A Tracker Manual for High School Teachers



Similar documents
NAVY COMMAND PRINCIPAL SECURITY ADVISOR RECOMMENDED FACEBOOK SECURITY SETTINGS

e-safety for Parents

How to train your Browser Controller

IST 195 Laboratory Session 8 - Privacy

MOBILE MARKETING. A guide to how you can market your business to mobile phone users. 2 April 2012 Version 1.0

Today s mobile ecosystem means shared responsibility

Hello. If you have any questions that aren t addressed here, feel free to contact our support staff.

Colleen s Interview With Ivan Kolev

Interactive Communications International, Inc. Privacy Policy Your Privacy Rights

INTRODUCTION TO THE WEB

Common Facebook issues

Take Control of your future with this residual income, home based business.

AdvancedMD Online Privacy Statement

DEVELOPING A SOCIAL MEDIA STRATEGY

Facebook Smart Card FB _1800

School Technology 101 for Parents. Tips for Monitoring Your Child s Digital Life

The One Key Thing You Need to Be Successful In Prospecting and In Sales

user guide phone 2015 by Sysco. All rights reserved.

Frequently Asked Questions for the USA TODAY e-newspaper

Brought to you by:

EXHIBIT 2. CityBridge Privacy Policy. Effective November 4, 2014

A Parents Guide to ConnectSafely.org saferinternet.org.uk

The Lukens Company Turning Clicks into Conversions: How to Evaluate & Optimize Online Marketing Channels

Your Privacy Center. Online Privacy Statement. About the Information We Collect

UNDERSTANDING YOUR ONLINE FOOTPRINTS: HOW TO PROTECT YOUR PERSONAL INFORMATION ON THE INTERNET

DESTINATION MELBOURNE PRIVACY POLICY

provided by you upon registration at one of our websites or for one of our games;

Accessing Websites. Mac/PC Compatibility: QuickStart Guide for Business

How To Generate Qualified Leads With Display Ads

Instructions for Configuring Your Browser Settings and Online Security FAQ s. ios8 Settings for iphone and ipad app

How To Be Successful With Social Media And Marketing

Cost Per Action Marketing 101

NOTIFICATION BEST PRACTICES. Reaching Beyond the App to Add Value and Increase Customer Intimacy

Data protection. Protecting your personal information online

3 KEYS To Successful Online LEAD GENERATION For Local Businesses

Creating Online Wealth with Affiliate Marketing

Video #3 Creating Google Accounts Free SEO Training Roadmap Video Training Series

SETTING UP THE NEW FACEBOOK BUSINESS PAGE DESIGN

OVERVIEW OF INTERNET MARKETING

How to get 2 Cents Clicks by Colin Klinkert

Privacy Policy. log in to the Services with social networking credentials;

The Business Owner s Guide to Selecting CRM

NBA Math Hoops Privacy Statement and Children s Privacy Statement Updated October 17, 2013.

One of the fundamental kinds of Web sites that SharePoint 2010 allows

INDEX PRIVACY POLICY...2

Planning a Responsive Website

FAMILY. Reference Guide. Pogoplug Family. Reference Guide Cloud Engines, Inc. All Rights Reserved.

SEO Education 101. By Matt Bush. Visit for the latest internet marketing tips and tactics

Is Web 2.0 Privacy Stuck in 1999, and Can They Do Better?

7 Easy Ways to Raise Money with a Program Book Fundraiser

Consumer research into use of fixed and mobile internet

Pinterest has to be one of my favourite Social Media platforms and I m not alone!

Quick Guide to Getting Started: Twitter for Small Businesses and Nonprofits

Create an ios App using Adobe Flash Side by Side Training, And without using a Mac

Travel agents guide to SMS messaging. How to use SMS messaging for marketing, booking, and customer support

TargetingMantra Privacy Policy

Facebook SVEA TRAINING MODULES.

