In unserer Corona-App Studie testen wir den Einfluss verschiedener Faktoren auf die Nutzungsbereitschaft versch. Typen von Apps.
Überraschendes erstes Ergebnis: Datenschutz ist den Menschen wichtig (Corona-Eindämmung aber auch!).
Lächelndes Gesicht mit geöffnetem Mund

Details: news.rub.de/presseinformatione

Our study underlines what privacy advocates have known for years: When people have to use Whatsapp or Youtube over alternatives it's not because they don't care for their privacy. needs to adopt . Full paper here:
eusec20.cs.uchicago.edu/eusec2

Show thread

35% of our participants believe that most of their apps collect data without their consent. More than 80% are concerned that this data is shared with third-party companies like ad trackers.

Show thread

Two-thirds think that entertainment apps like youtube and Netflix track not only their behavior but also their whereabouts. 87% think that this data is not only collected by one company but also shared with others.

Show thread

For his master thesis, Nils Quermann studied privacy expectations in Europe.
We found that participants are concerned about their privacy, but have low expectations.
The results will be presented at in September; the PDF is available. Thread
Pfeil nach unten

@zeitonline berichtet über die Details des ursprünglichen Plans Handy-Verkehrsdaten zur Corona-Eindämmung zu benutzen. Ich hab darüber mit @mlaaff gesprochen. Zusammenfassung in Twitter-Länge: "Die technischen Möglichkeiten werden überschätzt" zeit.de/digital/datenschutz/20

Working on human-centered security and privacy problems? Consider submitting your latest work or work in progress to the 5th European Workshop on Usable Security co-located with @IEEEEUROSP
.

Submission deadline March 16, 2020.
CFP: eusec20.cs.uchicago.edu

3. The last thing I want to highlight: we attempted to replicate previous work in the area to see whether our approach leads to different results. Here is a breakdown in a table, see the paper for details:

Show thread

2. Third party scripts often contact additional services. 40% request data from other companies. More importantly: In 62% of the cases, these "fourth parties" fluctuate.
That's bad news if you own a website and want to know upfront what gets send to your visitors in your name.

Show thread

1. Like the title says: when scanning websites for scripts or cookies, always look beyond the front page. We found that visiting 100 subsites is useful if you want to get a good idea of the third parties a webpage is using.

Show thread

Our upcoming paper is now available: arxiv.org/pdf/2001.10248.pdf
We measured in the depth of websites and focused on the fluctuations.
Our work has implications for website owners and future research. Here are some takeaways:

Goal for 2020: use mastodon more than twitter.
Unfortunately, it seems the academic twitterverse is not here, yet.

chaos.social

chaos.social – a Fediverse instance for & by the Chaos community