PRIVAD: PRACTICAL PRIVACY IN ONLINE ADVERTISING Offense: Arindam Paul

An “Utopian” Assumption  “Our design assumes that privacy advocates will be hard to win over, and therefore favors privacy concerns over business concerns”  We are talking about advertisement  This has got to do everything with business  Nothing which affects profitability of the big players is going to work in the real world  Why would the brokers (e.g. Google) even agree to be bound to such a model ?

What they themselves say?  “Entrenched players like Google have strong incentives, lobbying power and the capital needed to maintain the status quo”  “Powerful ISPs successfully resisted new regulations threatening their business model”  So, why now they would be ready now ?

Third Parties  None of the models which have suggested usage of a 3 rd party has worked in real life.  “For sale: Your Data, By: You” by Riederer et.al  This paper  How to arrange for trusted/untrusted 3 rd parties is an unsolved problem in the Internet community  Reasons cited: Greed (business sense), politics, etc.

Significant change from current model  Adding two extra redirections in an already complex model (Publisher, Broker, Advertiser)  Dealer  Monitor (at Client)

Dealer  Run by “untrusted third party organizations”  Paper states cost of dealer will be met by  “privacy advocates” ???  No such instance of funding found even in “more” privacy aware EU

Monitor at Client  No real incentive  For testing, MSR paid money for installing  Depended on “forgetfulness” of these paid users to collect data

BETTER & SIMPLER ALTERNATIVES

What Privacy Advocates say?  Softer requirements of “Privacy Advocates”  “Individuals be able to control their personal information”  “Hold accountable organizations responsible”  Much easily possible by simple browser extensions and “Opt Out” features

Ad Block Plus  Gives option of removing ads altogether  “Privad is not aimed for users that disable ads altogether”  Ad Block Plus also allows option of keeping of relevant ads  Present well before 2011

Do Not Track

Other Extensions  Some Internet and software development firms have created individual browser extensions that permit users to opt out of tracking cookies from a wide range of advertising networks.  Targeted Advertising Cookie Opt-Out (TACO) helps Internet users avoid and remove tracking cookies from 27 advertising networks.

SERIOUS LIMITATIONS

CLICK-FRAUD  Per User Thresholds  Blacklist  Honeyfarms  Historical Statistics  Premium Clicks  Bait Ads  “Overall these mechanisms have effect of more-or- less putting Privad back on an even footing with current ad networks as far as click-fraud”

CLICK FRAUD AND DEPLOYMENT  No mention of click-fraud detection success in the evaluation  If this is so successful, why not any measurement results ?

Ads at localhost  Does Google or well-known brokers not better at understanding user profiles and giving ads ?  Tries to mimic the broker algorithms ???  They suggest a “simple” broker model  Doubt Google would like or trust these “Ads”  Most of their money is driven by personalized/contextual ads

Malware  “Malware today can learn anything. The client is able to learn, and so not protecting against this threat does not qualitatively change anything.”  ???  Malware gets ready-made profiled data  No need to monitor over time to build data  Actually, this gives an incentive to un-trusted organizations to steal and then sell private data  Google or XYZ ? The assumption of “honest but curious” no longer holds for XYZ

Practicality and Novelty  “Privad scales to present-day needs”  No testing on mobile users ??? Battery usage  “During 12 months deployment, we have not received any negative feedback” 7 days contract ???  General lack of Novelty  Very similar to previous Hotnets Paper  No real addition  Still only pilot testing  No mention of any revenue model

“After the click happens”  “Privad gives unscrupulous advertisers more information than they get today”  Will the “privacy-advocates” not say anything now?  No clear mention of CPI, CPC and CPA  Almost every ad paper has these terms

What the research community say ?  First author in his next paper: “Need to adequately explore how to operate the auctions that are critical to current advertising systems. Without this component, these systems leave unanswered what revenue the broker (i.e. an ad network like Google) can earn, thereby reducing the likelihood that a non- tracking advertising system will be of commercial interest.”

What the research community say ?  “These proposals require a shift in the paradigm of online advertising, where the ad brokers relinquish the control of the way profiling and matching is performed and rely on a weaker client-side model of the user, which seems unlikely in the near-term.”- Korolova A., Journal of Privacy and Confidentiality  “Privad can not trust ad-networks and anonymizes every piece of information sent by the client. This anonymization impacts performance and makes click- fraud harder to detect.”-Toubiana et. Al (Adnostic)

THANK YOU