How to Charge for Access to your Membership Site.

platforms Android BlackBerry OS ios Windows Phone NOTE: apps But not all apps are safe! malware essential

Alerts. Some Alerts give you unique options for customizing the messages you receive. Calendar events, for instance, allow you to set how far in

Tips for a Solid Facebook Fan Page

Using apps safely and securely on your mobile

New Online Banking Guide for FIRST time Login

ZOOMIN.TV PRIVACY POLICY Last updated: 5 August 2014

WHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2

Advantages of Collaboration Tools For Your Business

DARTFISH PRIVACY POLICY

More Enquiries, Same Budget: Solving the B2B Marketer s Challenge

Smartphone garage door opener

Masters dissertation services how many words >>>CLICK HERE<<<

A WEB WITHOUT ADVERTISING

Internet Safety Guide for Parents

A Parents' Guide to ConnectSafely.org

AdwareMedic. About AdwareMedic How to use AdwareMedic Frequently Asked Questions Version History... 9 License Agreement...

Phone Apps for Online Safety Apple and Android

The Basics of Building Credit

What Is Pay Per Click Advertising?

DIGITAL LIFE E-GUIDE. How to Claim Your Online Privacy

Novell Filr. Mobile Client

Cookie Policy. Introduction About Cookies

Reputation Marketing

corporate.ford.com/jobs Privacy Statement

Understanding RSS in Safari

FitCause Privacy Policy

FAMILY GUIDE TO. Mobile Safety. How to keep your children safe and connected in today s mobile world SPONSORED BY:

Website Design Checklist

SAP Digital CRM. Getting Started Guide. All-in-one customer engagement built for teams. Run Simple

Measuring Internet Marketing

8 Ways Quick Application Installations Ruin Performance

PAY-PER-CLICK CALL TRACKING. How Call Tracking Data Can Improve & Optimize Your PPC Strategy

WHAT IS BEHIND THE CONCEPT OF RSS SOURCING WEBSITES?

This guide will go through the common ways that a user can make their computer more secure.

Privacy Policy. MSI may collect information from you on a voluntary basis when you:

Table of Contents. Living In A Mobile World. There s Always An App For That. The UX Challenge. The Facebook + Mobile Opportunity

A Practitioner s Guide to Privacy-Friendly Marketing, Social Media and Online Advertising Practices. By Stacy Martin Mozilla

How we use cookies on our website

The Social Accelerator Setup Guide

Welcome to a whole new level of interactive home security

StartPeeps.com The Start Of A New Social Era

Your Complete Social Intranet Buyer s Guide & Handbook

Transcription:

A Tracker Manual for High School Teachers Thomas Peetz Bettina Berendt Department of Computer Science KU Leuven, Belgium firstname.lastname@cs.kuleuven.be November 19, 2012 This document describes the concept of internet tracking in layman s terms. It is aimed at high school teachers who wish to familiarize themselves and their students with this topic. Suppose you just got together with your new boy- or girlfriend, and you want to share the happy news with your friends. There are many ways to make this information available to them: You can call your friends one by one and tell them. This takes a lot of time, and you will have to repeat the same story over and over. Or you can put up a sign on your front door, so everyone who walks by will know. This saves you a lot of time, but your news will also be visible to people who don t even know you, plus it seems rather impersonal. A very convenient way is to post it on a social network like Facebook, where it will reach all of your friends at once, immediately. As a result, many people prefer this way of communication. Unfortunately, this solution also inherits the disadvantages of the sign. There is a chance that your post also reaches other, unwanted recipients. Since Facebook is all about sharing, by default everyone can see what you put online. So if you are not careful, you will end up telling strangers intimate details of your love life, if not worse things. In principle, and given enough expertise, you can control what becomes known about you. But there are situations in which this is not the case, and where things about yourself can be collected by others regardless of whether you wish it. The methods of this data acquisition are best understood in the offline world. For instance, let s say you go to a shop to buy a new mobile phone. You haven t decided on a specific model, and so you glance over the different options. The shop assistant, eager to sell you the product that is best for you, will observe your behavior and your reactions: If you look at the new iphone for longer than the rest, it probably means that you are interested in it. If you see a high price tag and immediately shy away, it indicates that you cannot or don t want to afford Please cite as: Peetz, T. and Berendt, B. (2012). A tracker manual for high school teachers. Technical report, KU Leuven. http://people.cs.kuleuven.be/bettina.berendt/spion/trackermanual.pdf 1

