grantees2016.html

---
layout: default
title: Data Transparency Lab Grantees
---

 <section id="grantees" class="section2">
	<h2 style="color: #000000"> DTL 2016 Grantees</h2>
	<div class="divider-line" style="background-color:#CE88CF;"></div>
<div class="grantees-intro">
	

<p>A note from the DTL Research Commitee Chairs, Balachander Krishnamurthy and Nikolaos Laoutaris:</p>

<blockquote><p>Of the 54 submissions received 26 were discussed extensively online
(with some submissions receiving a score of comments) and half of
them were further vetted in the live PC meeting. </p> 
<p>We focused on working end-user software, a collection platform, 
transparency, privacy protection, and novelty. 8 submissions out
of those discussed in the PC meeting were presented in no particular
order to the DTL board on Wednesday June 8. The board selected 6
submissions to fund. </p> 
<p>We thank the PC for their hard work in reviewing, extensive online
discussions and participating in the PC meeting. We thank the board
for their pointed questions and selecting submissions that we all
hope will generate transparency software. We thank all the submittees
for their time. We expect the grant awardees to complete their software, 
make the code and data available, and to present their results with 
a demo at DTL next year.
</blockquote>
<br>
<br>
<h3>The DTL 2016 Grantees are:</h3>
<!-- <p>The remaining proposals that made it to the top-third of all 
proposals have been awarded with a platform to present their work at the
 DTL2015 Conference, with a corresponding travel grant.<a href="#mentions"> Click here to view these proposals.</a></p> -->
 </div>
<div class="circle2">TOOLS</div>
<br>
<!-- tool 1 -->
		<div id="ur" class="row">
			<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-aa">
			<h2>Finding Waldo in a haystack of informal writing styles<a name="copenhagen"></a></h2>   
<h6>Dirk Hovy (University of Copenhagen); Alan Mislove (Northeastern University); Sune Lehmann (Technical University of Denmark); Tim Baldwin (University of Melbourne)
</h6>
			</div>

			<div class="col-md-5 text-grid-bb">	

						<p>This project aims to develop an online service that enables users to see how privacy-revealing their Twitter accounts are. The project will bring together world-leading experts in geolocation of informal writing, to provide users feedback on what state-of-the-art predictive models can tell about you, based on what you post on Twitter. The service will:

</p> 
						
						<p>a) present users with predictions of demographics (gender, age, job, location) if given specific Twitter profiles. b) enable users to test whether their Twitter accounts can be identified, based on their publicly available or uploaded texts.

						 </p>
						 <p> The analysis presented to users will also tell them exactly what their personal signatures are, distinguishing between revealing content words (place names, topical words, etc.), dialectal cues, and stylistic variation (e.g., use of creative spelling and emojis). 

						 </p>



			</div> 

		</div>
<br>
<br>
<!-- tool 2 Updated. url: http://recon.meddle.mobi.  -->
		<div id="uc" class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-aa">
			<h2>Detection and Circumvention of Ad-Block Detectors: A New Arms Race on the Web<a name="uc"></a></h2>   
<h6>Zhiyun Qian (University of California, Riverside); Zubair Shafiq (University of Iowa)</h6>
<p style="margin: 25px;"><a href="https://www.youtube.com/watch?v=0GAVCSaxgLg">Watch video presentation <i class="fa fa-youtube-play"></i></a>	</p>
			</div>

			<div class="col-md-5 text-grid-bb">		<p>Ad-blocker has become an increasing concern of the web services that are largely reliant on advertising revenues. Such web services operate with the implicit assumption that users agree to watch ads to support these "free" services. Unfortunately, the economic magnetism of online advertising has made it an attractive target for various types of abuses, which are driven by incentives for higher monetary benefits (e.g., drive-by downloads, overly annoying ads). Ad-blocking software can seamlessly block ads without requiring any user input, which not only improves the web experience but also protects user privacy by filtering network requests that profile browsing behaviors. 

