Keynote Addresses

Session Keynote-3

Keynote 3

Conference
11:00 AM — 12:00 PM EDT
Local
Oct 21 Thu, 11:00 AM — 12:00 PM EDT

Auditing Network Traffic for Data Collection Practices

Athina Markopoulou (University of California, Irvine, USA)

2
Personal data collection typically starts on user devices, in a range of application domains including the web, mobile, Internet-of-Things, smart TV, and virtual reality. Many useful services are enabled by the collection of personal data, although increasingly at the expense of privacy, security, transparency, and fairness, for individuals and for the society as a whole. To deal with these problems, technical solutions are currently being developed to provide privacy guarantees and/or to expose data collection by various players in the data tracking ecosystem. Increased public awareness has also led to recent legislation on data protection, such as GDPR and CCPA, and policy has become a powerful tool to be used in synergy with technology.

In this talk, I will first describe the landscape of personal data collection and tracking today. I will then present our approach, which leverages the network as a universal vantage point for auditing the data collection practices of application developers as well as of various platforms. We develop tools for intercepting and inspecting traffic at the edge of the network, and we analyze the network traffic to look for exposures of personal data. We also check the consistency of network traffic with the corresponding privacy policies and eventually the compliance with data protection laws. I will argue that, going forward, the design of devices, software and networks needs to incorporate privacy-by-design, rather than be treated as an afterthought.

Session Chair

Eytan Modiano (Massachusetts Institute of Technology, USA)

Made with in Toronto · Privacy Policy · © 2022 Duetone Corp.