it. Little by little, your behavior discloses information about your thoughts to the shop assistant, and this information helps him find the right phone for you. Now, most people would agree that this is how things should happen: Besides what you say, an attentive salesman should also react to signals you send out in a less explicit manner, in order to better meet your needs. Let us now change the scenario: Instead of working for the phone shop, the salesman gets a premium on everything he gets you to buy. Now of course he will not stay in his shop anymore! Instead, he will follow you everywhere like a shadow, keeping track of literally everything you look at, writing down your every move and putting your whole life into his log book. On top of that, once he has the faintest idea of what you may like, he pesters you with these products. So wherever you go and whatever you do, not only is it written down by that salesman, but you also are subjected to a nonstop stream of advertisements. This second story may sound very unrealistic, because nobody would tolerate such an annoying tail. However, on the internet, this is precisely what happens. Like in our little tale, it is advertisers who wish to know what their potential customers are interested in, and in order to find out, they do monitor the behavior of users. The tools they use to do so are called trackers, and to picture them as little men following you from webpage to webpage is not too far off. Advertising companies deploy trackers over different parts of the internet, and if you happen to browse these parts, you will be traced. In fact, the technological infrastructure of the internet makes seamless tracing at least theoretically possible. Everything you do online will have to pass through your internet service provider (ISP), hence they can in principle store your every move. Advertisers would certainly like to have access to this kind of data, but no subscriber would tolerate an ISP selling them. Hence, private companies need to run their own tracking systems. This happens in a lot of detail: Trackers are able to tell not only for how long you were browsing Amazon, but also which items you were looking at, and which ones you put into your shopping cart. By observing your interests, the companies create a profile of you, containing very detailed and also very personal information. So even if you end up buying none of these items, the companies will know that you d really like to have them. Based on other data, they may even know whether you can in fact afford them. Going back to our story, that one man must have a lot of stamina to follow you nonstop and everywhere. Surely there is no one tracker that covers the entire web! And indeed, no single company can afford to put a tracker on every webpage in existence. However, they may of course trade information with other companies. This is why the stream of advertisement never stops: Once they sniffed out your interests, tracking companies sell this information to their partners. As a result, they all try to lure you into buying what they now know you are interested in. Different trackers do different things with the data they gather. This is described by their privacy policy, which lists the kinds of data gathered by the tracker, and how they are used. Likewise, websites have their terms of service, which define the same. However, there are hardly any legal restrictions on how the commercially aggregated data may be used. And while a good sales assistant tries to find the right product for you, tracking only serves the purpose of making money for companies with your data, and by getting you to buy just about anything, the more the better. 2

