Jannick Sørensen
ABSTRACT
The commencement of EU's General Data Protection Regulation (GDPR) has led to massive compliance and consent activities on websites. But did the new regulation result in fewer third party server appearances? Based on an eight months longitudinal study from February to September 2018 of 1250 popular websites in Europe and US, we present a mapping of the subtle shifts in the third party topology before and after May 25, 2018. The 1250 websites cover 39 European countries from EU, EEA, and outside EU, belonging to categories that cover both public-oriented citizen services, as well as commercially-oriented sites. The developments in the numbers and types of third party vary for categories of websites and countries. Analyzing the number of third parties over time, even though we notice a decline in the number of third parties in websites belonging to certain categories, we are cautious about attributing these effects to the general assumption that GDPR would lead to less third party activity. We believe that it is quite difficult to draw conclusions on cause-effect relationships in such a complex environment with many impacting factors.
- Gunes Acar, Christian Eubank, Steven Englehardt, Marc Juarez, Arvind Narayanan, and Claudia Diaz. 2014. The Web Never Forgets. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security - CCS '14, Gail-Joon Ahn, Moti Yung, and Ninghui Li (Eds.). ACM Press, New York, New York, USA, 674-689. Google Scholar
Digital Library
- Reuben Binns, Jun Zhao, Max Van Kleek, and Nigel Shadbolt. 2018. Measuring third party tracker power across web and mobile. (2018), 1-21. arXiv:1802.02507 Google ScholarDigital Library
- Justin Brookman, Phoebe Rouge, Aaron Alva, and Christina Yeung. 2017. Cross-Device Tracking: Measurement and Disclosures. Proceedings on Privacy Enhancing Technologies2017, 2(2017), 133-148.Google ScholarCross Ref
- Oliver Busch. 2016. The Programmatic Advertising Principle. In Programmatic Advertising: The Successful Transformation to Automated, Data-Driven Marketing in Real-Time, Oliver Busch (Ed.). Springer, Cham, 3-15. Google ScholarDigital Library
- Yuyu Chen. 2018. GDPR is coming, and data management platforms are in the crosshairs. https://digiday.com/marketing/gdpr-coming-data-management-platforms-crosshairs/Google Scholar
- Mark D. Corner, Brian N. Levine, Omar Ismail, and Angela Upreti. 2017. Advertising-based Measurement: A Platform of 7 Billion Mobile Devices. In Proceedings of the 23rd Annual International Conference on Mobile Computing and Networking(MobiCom '17). ACM, New York, NY, USA, 435-447. Google ScholarDigital Library
- EBU Digital Strategy Group. 2002. Media with a purpose - Public Service Broadcasting in the digital era. The Report of the Digital Strategy Group of the European Broadcasting Union. Technical Report Version DSG 1.0. European Broadcasting Union, Geneva. http://www.ebu.ch/CMSimages/en/DSG_final_report_E_tcm6-5090.pdfGoogle Scholar
- EBU Media Intelligence Service. 2017. Market Insights : Trust in Media. Technical Report. European Broadcasting Union, Geneva.Google Scholar
- EBU Media Intelligence Service. 2018. Market Insights: Trust in media 2018. Technical Report. European Broadcasting Union, Geneva. 40 pages. https://www.ebu.ch/files/live/sites/ebu/files/Publications/MIS/login_only/market_insights/EBU-MIS -Trust in Media 2018.pdfGoogle Scholar
- Steven Englehardt and Arvind Narayanan. 2016. Online Tracking: A 1-million-site Measurement and Analysis. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security(CCS '16). ACM, New York, NY, USA, 1388-1401. Google ScholarDigital Library
- Steven Englehardt and Arvind Narayanan. 2016. Online tracking: A 1-million-site measurement and analysis. In Extended Version of the paper presented at ACM CCS 2016. http://randomwalker.info/publications/OpenWPM_1_million_site_tracking_measurement.pdf Google ScholarDigital Library