			</p>

<p>The advertising industry sees ad-blocker as a growing threat to their business model and therefore has started fighting back with ad-block detection capabilities. The idea is that the scripts can detect the presence of ad-blockers and refuse to serve users who use ad-blockers. Many popular websites such as The Guardian, WIRED, and Forbes have recently started interrupting and/or blocking visitors who use ad-blockers. The ongoing arms race between ad-blocker and ad-block detectors has a significant impact on the future of user privacy and the way the Internet advertising industry operates. Yet, little is known in terms of the scale and technical details of the arms race between ad-blockers and ad-block detectors. </p>
<p>
 In this proposal, we plan to undertake two major research tasks: First, we will perform a systematic measurement and analysis of the ad-block detection phenomenon on the web. This involves understanding how many websites are performing ad-block detection; and what type of technical approaches are used. Second, from the gained understanding, we aim to design and implement new mechanisms, representing the next step in the arms race, in the form of a stealthy or invisible ad-blocker to counter or circumvent ad-block detection. All of the produced data and software will be shared publicly.
</p> 
						
						
					


			</div> 

		</div>
<br>
<br>

<!-- tool 3 updated -->
		<div id="stony" class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-aa">
			<h2>PrivacyMeter: Real-time Privacy Quantification for the Web<a name="stony"></a></h2>   
<h6>Nick Nikiforakis (Stony Brook University)</h6>
<p style="margin: 25px;"><a href="https://www.youtube.com/watch?v=NW4Z7k71Pn8">Watch video presentation <i class="fa fa-youtube-play"></i></a>	</p>
			

			</div>

			<div class="col-md-5 text-grid-bb">		<p>The modern web is home to many online services that request and handle sensitive private information from their users. Previous research has shown how websites may leak user information, either due to poor programming practices, or through the intentional outsourcing of functionality to third-party service.



 </p> 
						
						<p>
Despite the magnitude of this problem, users today have few, if any, options, for protecting their PII against accidental and intentional leakage. Generic anti-tracking extensions are based on manually-curated blacklists which, due to their reactive nature, are destined to be always out of date. Moreover, these anti-tracking extensions only account for domains belonging to tracking companies and thus cannot account for non-tracking-related third-party domains which happen to receive a user's PII due to the poor programming practices of the first-party website with which the user interacts.

						 </p>

<p>

To effectively inform users about the privacy consequences of visiting particular websites, we propose to design, implement, and evaluate PrivacyMeter, a browser extension that, on-the-fly, computes a relative privacy score for any website that a user is visiting. This score will be computed based on each website's privacy practices and how these compare to the privacy practices of pre-analyzed websites. In addition to a numeric score, PrivacyMeter will also provide users with contextual information about the discovered privacy issues (e.g., "many aggressive trackers", or "many inputs are submitted to third parties"), and what actions are advised. The privacy practices that PrivacyMeter will be assessing go above and beyond the state of the art, thereby offering users a much more accurate view of a website's privacy practices, compared to existing tools.	<!-- <a href="https://www.youtube.com/watch?v=NW4Z7k71Pn8">Watch video presentation <i class="fa fa-youtube-play"></i></a>	 -->	</p>
			</div> 

		</div>
<br>
<br>
<!-- tool 4 updated url: http://www.digitalhalo.org/-->
		<div id="icsi" class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-aa">
				<a name="icsi"></a>
			<h2>Characterizing Indirect Privacy Leaks in Mobile Apps</h2>   
<h6>Narseo Vallina-Rodriguez (ICSI); Mark Allman (ICSI); Christian Kreibich (ICSI/Lastline); Vern Paxson (ICSI-UC Berkeley)</h6>
<p style="margin: 25px;"><a href="https://www.youtube.com/watch?v=OSN3F0p-zcM">Watch video presentation <i class="fa fa-youtube-play"></i></a>	</p>
			</div>