Google and Facebook are arguably the biggest companies whose core business is marketing. Contrary to popular belief, people using these services are not their customers. Instead, by using the services, users gradually disclose more about themselves to those providers. These valuable data are then sold to other companies. In other words, the personal information of their users are a social network provider s product, and advertising companies are the customers. Hence a social network provider will always do their best to collect more data from their users. A good example is Google, which in March 2012 combined all of their services. The only change noticeable to users however was in the terms of service, which from now on gave Google the possibility to combine users web searches, emails, Google+ profiles and so on, in order to get a better picture of its users. It is fair to say that Google now has very complete data for many users. It is impossible to know just how much data a company has about you. Due to huge public pressure, Google Account Activity and Facebook Data Download have been implemented; however you only get to see a fraction of the data you actively uploaded to those social networks. In particular, the tracking data are not made available to the user. Likewise, things the user deleted from his profile will usually not be shown; however it has been proven that the data are still present in databases of the social network provider. If this sounds unpleasant to you, you are not alone. So what can you do in order to understand what is going on and to avoid disclosing your data to others without wanting to? The following is a non-exhaustive list of tools that help to maintain your privacy. Privacy Check [Rabidgremlin, 2012] checks almost every data item of your Facebook account and tells you whether they are exposed to people other than your friends. These items include your profile information, but also your friend list, wall posts and more. Privacy Check also gives you a score to indicate the level of information exposure to other users. This does not include Facebook itself; they will always have access to your data. Collusion [Mozilla Foundation, 2012] is a plugin for the browser Firefox. It displays your path through the internet, and how much of it is monitored by individual trackers. So you can get an idea of how much the trackers know about you even after a tiny amount of web browsing. The company Privacychoice offers a multitude of tools which are generally designed to alert the user if her data are at risk of being gathered by companies. The small tool PrivacyFix [Privacychoice, 2012a] offers a one-click method for detecting problematic settings for websites such as Google and Facebook. These settings (among other things) concern what the platform provider can do with your data. PrivacyScore [Privacychoice, 2012b] is a browser plugin which estimates the risk that personal data are shared by a visited website, based on their terms of service. It adds an icon to the browser s toolbar which at all times displays the privacy score as computed by Privacychoice. When clicked, it shows more details, for instance which aspects of the site s privacy policy are how dangerous to the user. The importance of individual aspects can be adjusted by the user. 3

Finally, the plugin reveals the trackers on the site. For each tracker, there is more information available, again with scores indicating how dangerous this tracker is. The very same functionality as PrivacyScore, but for Facebook applications, is offered by PrivacyScore Apps [Privacychoice, 2012c]. Such apps operate outside of the legal conditions of Facebook: Once the user starts to use an app, it is no longer Facebook s own terms of service that apply, but the app s. Legally, this constitutes a separate internet within Facebook. This also means that apps can have third-party trackers, so data collection is not limited to the app developer and Facebook. Thus, when you use a Facebook App, your data may be subjected to treatment that you didn t expect when you logged in to Facebook. Be aware that PrivacyScore does not actually block the trackers. For this functionality, the additional Trackerblock plugin [Privacychoice, 2012d] from the same developers is required (Firefox and Internet Explorer only). Trackerblock does not impair the functionality of any other tools listed here. If one only wishes easy protection from trackers, Ghostery [Evidon, 2012] is a fire-andforget browser plugin. It is highly customizable (one can select which trackers should be blocked) and exists for all relevant browsers; there even is a standalone browser for Apple s ios platform. Ghostery also tells the user what it is doing: The plugin comes with an icon that unobtrusively displays the number of trackers blocked. When clicked, it opens an overlay window that lists all trackers found on the webpage. For every tracker, there is a Ghostery-hosted webpage providing additional information, covering a summary of their privacy policy and industry affiliations. Note that after installation, no trackers are blocked by default. This option has to be set manually. As with most software, the details of these tools are bound to change, but the basic functionality should be guaranteed for the foreseeable future. A word of caution is in order when it comes to built-in functionality of browsers, which seems to cover much of the described anti-tracking methods. For example, Firefox has an option called Do not track, but what it actually does is to send a legally non-binding message to the website, which may or may not result in the desired effect. Likewise, the option to block third-party cookies offered by many browsers can be circumvented. Most notably, Facebook has advised their developers to work around the user protection mechanisms of Internet Explorer in their developers manual (the API documentation). Finally, even if conventional tracking methods are blocked, browsers often share rather unique properties, which make identification at least theoretically possible. This cannot be avoided, but the properties change so quickly that this type of tracking is practically not feasible [Eckersley, 2009]. Tasks for Students The following gives suggestions of how the tools presented above may be introduced to students in an interactive way. Privacy Check: Search social networks for potentially controversial information, and ask the respective students if they intended to make it public. Then let kids see their privacy 4

