• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Spotlight   »   Researchers uncover flaws in online privacy tools

Researchers uncover flaws in online privacy tools

  • Posted on:December 1, 2011
  • Posted in:Spotlight
  • Posted by:
    Trend Micro
0

With regulators growing increasingly aware of emerging digital privacy threats, researchers from Carnegie Mellon University have released a report detailing numerous flaws in the online privacy tools specifically designed to keep consumer information safe.

One of the most notable trends in marketing is the use of online behavioral advertising, or crafting web messages based upon user habits. For example, a consumer logging several visits to outdoor sporting websites may be shown banner ads related to a hiking boot retailer. However, this marketing strategy has not been well-received by all. Several consumer protection agencies have taken issue with this practice, labeling it a direct invasion of digital privacy.

Just this week, one online video advertising site was forced to settle U.S. Federal Trade Commission charges claiming that administrators falsely implied consumers could opt out of targeted ads by adjusting their browser’s cookies settings. In reality, users would have also needed knowledge of how to disable Flash cookies to block the service.

This news will come as little surprise to CMU researchers. According to the university’s recent 45-participant laboratory study, all nine of the online privacy tools assessed within the research were found to have “serious usability flaws.”

Confusing interfaces, inadequate communication loops and inappropriate default settings were highlighted as the most prevalent problems among the tools tested by researchers.

According to the Wall Street Journal, there were several instances in which participants thought they were making proactive Internet security steps, while in reality they were compromising protection measures. In one example, a user accidentally deleted the opt-out cookie in an attempt to remove all tracking mechanisms on the site.

“Our results suggest that the current approach for advertising industry self-regulation through opt-out mechanisms is fundamentally flawed,” the report concluded. “Users’ expectations and abilities are not supported by existing approaches that limit Online Behavioral Advertising by selecting particular companies or specifying tracking mechanisms to block.”

Although government regulators may ultimately be called upon to settle this debate, there are signs to suggest the Internet-advertising industry may be making strides in addressing consumer privacy concerns. According to the Washington Post, the Online Internet-Based Advertising Accountability Program has revealed the results of its first six compliance cases.

“I was very happily surprised at how quickly these companies responded and how positively they responded,” Genie Barton, vice president of the Council of Better Business Bureaus, told the Post.

Project directors have also adopted a hard-line stance by referring non-cooperative companies to the FTC and publicizing the news via press releases, according to the Post.

Data Security News from SimplySecurity.com by Trend Micro

Related posts:

  1. EU rejects self-policing online privacy framework
  2. Researchers uncover security flaws in cloud architecture
  3. Researchers uncover security flaws in cloud architecture
  4. Researchers uncover more malware targeting Android users

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.