			<div class="col-md-5 text-grid-bb">		
				<p>As in the browser context, mobile app developers use third-party services to add features to their apps such as analytics, user tracking, ad delivery and social network integration. While these services are valuable to app developers, they may also collect and share personal information about users. In fact, these services can access sensitive information by piggybacking on the permissions requested by the app developer and granted by the user. Unfortunately, these interactions with third-party services typically happen without any user awareness or consent. </p> 
						
						<p> 
							The research community and the regulatory bodies do not have a broad understanding of the players' identities and the information that they collect. In this project we will investigate the third-party service ecosystem and its dynamics at scale. Our methods leverage data from ICSI's Haystack app. The results of our analysis will increase transparency by creating a public catalog and census of analytics services, their behavior, and their use across mobile apps. 
						 </p>
						 
			</div> 
		</div>
<br>
<br>
<!-- tool 5 -->
		<div class="row">
			<div id="uci" class="col-md-1"><a name="uci"></a></div>
			<div class="col-md-5 text-grid-aa">
			<h2>AntMonitor: On-Device Network Monitoring for Privacy </h2>   
<h6>Athina Markopoulou (UC Irvine); Anastasia Shuba (UC Irvine)</h6>
<p style="margin: 25px;"><a href="https://www.youtube.com/watch?v=Efmv2DQR4R8">Watch video presentation <i class="fa fa-youtube-play"></i></a>	</p>

			</div>

			<div class="col-md-5 text-grid-bb">
					<p>Mobile devices generate the majority of Internet traffic today and also have access to a wealth of personal information. Visibility into the activity of mobile devices is of interest to end-users as well as to network operators, advertisers and a number of other players. In this project, we develop AntMonitor -- a tool that monitors the network activity of mobile devices and reveals privacy leaks directly (detecting PII leaking out of the device) or indirectly (profiling users based on minimal information). 
	
 </p>

<p>In this proposal, we present the design of AntMonitor: a user-space mobile app based on a VPN-service that runs only on the device (\ie without the need of a remote VPN server). We show that AntMonitor significantly outperforms prior state-of-the-art approaches: it achieves speed over 90 Mbps (downlink) and 65 Mbps (uplink), which are 2x and 8x the throughput of existing mobile-only baselines and is 94% of the throughput without VPN, all while using 2--12x less energy. Then, we showcase preliminary results from a pilot study that show that AntMonitor can efficiently perform (i) real-time detection and prevention of private information leakage from the device to the network and (ii) application classification and user profiling. </p> 
<p>Finally, we summarize the current state of the prototype, and our efforts in releasing the tool to end-users, commercial partners, and the research community. The mobile-only version of AntMonitor is currently in alpha-testing, and we request DTL support in order to complete the effort, release the tool to the community, and also get the opportunity to interact with the members of the DTL community.</p>


			</div> 

		</div>
<br>
<br>

<!-- <div class="circle">PLATFORMS</div> -->

<!-- Platform 1 updated. url:  http://webtap.princeton.edu/-->
		<div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-aa">
			<h2>TranspAd: A Collaborative Tool to Bring Transparency to Targeted Advertising<a name="eurecom"></a></h2>   
<h6>Patrick Loiseau (EURECOM) <patrick.loiseau@eurecom.fr>; Oana Goga (MPI-SWS) <oana.goga@mpi-sws.org></h6>
<p style="margin: 25px;"><a href="https://www.youtube.com/watch?v=CNf_aN0D-Ls">Watch video presentation <i class="fa fa-youtube-play"></i></a>	</p>
			</div>

			<div class="col-md-5 text-grid-bb">		
				<p>Targeted advertising largely contributes to the support of free web services. However, it is also increasingly raising concerns from users, mainly due to its lack of transparency. The objective of this proposal is to increase the transparency of targeted advertising from the user's point of view by providing users with a tool to understand why they are targeted with a particular ad and to infer what information the ad engines possibly have about them. Concretely, we propose to build a browser plugin that collects the ads shown to a user and provides her with analytics about these ads. Our tool relies on an innovative collaborative approach to infer what information the ad engine may have.</p>


