Content deleted Content added
Citation bot (talk | contribs) Alter: title, template type. Add: chapter-url, chapter. Removed or converted URL. Removed parameters. Some additions/deletions were parameter name changes. | Use this bot. Report bugs. | Suggested by AManWithNoPlan | Linked from User:AManWithNoPlan/sandbox5 | #UCB_webform_linked 91/431 |
|||
(9 intermediate revisions by 7 users not shown) | |||
Line 1:
{{Use dmy dates|date=April 2023}}
'''Cross-device tracking'''
More specifically, cross-device tracking is a technique in which technology companies and advertisers deploy trackers, often in the form of unique identifiers, cookies, or even ultrasonic signals, to generate a [[profiling (information science)|profile]] of users across multiple devices, not simply one.<ref name=":15">{{Cite book |last=Arp |first=Daniel |title=2017 IEEE European Symposium on Security and Privacy (EuroS&P) |chapter=Privacy Threats through Ultrasonic Side Channels on Mobile Devices |chapter-url=https://ieeexplore.ieee.org/document/7961950 |year=2017 |pages=1–13 |doi=10.1109/EuroSP.2017.33 |isbn=978-1-5090-5762-7 |s2cid=698921 |via=IEEE Xplore}}</ref> For example, one such form of this tracking uses audio beacons, or inaudible sounds, emitted by one device and recognized through the microphone of the other device.<ref name=":15"/>
Line 7:
==Background==
There are many ways in which online tracking has manifested itself. Historically, when companies wanted to track users' online behavior, they simply had users sign in to their website.<ref name=":23">{{Cite book|last1=Jebara|first1=Tony|last2=Bellovin|first2=Steven M.|last3=Kim|first3=Hyungtae|last4=Li|first4=Jie S.|last5=Zimmeck|first5=Sebastian|date=2017|title=A Privacy Analysis of Cross-device Tracking|url=https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/zimmeck|language=en|pages=1391–1408|publisher=USENIX Association |isbn=978-1-931971-40-9}}</ref> This is a form of deterministic cross-device tracking, in which the user's devices are associated with their account credentials, such as their email or username.<ref name=":2">{{Cite journal|last=Brookman|first=Justin|year=2017|title=Cross-Device Tracking: Measurement and Disclosures|url=https://petsymposium.org/2017/papers/issue2/paper29-2017-2-source.pdf|journal=Proceedings on Privacy Enhancing Technologies|volume=2017|issue=2|pages=133–148|doi=10.1515/popets-2017-0020|doi-access=free}}</ref> Consequently, while the user is logged in, the company can keep a running history of what sites the user has been to and which ads the user interacted with between computers and mobile devices.<ref name=":2" />
Eventually, [[Cookies (Internet)|cookies]] were deployed by [[Advertising|advertisers]], providing each user with a [[unique identifier]] in his or her browser so that the user's preferences can be monitored.<ref name=":3">{{Cite web|url=https://cdt.org/files/2015/11/10.16.15-CDT-Cross-Device-Comments.pdf|title=Comments for November 2015Workshop on Cross-Device Tracking}}</ref> This unique identifier informs the placement of relevant, [[Targeted advertising|targeted ads]] the user may receive.<ref name=":3" /> Cookies were also used by companies to improve the user experience, enabling users to pick up where they left off on websites.<ref name=":113">{{Cite journal|last1=Sipior|first1=Janice C.|last2=Ward|first2=Burke T.|last3=Mendoza|first3=Ruben A.|date=30 March 2011|title=Online Privacy Concerns Associated with Cookies, Flash Cookies, and Web Beacons|journal=Journal of Internet Commerce|volume=10|issue=1|pages=1–16|doi=10.1080/15332861.2011.558454|s2cid=154250015 |issn=1533-2861}}</ref> However, as users began using multiple devices––up to around five––advertisers became confused as to how to track, manage, and consolidate this data across multiple devices as the cookie-based model suggested that each device––whether a phone, computer, or tablet––was a different person.<ref name=":3" />
Line 43:
* Lisnr uses a user's location data in tandem with ultrasonic beacons to give users coupons related to their activities<ref name=":15"/>
Another study suggested that Apple, Google, and Bluetooth Special Interest groups need to do more to prevent cross-device tracking.
