Security

Mixed Context and Privacy

Download Now Free registration required

Executive Summary

Users engaging Online Service Providers (OSPs) such as Google, Amazon, and Facebook encounter environments architected by a single actor (the OSP), but comprised of content and executable elements potentially provided by multiple actors. For the ten OSPs analyzed, privacy policies only cover content provided directly by the OSP. Content provided by external (third party) content providers, such as advertising networks and third party developers, are governed by a different set of privacy policies. In effect, users face environments comprised of mixed content governed by potentially conflicting privacy policies. Reasonably unraveling these conflicting privacy guarantees confounds the process of determining whether users' privacy preference are satisfied.

  • Format: PDF
  • Size: 270 KB