			</div> 

		</div>
<br>
<br>
	</section>

<!-- travel grants -->

<!-- 	<section id="mentions" class="section2">
<h2 class="mention-header" style="color: #000000"> Mentions and Travel Grants</h2>
<div class="grantees-intro">
			<p>
		The following proposals are amongst the 
		top-third of all proposals and were offered a platform to 
		share their ideas and work with other members of the DTL community. 
They were offered a presentation slot at the forthcoming DTL workshop in
 November 2015 (location and details will be announced in due 
		time) as well as a travel grant to attend it. 
			</p> 
 </div> -->


 
<br>
<!--  1 -->
		<!-- <div class="row">
			<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2> A Deep learning platform for the reverse-engineering of
              Behavioral Targeting procedures in online ad networks
              (DeepBET)</h2>   
<h6>Sotirios Chatzis (Cyprus University of Technology), Aristodemos Paphitis (Cyprus University of Technology)</h6>
			</div> -->

			<!-- <div class="col-md-5 text-grid-c">	<p>Online ad networks are a 
characteristic example of online services that massively leverage user 
data for the purposes of behavioral targeting. A significant problem of 
these technologies is their lack of transparency. For this reason, the 
problem of reverse-engineering the behavioral targeting mechanisms of ad
 networks has recently attracted significant research interest. Existing
 approaches query ad networks using artificial user profiles, each of 
which pertains to a single user category. Nevertheless, well-designed ad
 services may not rely on such simple user categorizations: A user 
assigned to multiple categories may be presented with a set of ads quite
 different from the union of the set of ads pertaining to each one of 
their individual interests. Even more importantly, user interests may 
change or vary over time. Nevertheless, none of the existing 
reverse-engineering systems are capable of determining whether and how 
ad network targeting mechanisms adapt to such temporal dynamics.</p> 
						
						<p>The goal of this proposal is to develop a platform addressing 
these inadequacies by leveraging advanced machine learning methods. The 
proposed platform is capable of: 
(i) Intelligently creating a diverse set of (interest-based) user 
profiles to query ad networks with. It ensures that the (artificial) 
user profiles used to query the analyzed ad networks correspond to as 
diverse a set of combinations of user interests (characteristics) as 
possible. 
(ii) Obviating the need to rely on some publicly available tree of 
categories/user interests, as this can be restrictive to the analysis or
 even misleading. Instead, our platform is capable of reliably producing
 a tree-like content-based grouping (clustering) of websites into 
interest groups, in a completely unsupervised manner. 
(iii) Performing inference of the correlations between user 
characteristics and ad network outputs in a way that allows for large 
scale generalization.
(iv) Determining whether and how temporal dynamics affect these 
correlations, and on how long temporal horizons.</p>


			</div> 

		</div>
<br>
<br> -->
<!--  2 -->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2>Alibi: Turning User Tracking Into a User Benefit</h2>   
<h6>Marcel Flores, Andrew Kahn, Marc Warrior, Aleksandar Kuzmanovic (PI) (Northwestern University)</h6>

			</div>

			<div class="col-md-5 text-grid-c">		<p>We propose Alibi, a system 
that enables users to take direct advantage of the work online trackers 
do to record and interpret their behavior. The key idea is to use the 
readily available personalized content, generated by online trackers in 
real-time, as a means to verify an online user in a seamless and 
privacy-preserving manner. We propose to utilize such tracker-generated 
personalized content, submitted directly by the user, to construct a 
multi-tracker user-vector representation and use it in various online 
verification scenarios. The main research objectives of this project are
 to explore the fundamental properties of such user-vector 
representations, i.e., their construction, uniqueness, persistency, 
resilience, utility in online verification, etc. The key goal of this 
project is to design, implement, and evaluate the Alibi service, and 
make it publicly available.</p>
			</div> 

		</div>
<br>
<br> -->

<!--  3 Updated -->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2> Towards Making Systems Forget </h2>   
<h6> Yinzhi Cao (Lehigh University and Columbia University)</h6>

