These signals become important in determining privacy outcomes when they reference an enforceable legal basis, as is the case with recent signals such as the Global Privacy Control and the Transparency & Consent Framework. However, the coexistence of multiple privacy preference signals creates ambiguity as users may transmit more than one signal. This paper collects evidence about ambiguity flowing from the aforementioned two signals and the historic Do Not Track signal. We provide the first empirical evidence that ambiguous signals are sent by web users in the wild. We also show that preferences stored in the browser are reliable predictors of privacy preferences expressed in web dialogs. Finally, we provide the first evidence that popular cookie dialogs are blocked by the majority of users who adopted the Do Not Track and Global Privacy Control standards. These empirical results inform forthcoming legal debates about how to interpret privacy preference signals.
△ Less
Submitted 29 September, 2021;
originally announced September 2021.
-
Privacy Preference Signals: Past, Present and Future
Authors:
Maximilian Hils,
Daniel W. Woods,
Rainer Böhme
Abstract:
Privacy preference signals are digital representations of how users want their personal data to be processed. Such signals must be adopted by both the sender (users) and intended recipients (data processors). Adoption represents a coordination problem that remains unsolved despite efforts dating back to the 1990s. Browsers implemented standards like the Platform for Privacy Preferences (P3P) and D…
▽ More
Privacy preference signals are digital representations of how users want their personal data to be processed. Such signals must be adopted by both the sender (users) and intended recipients (data processors). Adoption represents a coordination problem that remains unsolved despite efforts dating back to the 1990s. Browsers implemented standards like the Platform for Privacy Preferences (P3P) and Do Not Track (DNT), but vendors profiting from personal data faced few incentives to receive and respect the expressed wishes of data subjects. In the wake of recent privacy laws, a coalition of AdTech firms published the Transparency and Consent Framework (TCF), which defines an opt-in consent signal. This paper integrates post-GDPR developments into the wider history of privacy preference signals. Our main contribution is a high-frequency longitudinal study describing how TCF signal gained dominance as of February 2021. We explore which factors correlate with adoption at the website level. Both the number of third parties on a website and the presence of Google Ads are associated with higher adoption of TCF. Further, we show that vendors acted as early adopters of TCF 2.0 and provide two case-studies describing how Consent Management Providers shifted existing customers to TCF 2.0. We sketch ways forward for a pro-privacy signal.
△ Less
Submitted 14 July, 2021; v1 submitted 4 June, 2021;
originally announced June 2021.
-
Watching the Weak Link into Your Home: An Inspection and Monitoring Toolkit for TR-069
Authors:
Maximilian Hils,
Rainer Böhme
Abstract:
TR-069 is a standard for the remote management of end-user devices by service providers. Despite being implemented in nearly a billion devices, almost no research has been published on the security and privacy aspects of TR-069. The first contribution of this paper is a study of the TR-069 ecosystem and techniques to inspect TR-069 communication. We find that the majority of analyzed providers do…
▽ More
TR-069 is a standard for the remote management of end-user devices by service providers. Despite being implemented in nearly a billion devices, almost no research has been published on the security and privacy aspects of TR-069. The first contribution of this paper is a study of the TR-069 ecosystem and techniques to inspect TR-069 communication. We find that the majority of analyzed providers do not use recommended security measures, such as TLS. Second, we present a TR-069 honeyclient to both analyze TR-069 behavior of providers and test configuration servers for security vulnerabilities. We find that popular open-source configuration servers use insecure methods to authenticate clients. TR-069 implementations based on these servers expose, for instance, their users' internet telephony credentials. Third, we develop components for a distributed system to continuously monitor activities in providers' TR-069 deployments. Our setup consists of inexpensive hardware sensors deployed on customer premises and centralized log collectors. We perform real-world measurements and find that the purported security benefits of TR-069 are not realized as providers' firmware update processes are lacking.
△ Less
Submitted 8 January, 2020;
originally announced January 2020.
-
Tractable Set Constraints
Authors:
Manuel Bodirsky,
Martin Hils,
Alex Krimkevich
Abstract:
Many fundamental problems in artificial intelligence, knowledge representation, and verification involve reasoning about sets and relations between sets and can be modeled as set constraint satisfaction problems (set CSPs). Such problems are frequently intractable, but there are several important set CSPs that are known to be polynomial-time tractable. We introduce a large class of set CSPs that c…
▽ More
Many fundamental problems in artificial intelligence, knowledge representation, and verification involve reasoning about sets and relations between sets and can be modeled as set constraint satisfaction problems (set CSPs). Such problems are frequently intractable, but there are several important set CSPs that are known to be polynomial-time tractable. We introduce a large class of set CSPs that can be solved in quadratic time. Our class, which we call EI, contains all previously known tractable set CSPs, but also some new ones that are of crucial importance for example in description logics. The class of EI set constraints has an elegant universal-algebraic characterization, which we use to show that every set constraint language that properly contains all EI set constraints already has a finite sublanguage with an NP-hard constraint satisfaction problem.
△ Less
Submitted 18 July, 2012; v1 submitted 6 April, 2011;
originally announced April 2011.
-
On the Scope of the Universal-Algebraic Approach to Constraint Satisfaction
Authors:
Barnaby Martin,
Manuel Bodirsky,
Martin Hils
Abstract:
The universal-algebraic approach has proved a powerful tool in the study of the complexity of CSPs. This approach has previously been applied to the study of CSPs with finite or (infinite) omega-categorical templates, and relies on two facts. The first is that in finite or omega-categorical structures A, a relation is primitive positive definable if and only if it is preserved by the polymorphism…
▽ More
The universal-algebraic approach has proved a powerful tool in the study of the complexity of CSPs. This approach has previously been applied to the study of CSPs with finite or (infinite) omega-categorical templates, and relies on two facts. The first is that in finite or omega-categorical structures A, a relation is primitive positive definable if and only if it is preserved by the polymorphisms of A. The second is that every finite or omega-categorical structure is homomorphically equivalent to a core structure. In this paper, we present generalizations of these facts to infinite structures that are not necessarily omega-categorical. (This abstract has been severely curtailed by the space constraints of arXiv -- please read the full abstract in the article.) Finally, we present applications of our general results to the description and analysis of the complexity of CSPs. In particular, we give general hardness criteria based on the absence of polymorphisms that depend on more than one argument, and we present a polymorphism-based description of those CSPs that are first-order definable (and therefore can be solved in polynomial time).
△ Less
Submitted 18 March, 2013; v1 submitted 28 September, 2009;
originally announced September 2009.
