zenon/bachelorarbeit
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add reference for GDPR

Browse Source
This commit is contained in:
Tobias Eidelpes 2020-08-25 14:27:58 +02:00
parent 173acfa323
commit 39a1cf4a46
2 changed files with 23 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
defenses.tex
View File

@ -44,18 +44,19 @@ For either opt-out or opt-in to work, a web site has to provide an option for
doing so. Because web sites increasingly use third parties to manage data doing so. Because web sites increasingly use third parties to manage data
collection on their site, consent or rejection has to be passed to these third collection on their site, consent or rejection has to be passed to these third
parties and they have to be willing to accept such a decision. Since the parties and they have to be willing to accept such a decision. Since the
European's \gls{GDPR} came into force in 2018, service providers operating in European's \gls{GDPR} \cite{europeanparliamentGeneralDataProtection2016} came
the European Union are required to ask users for explicit consent before into force in 2018, service providers operating in the European Union are
collecting any data, except when that data is absolutely necessary to ensure required to ask users for explicit consent before collecting any data, except
basic functionality. It is not allowed to notify the user that by continuing to when that data is absolutely necessary to ensure basic functionality. It is not
visit the web site, consent to data collection is given. Furthermore, if consent allowed to notify the user that by continuing to visit the web site, consent to
is not given, the web site provider is not allowed to block the user from data collection is given. Furthermore, if consent is not given, the web site
visiting the web site. Even before the \gls{GDPR}, the EU required web sites to provider is not allowed to block the user from visiting the web site. Even
ask for informed consent via the ePrivacy Directive which came into force in before the \gls{GDPR}, the EU required web sites to ask for informed consent via
2013. \citet{trevisanYearsEUCookie2019} use their tool \emph{CookieCheck} to the ePrivacy Directive which came into force in 2013.
evaluate how many of the surveyed 35.000 sites comply with the legislation put \citet{trevisanYearsEUCookie2019} use their tool \emph{CookieCheck} to evaluate
forth in the ePrivacy Directive. Their findings indicate that almost half (49\%) how many of the surveyed 35.000 sites comply with the legislation put forth in
of the web sites use profiling technologies without consent. Similarly, the ePrivacy Directive. Their findings indicate that almost half (49\%) of the
web sites use profiling technologies without consent. Similarly,
\citet{sanchez-rolaCanOptOut2019a} show that tracking is still prevalent and \citet{sanchez-rolaCanOptOut2019a} show that tracking is still prevalent and
happens already before user consent is given after the \gls{GDPR} has been in happens already before user consent is given after the \gls{GDPR} has been in
force for a year. \citet{huCharacterisingThirdParty2019} come to a a similar force for a year. \citet{huCharacterisingThirdParty2019} come to a a similar
@ -75,7 +76,7 @@ in chapter~\ref{chap:tracking methods} can be defended against.
For our purposes, clearing the browser history means not only clearing the web For our purposes, clearing the browser history means not only clearing the web
sites that have been visited but also cookies and other relevant data that is sites that have been visited but also cookies and other relevant data that is
saved with a visit to a web site. All major browser offer this functionality and saved with a visit to a web site. All major browsers offer this functionality and
what they delete is similar. Firefox, for example, allows clearing the browsing what they delete is similar. Firefox, for example, allows clearing the browsing
and search history, form and search history, cookies (also flash cookies), the and search history, form and search history, cookies (also flash cookies), the
cache, active logins, offline web site data and site preferences such as cache, active logins, offline web site data and site preferences such as

14
references.bib
View File

@ -461,8 +461,9 @@
author = {European Parliament and European Council}, author = {European Parliament and European Council},
year = {2016}, year = {2016},
month = apr, month = apr,
url = {https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679\&from=EN\#d1e6620-1-1}, url = {https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679},
urldate = {2020-08-25} urldate = {2020-08-25},
note = {Accessed 2020-08-25}
} }
@inproceedings{falahrastegarTrackingPersonalIdentifiers2016, @inproceedings{falahrastegarTrackingPersonalIdentifiers2016,
@ -494,7 +495,8 @@ Web cache timing attacks},
shorttitle = {Hypertext {{Transfer Protocol}} ({{HTTP}}/1.1)}, shorttitle = {Hypertext {{Transfer Protocol}} ({{HTTP}}/1.1)},
author = {Fielding, Roy and Reschke, Julian}, author = {Fielding, Roy and Reschke, Julian},
url = {https://tools.ietf.org/html/rfc7232\#section-2.3}, url = {https://tools.ietf.org/html/rfc7232\#section-2.3},
urldate = {2020-08-25} urldate = {2020-08-25},
note = {Accessed 2020-08-25}
} }
@misc{fieldingHTTPLastModified, @misc{fieldingHTTPLastModified,
@ -502,7 +504,8 @@ Web cache timing attacks},
shorttitle = {Hypertext {{Transfer Protocol}} ({{HTTP}}/1.1)}, shorttitle = {Hypertext {{Transfer Protocol}} ({{HTTP}}/1.1)},
author = {Fielding, Roy and Reschke, Julian}, author = {Fielding, Roy and Reschke, Julian},
url = {https://tools.ietf.org/html/rfc7232\#section-2.2}, url = {https://tools.ietf.org/html/rfc7232\#section-2.2},
urldate = {2020-08-25} urldate = {2020-08-25},
note = {Accessed 2020-08-25}
} }
@misc{fieldingHTTPSemanticsContent2014, @misc{fieldingHTTPSemanticsContent2014,
@ -1183,7 +1186,8 @@ Impact of CSS-based history detection},
year = {2018}, year = {2018},
month = aug, month = aug,
url = {https://tools.ietf.org/html/rfc8446}, url = {https://tools.ietf.org/html/rfc8446},
urldate = {2020-08-25} urldate = {2020-08-25},
note = {Accessed 2020-08-25}
} }
@inproceedings{reznichenkoAuctionsDonottrackCompliant2011, @inproceedings{reznichenkoAuctionsDonottrackCompliant2011,