			</div>

			<div class="col-md-5 text-grid-c">		<p>Today’s systems produce a 
rapidly exploding amount of data, and the data further derives more 
data, forming a complex data propagation network that we call the data’s
 lineage. There are many reasons that users want systems to forget 
certain data including its lineage. From a privacy perspective, users 
who become concerned with new privacy risks of a system often want the 
system to forget their data and lineage. From a security perspective, if
 an attacker pollutes an anomaly detector by injecting manually crafted 
data into the training data set, the detector must forget the injected 
data to regain security. From a usability perspective, a user can remove
 noise and incorrect entries so that a recommendation engine gives 
useful recommendations. Therefore, we envision forgetting systems, 
capable of forgetting certain data and their lineages, completely and 
quickly.
</p> 
						
						<p>
						In this proposal, we focus on making learning systems forget, the 
process of which we call machine unlearning, or simply unlearning. We 
present a general, efficient unlearning approach by transforming 
learning algorithms used by a system into a summation form. To forget a 
training data sample, our approach simply updates a small number of 
summations – asymptotically faster than retraining from scratch. Our 
approach is general, because the summation form is from the statistical 
query learning in which many machine learning algorithms can be 
implemented. Our approach also applies to all stages of machine 
learning, including feature selection and modeling.
						 </p>

			</div> 

		</div>
<br>
<br> -->
<!--  4 updated  url:  http://personalization.ccs.neu.edu/-->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2>Bringing Fairness and Transparency to Mobile On-Demand
              Services</h2>   
<h6>Christo Wilson (Northeastern University),
              Dave Choffnes (Northeastern University),
              Alan Mislove (Northeastern University)</h6>

			</div>

			<div class="col-md-5 text-grid-c">		
				<p> In this project, we aim to bring greater transparency to 
algorithmic pricing implemented by mobile, on-demand services. 
Algorithmic pricing was pioneered in this space by Uber in the form of 
"surge pricing". While we applaud mobile, on-demand services for 
disrupting incumbents and stimulating moribund sectors of the economy, 
we also believe that the data and algorithms leveraged by these services
 should be transparent. Fundamentally, consumers and providers cannot 
make informed choices when marketplaces are opaque. Furthermore, 
black-box services are vulnerable to exploitation once their algorithms 
are understood, which creates opportunities for customers and providers 
to manipulate these services in ways that are not possible in 
transparent markets.</p> 
						
						</div> 

		</div>
<br>
<br> -->
<!--  5 updated -->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2>Providing Users With Feedback on Search Personalised Learning</h2>   
<h6> Douglas Leith (Trinity College Dublin),    Alessandro Checco (Trinity College Dublin) </h6>

			</div>

			<div class="col-md-5 text-grid-c">
					<p>Users are currently given only very limited feedback from search
 providers as to what learning and inference of personal preferences is 
taking place.   When a search engine infers that a particular 
advertising category is likely to be of interest to a user, and so more 
likely to generate click through and sales, it will tend to use this 
information when selecting which adverts to display.   This can be used 
to detect search engine learning via analysis of changes in the choice 
of displayed adverts and to inform the user of this learning.   In this 
project we will develop a browser plugin that provides such feedback, 
essentially by empowering the user via the kind of data analytic 
techniques used by the search engines themselves. </p> 

			</div> 

		</div>
<br>
<br> -->

 

<!-- 6 -->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2> Zero-Knowledge Transparency: Safe Audit Tools for End Users
</h2>   
<h6>Maksym Gabielkov (INRIA, Columbia University), Larissa Navarro 
Passos de Araujo (Columbia University), Max Tucker Da Silva (Columbia 
University), Augustin Chaintreau (Columbia University)</h6>