- Marjan Falahrastegar, Hamed Haddadi, Steve Uhlig, and Richard Mortier. 2014. Anatomy of the Third-Party Web Tracking Ecosystem. (sep 2014). arxiv:1409.1066http://arxiv.org/abs/1409.1066Google Scholar
- Oliver Gertz and Deirdre McGlashan. 2016. Consumer-Centric Programmatic Advertising. In Programmatic Advertising The Successful Transformation to Automated, Data-Driven Marketing in Real-Time. 55-73.Google Scholar
- IAB - Interactive advertising bureau Europe. 2018. GDPR Implementation. https://www.iabeurope.eu/category/policy/gdpr-implementation/Google Scholar
- IAB - Interactive advertising bureau Europe. 2018. Header Bidding and Auction Dynamics. Technical Report August. interactive advertising bureau Europe. https://www.iab.it/wp-content/uploads/2018/09/IAB-Europe_Header-Bidding-and-Auction-Dynamics-White-Paper_August-2018-1-compressed.pdfGoogle Scholar
- Costas Iordanou, Georgios Smaragdakis, Ingmar Poese, and Nikolaos Laoutaris. 2018. Tracing Cross Border Web Tracking. In Proceedings of ACM IMC 2018. Boston, MA. Google ScholarDigital Library
- Robin Kurzer. 2017. What does the GDPR mean to your third-party data processors?https://martechtoday.com/gdpr-mean-third-party-data-processors-208098Google Scholar
- Adam Lerner, Anna Kornfeld Simpson, Tadayoshi Kohno, and Franziska Roesner. 2016. Internet Jones and the Raiders of the Lost Trackers: An Archaeological Study of Web Tracking from 1996 to 2016. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX. https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/lerner Google ScholarDigital Library
- Tim Libert. {n. d.}. webXray. https://webxray.org/Google Scholar
- Timothy Libert. 2018. An Automated Approach to Auditing Disclosure of Third-Party Data Collection in Website Privacy Policies. In Proceedings of the 2018 World Wide Web Conference(WWW '18). International World Wide Web Conferences Steering Committee, Republic and Canton of Geneva, Switzerland, 207-216. Google ScholarDigital Library
- Timothy Libert, Lucas Graves, and Rasmus Kleis Nielsen. 2018. Changes in Third-Party Content on European News Websites aft er GDPR. Technical Report August. Reuters Institute, Oxford University. 1-7 pages. https://reutersinstitute.politics.ox.ac.uk/our-research/changes-third-party-content-european-news-websites-after-gdprGoogle Scholar
- Kasper Lindskow. 2016. Exploring Digital News Publishing Business Models - A Production Network Approach. Ph.D. Dissertation. Copenhagen Business School. http://hdl.handle.net/10398/9284Google Scholar
- Johan Mazel, Richard Garnier, and Kensuke Fukuda. 2017. A comparison of web privacy protection techniques. (2017). arXiv:1712.06850Google Scholar
- Nic Newman, Richard Fletcher, Antonis Kalogeropoulos, David A. L. Levy, and Rasmus Kleis Nielsen. 2017. Reuters Institute Digital News Report 2017. Technical Report. Reuters Institute for the Study of Journalism, Oxford. https://reutersinstitute.politics.ox.ac.uk/sites/default/files/Digital News Report 2017 web_0.pdfGoogle Scholar
- Louise Reseke. 2018. JP/Politiken tager opgør med annonce-jungle og dropper 200 samarbejder. https://mediawatch.dk/secure/Medienyt/Web/article10631483.eceGoogle Scholar
- Patricio Robles. 2018. GDPR: What future for first, second and third-party data. https://econsultancy.com/gdpr-what-future-for-first-second-and-third-party-data/Google Scholar
- Elsa Rebeca Turcios Rodriguez. 2018. Tracking Cookies in the European Union, an Empirical Analysis of the Current Situation. Master. Delft University of Technology.Google Scholar
- Franziska Roesner, Tadayoshi Kohno, and David Wetherall. 2012. Detecting and defending against third-party tracking on the web. In Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation (NSDI'12). USENIX Association, Berkeley, California, 12-21. Google ScholarDigital Library