score of their own Facebook page, compare it to others, try to understand it, etc. General: Ask students if they ve noticed anything similar to the sell-everything salesman example from the above text. On a clean browser (no cookies etc.), go to a bit site like amazon.com or bol.com. Add a few items to the basket, e.g., watches. Then browse to other webpages (use Collusion to make sure they share a tracker with the page you just visited). What kind of ads are you shown? Then use a proxy. This should hide your identity. Does anything change? Now reset the browser (erase all cookies) and exit the proxy. What is happening now? (You should notice that you will be presented with watches pretty much all the time, unless using the proxy. Proxies not only pretend that you are in a different location, they also sandbox your cookies. Unlike commonly understood, they do not anonymize you completely: If you repeat the above task from within the proxy, the same effects will appear. There are different kinds of anonymity on the internet, and trackers do not care about your location but about your interests. If you reset your browser, the tracking cookies are gone, and you will be back to very unspecific ads.) Collusion: Have the students name their top five webpages (including search engines). Then browse to all of them, visualizing the path in Collusion. How many trackers do you see on average, per webpage? How many trackers would you need to combine to have perfect information about your entire browse? Are there (profit-oriented) sites that have few trackers? Why could that be? (Often enough there is a tracker specialized in the specific language of a country, covering diverse pages rather than all news websites. A notable exception are search engines. The data they get are so valuable they will not allow any other trackers on their pages but their own. This is also why many big internet companies, such as Google, have their own tracking system.) PrivacyScore: Find a few popular pages that score between 50 and 70. Then find similar pages that score higher. Would students consider switching to these sites? Let students discuss the way the score is computed, and ask them which aspects they think are important and why. Which motivation might be behind the different terms of service? (There are different business models for webpages. They can make money by selling things like bol.com, they can live by selling user data like Facebook, or they live off donations like Wikipedia.) PrivacyScore Apps: As with PrivacyScore, but most apps will sell user data as well as virtual items, in-game money and the like. (Just like Facebook was hopelessly overrated when they gave out stocks, it is still very hard to have a flourishing business model without selling anything physical.) Ghostery: Let the students install the Ghostery plugin and discuss tracking by Facebook - and how blocking trackers relates to the privacy score. More generally, discuss how Ghostery keeps the information about their actions on Facebook secret from trackers. What about Facebook s own tracker? (A website will always be able to log what you did on it. Trackers are only relevant where the party requesting information cannot directly access the website of interest. For the 5

same reason, the privacy settings of Facebook do not at all protect against Facebook s data collection about their users.) References [Eckersley, 2009] Eckersley, P. (2009). How unique is your web browser? Electronig Frontier Foundation. Technical report, [Evidon, 2012] Evidon (accessed November 16, 2012). Ghostery. http://www.ghostery.com. [Mozilla Foundation, 2012] Mozilla Foundation (accessed November 16, 2012). http://www.mozilla.org/en-us/collusion/. Collusion. [Privacychoice, 2012a] Privacychoice (accessed November 16, 2012a). PrivacyFix. http://privacychoice.org/privacyfix. [Privacychoice, 2012b] Privacychoice (accessed November 16, 2012b). Privacyscore. http://privacychoice.org/checkprivacyscores. [Privacychoice, 2012c] Privacychoice (accessed November 16, 2012c). Privacyscore Facebook. https://apps.facebook.com/privacyscoreapps/. [Privacychoice, 2012d] Privacychoice (accessed November 16, 2012d). TrackerBlock. http://privacychoice.org/trackerblock. [Rabidgremlin, 2012] Rabidgremlin (accessed November 16, 2012). PrivacyCheck. http://www.rabidgremlin.com/fbprivacy/. 6

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information