			</div>

			<div class="col-md-5 text-grid-c">		
				<p>In principle, data transparency tools follow strict privacy 
guidelines to protect customers’ data while revealing how this data is
 being used by others. But those objectives are often at odds. To take a
 simple example, answering questions like which of my email caused this 
ad to appear brings user to the following dilemma: she can either enjoy 
(blindly) the (relative) privacy offered by a service like gmail, or if 
she decides to voice her concern, can alternatively propose her data to 
participate in a data-transparency experiment with various tools (e.g., 
Xray, AdFisher, Sunlight and other more specific ones). The later 
involves running the experiment herself entirely or providing the data 
in clear form to one of those tools run by a third party. Both increases
 privacy risks, because sensitive data are now being manipulated by 
other pieces of codes, sometimes under someone else’s control. That 
explains that all tools mentioned above, and in fact with almost no 
exception all transparency research so far is run and validated on 
synthetic data-sets that are by nature not sensitive.</p>

<p>Here, our goal is to formally define zero-knowledge transparency, to 
reconcile the two needs of being informed and being safe when it comes 
to our data usage, and experiment with tools that provide this dual 
protection. As in our prior research, we aim at generic tools, that 
address a broad range of scenarios with the same underlying concepts. 
The first architecture we propose leverages differential correlation, as
 used in Xray for multiple services, to show that this tool can be made 
privacy-preserving with an additional simple architectural layers. The 
second architecture we envision is way broader: it leverages data bank 
with interactive queries such as air-cloak to separately solve privacy 
and transparency. We believe that most data transparency tools will 
require a similar complement and experiment with the robustness of this 
solution in the face of scale and other challenges posed.</p> 
					
			</div> 

		</div>
<br>
<br>
 -->
<!--  7 -->
		<!-- <div class="row">
			<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2>Privacy-aware ecosystem for data sharing</h2>   
<h6> Anna Monreale (Department of Computer Science, University of
              Pisa)</h6>
			</div>

			<div class="col-md-5 text-grid-c">	<p>Human and social data are an 
important source of knowledge useful for understanding human behaviour 
and for developing a wide range of user services. Unfortunately, this 
kind of data is sensitive, because people's activities described by 
these data may allow re-identification of individuals in a de-identified
 database and thus can potentially reveal intimate personal traits, such
 as religious or sexual preferences. Therefore, Data Providers, before 
sharing those data, must apply any sort of anonymization to lower the 
privacy risks, but they must be aware and capable of controlling also 
the data quality, since these two factors are often a tradeoff. This 
project proposes a framework to support the Data Provider in the privacy
 risk assessment of data to be shared. This framework measures both the 
empirical (not theoretical) privacy risk associated to users represented
 in the data and the data quality guaranteed only with users not at 
risk. It provides a mechanism allowing the exploration of a repertoire 
of possible data transformations with the aim of selecting one specific 
transformation that yields an adequate trade-off between data quality 
and privacy risk. The project will focus on mobility data studying the 
practical effectiveness of the framework over forms of mobility data 
required by specific knowledge-based services.</p> 
						
					
			</div> 

		</div>
<br>
<br> -->
<!--  8 -->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2>Exposing and Overcoming Privacy Leakage in Mobile Apps using
              Dynamic Profiles </h2>   
<h6>Z. Morley Mao (University of Michigan)</h6>

			</div>

			<div class="col-md-5 text-grid-c">		<p>In this proposal, we focus on 
designing the support to detect the leakage of personal data in the 
mobile app ecosystem through a novel approach of using dynamically 
generated user'€™s application profiles to track how sensitive data 
influence the content presented to the users and also to discover the 
violation of user privacy policies. For the former, we analyze how 
various types of content personalization based on information such as 
behavior, context or location, social graph can lead to potentially 
unwanted bias in the content. For the latter, we take a semantic based 
approach to translate the user privacy preference into enforceable 
syntax-based mechanisms. By leveraging the dynamically generated 
profiles that characterize the expected content customization, users can
 select a type of profile that satisfy user’s privacy policy or obtain
 data or access the online service through a collection of profiles. In 
summary, our work consists of both offline approaches for generating the
 knowledge of content customization based on the relevant pro- files and
 to characterize the privacy-related behavior in mobile apps, as well as
 the run-time enforcement support to satisfy user-expressed privacy 
policies.</p>