- Franziska Roesner, Chris Rovillos, Alisha Saxena, and Tadayoshi Kohno. 2015. TrackingObserver: A Browser-Based Web Tracking Detection Platform. https://trackingobserver.cs.washington.eduGoogle Scholar
- Jannick Kirk Sørensen and Hilde Van den Bulck. 2018. Public service media online, advertising and the third-party user data business. Convergence: The International Journal of Research into New Media Technologies (aug 2018).Google Scholar
- Bharat Srinivasan, Athanasios Kountouras, Najmeh Miramirkhani, Monjur Alam, Nick Nikiforakis, Manos Antonakakis, and Mustaque Ahamad. 2018. Exposing Search and Advertisement Abuse Tactics and Infrastructure of Technical Support Scammers. In Proceedings of the 2018 World Wide Web Conference(WWW '18). International World Wide Web Conferences Steering Committee, Republic and Canton of Geneva, Switzerland, 319-328. Google ScholarDigital Library
- Oleksii Starov, Yuchen Zhou, Xiao Zhang, Najmeh Miramirkhani, and Nick Nikiforakis. 2018. Betrayed by Your Dashboard: Discovering Malicious Campaigns via Web Analytics. In Proceedings of the 2018 World Wide Web Conference(WWW '18). International World Wide Web Conferences Steering Committee, Republic and Canton of Geneva, Switzerland, 227-236. Google ScholarDigital Library
- Torben Stühmeier and Tobias Wenzel. 2012. Regulating Advertising in the Presence of Public Service Broadcasting. Review of Network Economics11, 2 (jan 2012).Google Scholar
- Max Van Kleek, Ilaria Liccardi, Reuben Binns, Jun Zhao, Daniel J. Weitzner, and Nigel Shadbolt. 2017. Better the Devil You Know: Exposing the Data Sharing Practices of Smartphone Apps. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems(CHI '17). ACM, New York, NY, USA, 5208-5220. Google ScholarDigital Library
- Tim Wambach and Katharina Bräunlich. 2017. The Evolution of Third-Party Web Tracking. In Information Systems Security and Privacy. ICISSP 2016. Communications in Computer and Information Science, Olivier Camp, Steven Furnell, and Paolo Mori (Eds.). Vol. 691. Springer, 130-147.Google ScholarCross Ref
- Chris Ward. 2018. Will GDPR kill the third-party data market?https://www.mycustomer.com/marketing/data/will-gdpr-kill-the-third-party-data-marketGoogle Scholar
- Michele Zanitti, Sokol Kosta, and Jannick Sørensen. 2018. A User-Centric Diversity by Design Recommender System for the Movie Application Domain. In Companion Proceedings of the The Web Conference 2018(WWW '18). International World Wide Web Conferences Steering Committee, Republic and Canton of Geneva, Switzerland, 1381-1389. Google ScholarDigital Library
Recommendations
Characterising Third Party Cookie Usage in the EU after GDPR
WebSci '19: Proceedings of the 10th ACM Conference on Web ScienceThe recently introduced General Data Protection Regulation (GDPR) requires that when obtaining information online that could be used to identify individuals, their consents must be obtained. Among other things, this affects many common forms of cookies, ...
The right to access information under the GDPR
The present paper offers a critique of the General Data Protection Regulation in the realm of access to information. Even though the GDPR supports the constitutionally obvious position that the right to data protection does not outweigh other equally ...
General Data Protection Regulation: new ethical and constitutional aspects, along with new challenges to information law
The EU 'General Data Protection Regulation' (GDPR) marked the most important step towards reforming data privacy regulation in recent years, as it has brought about significant changes in data process in various sectors, ranging from healthcare to banking ...
Comments