Automating cookie consent and {GDPR} violation detection
The European Union's General Data Protection Regulation (GDPR) requires websites to
inform users about personal data collection and request consent for cookies. Yet the majority …
inform users about personal data collection and request consent for cookies. Yet the majority …
Can I opt out yet? GDPR and the global illusion of cookie control
I Sanchez-Rola, M Dell'Amico, P Kotzias… - Proceedings of the …, 2019 - dl.acm.org
The European Union's (EU) General Data Protection Regulation (GDPR), in effect since May
2018, enforces strict limitations on handling users' personal data, hence impacting their …
2018, enforces strict limitations on handling users' personal data, hence impacting their …
We value your privacy... now take some cookies: Measuring the GDPR's impact on web privacy
The European Union's General Data Protection Regulation (GDPR) went into effect on May
25, 2018. Its privacy regulations apply to any service and company collecting or processing …
25, 2018. Its privacy regulations apply to any service and company collecting or processing …
Cookies Lack Integrity:{Real-World} Implications
X Zheng, J Jiang, J Liang, H Duan, S Chen… - 24th USENIX Security …, 2015 - usenix.org
A cookie can contain a “secure” flag, indicating that it should be only sent over an HTTPS
connection. Yet there is no corresponding flag to indicate how a cookie was set: attackers …
connection. Yet there is no corresponding flag to indicate how a cookie was set: attackers …
RuleKeeper: GDPR-aware personal data compliance for web frameworks
Pressured by existing regulations such as the EU GDPR, online services must advertise a
personal data protection policy declaring the types and purposes of collected personal data …
personal data protection policy declaring the types and purposes of collected personal data …
Do cookie banners respect my choice?: Measuring legal compliance of banners from iab europe's transparency and consent framework
As a result of the GDPR and the ePrivacy Directive, European users encounter cookie
banners on almost every website. Many of such banners are implemented by Consent …
banners on almost every website. Many of such banners are implemented by Consent …
Who Left Open the Cookie Jar? A Comprehensive Evaluation of {Third-Party} Cookie Policies
G Franken, T Van Goethem, W Joosen - 27th USENIX Security …, 2018 - usenix.org
Nowadays, cookies are the most prominent mechanism to identify and authenticate users on
the Internet. Although protected by the Same Origin Policy, popular browsers include …
the Internet. Although protected by the Same Origin Policy, popular browsers include …
Are cookie banners indeed compliant with the law? Deciphering EU legal requirements on consent and technical means to verify compliance of cookie banners
In this work, we analyze the legal requirements on how cookie banners are supposed to be
implemented to be fully compliant with the e-Privacy Directive and the General Data …
implemented to be fully compliant with the e-Privacy Directive and the General Data …
Token attempt: the misrepresentation of website privacy policies through the misuse of p3p compact policy tokens
PG Leon, LF Cranor, AM McDonald… - Proceedings of the 9th …, 2010 - dl.acm.org
P3P compact policies (CPs) are a collection of three-character and four-character tokens
that summarize a website's privacy policy pertaining to cookies. User agents, including …
that summarize a website's privacy policy pertaining to cookies. User agents, including …
Cookie banners and privacy policies: Measuring the impact of the GDPR on the web
M Kretschmer, J Pennekamp, K Wehrle - ACM Transactions on the Web …, 2021 - dl.acm.org
The General Data Protection Regulation (GDPR) is in effect since May of 2018. As one of the
most comprehensive pieces of legislation concerning privacy, it sparked a lot of discussion …
most comprehensive pieces of legislation concerning privacy, it sparked a lot of discussion …