			</div> 

		</div>
<br>
<br> -->

<!--  9  -->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2>Detecting Accidental and Intentional PII Leakage from Modern
              Web Applications</h2>   
<h6>Nick Nikiforakis (Stony Brook University)</h6>

			</div>

			<div class="col-md-5 text-grid-c">		<p>The rise of extremely popular 
online services offered at no fiscal cost to users has given rise to a 
rich online ecosystem of third party trackers and online advertisers. 
While the majority of tracking involves the use of cookies and other 
technologies that do not, directly, expose a user's personally 
identifiable information (PII), past research has shown that PII leakage
 is all too common. Either due to poor programming practices (e.g. 
PII-carrying, GET-submitting forms) or due to intentional information 
leakage, a user’s PII often finds its way to the hands of third 
parties. In the cases where a user’s PII leaks towards third parties 
that already use cookies and other tracking technologies, the trackers 
have now the potential to identify the user, by name, as she browses on 
the web.</p>

<p>Despite the magnitude and the severity of the PII-leakage problem, 
there is, currently, a dearth of usable, privacy-enhancing technologies 
that detect and prevent PII leakage. To restore the control of users 
over their own personally identifiable information, we propose to 
design, implement, and evaluate LeakSentry, a browser extension that has
 the ability to identify leakage as that is happening and give users 
contextual information about the leakage as well as the power to allow 
it, or block it. Next to LeakSentry's stand-alone mode, users of 
LeakSentry will be able to opt-in to a crowd-wisdom program where they 
can learn from each other'€™s choices. In addition, LeakSentry will have
 the ability to report the location of PII leakage, enabling us to 
create a PII-leaking page observatory, which can both apply pressure to 
the websites that were caught red-handed, as well as navigate other 
users away from them.
 </p> 
						
			</div> 

		</div>
<br>
<br> -->
<!--  10 updated -->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2>Towards Transparent Privacy Practices: Facilitating
              Comparisons of Privacy Policies</h2>   
<h6>Ali Sunyaev (Department of Information Systems, University of
              CologneUniversity of Cologne),
              Tobias Dehling (Department of Information Systems, University
              of Cologne)</h6>

			</div>

			<div class="col-md-5 text-grid-c">		
				<p> 
					A central challenge of privacy policy design is the wicked nature 
of privacy policies: In essence, privacy policies are past responses of 
providers to future information requests of users regarding the privacy 
practices of online services. As a result, today’s privacy policies 
feature a large variety of contents and designs. This impedes data 
transparency, in particular, with respect to comparisons of privacy 
practices between providers. The main idea of this research proposal is 
to leverage tagging and crowdsourcing to facilitate comparisons of 
privacy policies in a provider-independent web application. Our research
 is relevant for data transparency research because it aims to improve 
the most prevalent tool for shedding light into the use of personal data
 by online services, that is, privacy policies. Redeeming the benefits 
offered by online environments while avoiding the perils is challenging,
 this research proposal makes this task easier by improving transparency
 of privacy practices. There have been numerous efforts to improve the 
utility of privacy policies that focus on reshaping the privacy policies
 offered by providers, for instance, changing the layout or enhancing 
visualization. The main innovation pursued in this research proposal is 
that we do not focus on getting providers to publish better privacy 
policies, but instead focus on enabling users to make the best out of 
the privacy policies providers confront them with.
				</p> 
						
			</div> 

		</div>
<br>
<br> -->
<!-- 11 -->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2> Improving the Comprehension of Browser Privacy Modes</h2>   
<h6>Sascha Fahl (DCSec, Leibniz Universität Hannover),
              Yasemin Acar (DCSec, Leibniz Universität Hannover),
              Matthew Smith (Rheinische Friedrich-Wilhelms-Universität
              Bonn)  </h6>