<ref name=":132">{{Cite == Privacy and surveillance concerns ==
Line 66 ⟶ 68:
Some scholars have even contended that in an age of increased surveillance, users now participate online through the active generation and curation of online images––a form of control.<ref name=":15" /> In so doing, users can be seen as rejecting the shame associated with their private lives.<ref name=":15" /> Other scholars note that surveillance is fundamentally dependent upon location in both physical and virtual environments.<ref name=":16">{{Cite journal|last=Molz|first=Jennie Germann|title='Watch us wander': mobile surveillance and the surveillance of mobility|url=https://www.academia.edu/507992|journal=Environment and Planning A|volume=38|issue=2|pages=377–393|issn=0308-518X|doi=10.1068/a37275|year=2006|s2cid=145772112 }}</ref> This form of surveillance can be seen in travel websites which enable the user to share their vacation to a virtual audience.<ref name=":16" /> The person's willingness to share their personal information online is validated by the audience, since the audience holds the user accountable and the user vicariously experiences pleasure through the audience.<ref name=":16" /> Further, users' mobile data is increasingly being shared to third parties online, potentially underscoring the regulatory challenges inherent in protecting users' online privacy.<ref name=":20">{{Cite web|url=https://www.icsi.berkeley.edu/icsi/node/5893|title=Apps, Trackers, Privacy and Regulators: A Global Study of the Mobile Tracking Ecosystem|last1=Razaghpanah|first1=Abbas|last2=Nithyanand|first2=Rishab|website=icsi.berkeley.edu|access-date=11 April 2019|last3=Vallina-Rodriguez|first3=Narseo|last4=Sundaresan|first4=Srikanth|last5=Allman|first5=Mark|last6=Kreibich|first6=Christian|last7=Gill|first7=Phillipa}}</ref>
In addition, scholars argue that users have the right to know the value of their [[personal data]].<ref name=":17">{{Cite journal
=== Surveillance capitalism ===
The increased usage of cross-device tracking by advertisers is indicative of the rise of a new era of data extraction and analysis as a form of profit, or [[surveillance capitalism]], a term coined by [[Shoshana Zuboff]].<ref name=":52">{{Cite journal|last=Zuboff|first=Shoshana|year=2015|title=Big other: Surveillance Capitalism and the Prospects of an Information Civilization|journal=Journal of Information Technology|volume=30|issue=1|pages=75–89|doi=10.1057/jit.2015.5|s2cid=15329793 |issn=0268-3962|doi-access=free}}</ref> This form of capitalism seeks to commodify private human experience to create [[Futures exchange|behavioral futures markets]], in which behavior is predicted and behavioral data is harvested from the user.<ref name=":52"/> Zuboff suggests that this new era of surveillance capitalism eclipses Bentham's panopticon, becoming far more encroaching and invasive as, unlike a prison, there is no escape, and the thoughts, feelings, and actions of users are immediately extracted to be commodified and resold.<ref name=":52"/> Thus, since cross-device tracking seeks to create a profile of a user across multiple devices, big tech companies, such as Google, could use this behavioral data to make predictions about the user's future behavior without the user's awareness.<ref name=":52"/>
Scholars are beginning to discuss the possibility of quantifying the monetary value of users' personal data. Notably, the algorithms used to extract and mine user data are increasingly seen as business assets and thus protected via trade secrets.<ref name=":17" /> Indeed, the usage of free online services, such as public Wi-Fi, often comes at the unknown cost to the user of being tracked and profiled by the company providing the service.<ref name=":17" /> In essence, a transaction is occurring: users' personal data is being exchanged for access to a free service.<ref name=":17" /> Increasingly, scholars are advocating for users' right to understand the fundamental value of their personal data more intimately so as to be more savvy, informed consumers who have the ability to protect the privacy of their online information and not be manipulated into unwittingly giving away personal information.<ref name=":17" />
=== Health and wellness applications ===
In addition, health and wellness applications also have a dearth of privacy protections as well: a study found that many health apps lacked [[encryption]] and that regulators should enforce stronger [[Data privacy]] protections.<ref name=":7">{{Cite journal|last1=Huckvale|first1=Kit|last2=Prieto|first2=José Tomás|last3=Tilney|first3=Myra|last4=Benghozi|first4=Pierre-Jean|last5=Car|first5=Josip|date=25 September 2015|title=Unaddressed privacy risks in accredited health and wellness apps: a cross-sectional systematic assessment|journal=BMC Medicine|volume=13|issue=1|page=214|doi=10.1186/s12916-015-0444-y|pmid=26404673|pmc=4582624 |doi-access=free }}</ref> The study stated that of the 79 apps they tested, none of the applications locally encrypted the users' personal information and 89% of the applications pushed the data online.<ref name=":7" /> The lack of adequate privacy and security measures surrounding users' personal medical data on mobile applications underscores the lessening degree to which users can trust mobile app developers to safeguard their personal information online.<ref name=":7" /> While mobile application developers continue to confront privacy and security concerns, users are increasingly looking to ways to visualize their data through wearable devices and applications that track their workout and exercise routines.<ref name=":9">{{Cite journal
