Publishers can offer advertisers the ability to reach customization and narrow market segments for targeted advertising. Can you protect yourself.. ?

1. Targeted Online Advertising
Foundation of privacy

2. Topics

Introduction to online advertisement




Privacy Issues
Solutions



Understanding the participants and their roles.
Targeted advertising.
User based solutions
Collaborative solutions
Conclusions

3. Introduction


Online Advertising plays a critically important role in
the Internet world.
advertising is the main way of profiting from the
Internet, the history of Internet advertising developed
alongside the growth of the medium itself

4. Facts and short history




First internet banner, 1994, AT&T.
Also in 1994, the first commercial spam, a
"Green Card Lottery".
The first ad server was developed by FocaLink
Media Services and introduced on 1995.
In March 2008, Google acquired DoubleClick
for US$3.1 billion in cash.

5. Parties

Advertiser



Publisher



Got content, wants money
Cnn.com
Ad-network



Got money, wants publicity
e.g., Coca-Cola
Got advertising infrastructure, wants money
e.g., Google AdSense, Yahoo
Consumer

Wants free content

6. Business Model


CPM = Cost Per thousand impressions
 Impression: user just sees the ad.
 Rates vary from $0.25 to $100
CPC = Cost Per Click
 This is the cost charged to an advertiser
every time their ad is "clicked" on
 Rates around 0.3$ per click

7. Click fraud


clicking on an ad for the purpose of generating
a charge per click without having actual
interest.
Might be:




The publisher
Advertiser’s competitor
The publisher’s competitor
Ad-networks deal with it by trying to identify
who clicks on the ads.

8. Online behavioral advertising


Online behavioral advertising refers to the
practice of ad-networks tracking users across
web sites in order to learn user interests and
preferences.
Benefits
 Advertisers targets a more focused audience
which increases the effectively.
 Consumer is “bothered” by more relevant
and interesting ads.

9. How ad-networks match ads


Most behavioral targeting systems work by
categorizing users into one or more audience
segments.
Profiling users based on collected data





Search history – analyzing search keywords
Browse history - analyzing content of visited
pages
Purchase history
Social networks
Geography

10. How Ad-Networks track users

Cookies





3rd Party cookies
Flash cookies
Web bug
IP address
User-agent Headers


Browser + OS
More than 24,000 signatures

11. Levis.com case study

12. Privacy



Tracking and categorizing users by the adnetworks tend to violate user’s privacy.
The gathered information, linked with the
users real identity, form a violation of privacy in
its most basic form.
For example, if a person is searching the web
for information on a serious genetic disease,
that information can be collected and stored
along with that consumer's other information including information that can uniquely identify
the consumer.

13. So… What we have so far?


User - Preserve his privacy
Ad-Network & Publisher –



Maintain targeting and preserve their
effectiveness and income
Still want to be able to fight click fraud
Questions:


Do the two goals necessarily conflict?
Or can they be both achieved?

14. Naive (paranoid) solution

Surf only across anonymizing proxies.



Surf in private mode
Advantages


TOR
Effective from the user’s perspective.
Disadvantages




Are proxies really anonymizing?
Very awkward
Slower
Damages targeted advertising

15. TrackMeNot (Howe, Nissenbaum, 2005)





Implemented as a Firefox plugin.
Achieves privacy through obfuscation.
Generates noisy queries.
Starts with fixed a seed query list and evolve
queries base on previous results.
Mimics user behavior so fake queries be
indistinguishable:


Query timing
Click through behavior

16. TrackMeNot

Advantages


Simple
Disadvantages



Still the real queries can be connected to real
identity.
Might have problems with offensive contents.
Again, damages targeted advertising

17. Privad (Guha, Reznichenko, Tang , et al., 2009)

Require client software:
 saves locally database of ads (served by the
ad-network)
 Learn user interests in order to match ads.
 Match add from the local database
according
to the User interests.

18. Privad

Introduce new party – Dealer:
 Proxies anonymously all communication
between the user and the ad-network.
 might be government regulatory agency.
 hides user’s identity from the ad-network,
but itself does not learn any profile
information about the user since all
messages between the user and ad-network
are encrypted.

20. Privad

Advantages


Ad-Networks can still target ads without violates
user privacy.
Disadvantages


Complicated to add the new party.
Ad-Network has to trust the dealer in order to fight
click-fraud which might unmotivated them to
cooperate.

21. Adnostic (Toubina, Narayanan, Boneh, et al., 2009)

Two party solution:




Client side: Implemented as a Firefox plugin.
Server side: requires Ad-Network support
User’s preferences and interests are stored
locally by the plugin, instead of at the Adnetwork.
The targeted ad is selected by the plugin
locally at the users computer, instead of at the
Ad-Network servers.

22. Adnostic - Accounting



“charge per click” model remains unchanged.
“charge per impression” is harder.
It uses homomorphic encryption scheme.


given the public key
and ciphertexts
, anyone can calculate
given the public key
and ciphertexts
and scalar c ,
c a n b e c a lc ula te d .
,

23. Adnostic - charge per impression protocol




Client: Track user activity and maintains the
data locally.
Visits an Ad supported website.
Server: Sends a list of n a d s id s a lo ng with
p ublic ke y
The browser chooses an ad to display to the
user.
Then creates
that matches the
selected ad, then send
, Along with zero-knowledge proof that
and each is 0 or 1.

24. Adnostic - charge per impression protocol



Validates the proof. If the proof is valid then
using homomorphic encryption calculates
when c is the price of viewing the ad.
The server save encrypted counter for each ad
and add to it the previous values. Only one
counter’s real value change.
At the end of the billing period, say a month,
each counter is decrypted (should be done by
trusted authority) and the advertisers pays for

25. Adnostic

Advantages



Ad-networks can still target ads without violates
user privacy.
Ad-networks can still detect click fraud though it
will be difficult without gathering information on IP
even for a short time.
Disadvantages


Ad-networks become weaker.
Ad-networks can still track user if they are willing
to, and the protocol is built on trust.

26. Conclusions


In my opinion, It is hard to believe that adnetworks will give up the power of tracking
users without legislation.
Nevertheless, There are reasonable solutions
that still support targeted advertising without
violating users privacy.

27. References




[1] Daniel c. Howe and Helen Nissenbaum. Trackmenot:
resisting surveillance in web search. 2005.
[2] Saikat Guha, Bin Cheng, Alexey Reznichenko,
Hamed
Haddadi,
and
Paul
Francis.
Privad:
Rearchitecting online advertising for privacy. 2009.
[3] Vincent Toubiana, Arvind Narayanan Dan Boneh,
Helen Nissenbaum, and Solon Barocas. Adnostic:
Privacy preserving targeted advertising. 2009.
[4] Catherine Dwyer. Behavioral targeting: A case study
of consumer tracking on levis.com. In 15th Americas
Conference on Information Systems, 2009..