			</div>

			<div class="col-md-5 text-grid-c">
					<p>  
					Online privacy is an important, hotly researched and demanded topic
 that gained even more relevance recently. However, existing mechanisms 
that protect users’ privacy online, such as TOR and using VPN 
connections are complex, bring performance issues with them and, in case
 of the latter, add costs. Therefore, their widespread use is not 
applicable for the public. Browser vendors have recently established 
so-called private browsing modes that are largely misunderstood by 
users: They over-rate the level of protection offered by the services, 
which can lead to insecure behaviour. We aim to study user 
misconceptions, enhance their comprehension and scientifically evaluate 
the usability and applicability of more privacy-enhancing services such 
as TOR. </p> 			

			</div> 

		</div>
<br>
<br>
 -->
 

<!-- 12 updated -->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2>PRIVA­SEE: PRIVacy Aware visual SEnsitivity Evaluator</h2>   
<h6>Bruno Lepri (Fondazione Bruno Kessler),
              Elisa Ricci (Fondazione Bruno Kessler),
              Lorenzo Porzi (Fondazione Bruno Kessler)</h6>

			</div>

			<div class="col-md-5 text-grid-c">		
				<p>​Digitally sharing our lives with others is a captivating and 
often addictive activity. Nowadays 1.8 billion photos are shared daily 
on social media. These images hold a wealth of personal information, 
ripe for exploitation by tailored advertising business models, but 
placed in the wrong hands this data can lead to disaster. In this 
project, we want to see how the increasing of a person’s awareness about
 potential personal data sensitivity issues influences their decisions 
about what and how to share, and moreover, how valuable they perceive 
their personal data to be. To achieve this ambitious goal we aim to (i) 
develop a novel methodology, applied within a mobile app, to inform 
users about the potential sensitivity of their images. Sensitivity will 
be modeled by exploiting automatic inferences coming from advanced 
computer vision and deep learning algorithms applied to personal photos 
and associated metadata; (ii) perform user-­centric studies within a 
living-lab environment to assess how users’ posting behaviours and 
monetary valuation of mobile personal data are influenced by user 
awareness about content sharing risks.  </p> 
						
						


			</div> 

		</div>
<br>
<br> -->
 
<!-- 14 -->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2>Bringing Transparency to Targeted Advertising</h2>   
<h6>Patrick Loiseau (EURECOM), Oana Goga (MPI-SWS)
</h6>

			</div>

			<div class="col-md-5 text-grid-c">		
				<p>Targeted advertising largely contributes to the support of free 
web services. However, it is also increasingly raising concerns from 
users, mainly due to its lack of transparency. The objective of this 
proposal is to increase the transparency of targeted advertising from 
the user’s point of view by providing users with a tool to understand 
why they are targeted with a particular ad and to infer what information
 the ad engines possibly have about them. Concretely, we propose to 
build a browser plugin that collects the ads shown to a user and 
provides her with analytics about these ads.</p> 
						
			</div> 

		</div>
<br>
<br> -->
<!-- 15 updated url:https://twitter.com/DataboxInc-->
		<!-- <div class="row">
		<div class="col-md-1"></div>
			<div class="col-md-5 text-grid-a">
			<h2>Exploring Personal Data on the Databox</h2>   
<h6>Hamed Haddadi (QMUL)</h6>

			</div>

			<div class="col-md-5 text-grid-c">		
				<p>We are in a ‘personal data gold rush’ driven by advertising being
 the primary revenue source for most online companies. These companies 
accumulate extensive personal data about individuals with minimal 
concern for us, the subjects of this process. This can cause many harms:
 privacy infringement, personal and professional embarrassment, 
restricted access to
				labour markets, restricted access to best value pricing, and many 
others. There is a critical need to provide technologies that enable 
alternative practices, so that individuals can participate in the 
collection, management and consumption of their personal data.We are 
developing the Databox, a personal networked device (and associated 
services) that collates and mediates access to personal data, allowing 
us to recover control of our online lives. We hope the Databox is a 
first step to re-balancing power between us, the data subjects, and the 
corporations that collect and use our data.</p> 
			</div> 

		</div>
<br>
<br> -->
	</section>