=== Cookies, flash cookies, and web beacons ===
Line 93 ⟶ 95:
=== Solutions ===
Scholars are convinced the current notice-and-consent model for privacy policies is fundamentally flawed because it assumes users intuitively understand all of the facts in a [[privacy policy]], which is often not the case.<ref name=":21">{{Cite web|url=https://www.amacad.org/publication/contextual-approach-privacy-online|title=A Contextual Approach to Privacy Online|website=American Academy of Arts & Sciences|date=October 2011 |access-date=18 April 2019}}</ref> Instead, scholars emphasize the imperative role of creating a culture in which privacy becomes a [[social norm]].<ref name=":21" /> In effect, users of online technologies should identify the social activities they use on the internet and start questioning websites' governing norms as a natural outgrowth of their web browsing.<ref name=":21" /> In effect, these norms need to prevent websites from collecting and sharing users' personal information.<ref name=":21" /> In addition, starting with a user's personal values and seeing how these values correlate with online norms may be another way to assess whether or not privacy norms are being violated in odd cases.<ref name=":21" /> Ultimately, scholars believe these privacy norms are vital to protecting both individuals and social institutions.<ref name=":21" />
== Legal and ethical issues ==
While the United States lacks extensive privacy rights, the [[Fourth Amendment to the United States Constitution|Fourth Amendment]] provides some privacy protections.<ref name=":113"/> The Fourth Amendment states that "the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated", suggesting that while individuals are protected from all levels of the government, they are not legally protected from private companies or individuals with malicious intent.<ref name=":113" />
There are large implications for this technology within the legal field. Legally, The [[Federal Trade Commission]] has a responsibility to prevent deceptive practices by technology companies, such as those that could lead to consumer injury.<ref name=":6">{{Cite SSRN |last=Hoofnagle|first=Chris Jay|date=1 September 2017|title=FTC Regulation of Cybersecurity and Surveillance |ssrn=3010205}}</ref> The FTC has made efforts to prevent invasive [[web tracking]], tracking in physical space, [[malware]], insecure and poorly designed services, and the use of deception to engage in surveillance.<ref name=":6" /> For instance, in the realm of invasive web tracking, the FTC has brought lawsuits against companies who engage in
Another scholar believes that the convergence between lived experience and online technology is creating a term called [[Mixed reality]], in which people and things are replaced with virtual experiences.<ref name=":22">{{Cite journal|last=Fairfield|first=Joshua A.T.|year=2012|title=Mixed Reality: How the Laws of Virtual Worlds Govern Everyday Life|journal=Berkeley Technology Law Journal|volume=27|issue=1|pages=55–116|issn=1086-3818|jstor=24119476}}</ref> Mixed Reality technologies can pose legal challenges in that laws which govern the online world will also extend to the real world.<ref name=":22" /> In addition, data tagging––often through GPS, [[location-based services]], or even [[near-field communication]] (NFC)––is the new technology at the heart of mixed reality, since people's data is determined in part by their location.<ref name=":22" /> Near-field communication enables devices to transmit data to each other with a certain range.<ref name=":22" /> Virtual reality can become a privacy issue because it attempts to immerse users into the virtual environment by recording a user's every sensation.<ref name=":22" /> In turn, mixed reality's amalgamation with daily tasks suggest that it will be implicated in numerous legal issues ranging from [[copyright law]] to [[intellectual property law]].<ref name=":22" /> Customers are also being denied a voice in contracts, since only corporations set the rules by which individuals' private information is mined and extracted.<ref name=":22" /> The solution to these issues, according to scholars, are opt-in controls to police users' privacy that enable balance to be restored to the law, particularly as it stands regarding contracts.<ref name=":22" />
|