Web privacy measurement has often focused on the implementation specifics of various tracking techniques, developing ways to block them, and producing browser add-ons which demonstrate such blocking. However, while over 20 years of this focus has yielded lots of papers, citations, and media coverage, there has been limited real-world impact. A much more promising approach to effecting systemic change at scale is to shift attention away from how tracking is performed towards evaluating if such tracking is compliant with a growing body of applicable regulations.

In this talk I will offer perspectives on compliance measurement at scale, drawing lessons from my experience in the worlds of academic research, civil liberties advocacy, class litigation, and industry. Common themes will be explored and large-scale compliance measurement technologies will be presented in-depth. Likewise, insights on how computer scientists may effectively work across and between disciplinary boundaries will be presented. Ultimately, the most effective means to achieve change at scale is not to build another add-on, it is to build coalitions of experts working together to ensure technology, business, and regulation exist in harmony.

View More Papers

Log4shell: Redefining the Web Attack Surface

Douglas Everson (Clemson University), Long Cheng (Clemson University), and Zhenkai Zhang (Clemson University)

Read More

Copy-on-Flip: Hardening ECC Memory Against Rowhammer Attacks

Andrea Di Dio (Vrije Universiteit Amsterdam), Koen Koning (Intel), Herbert Bos (Vrije Universiteit Amsterdam), Cristiano Giuffrida (Vrije Universiteit Amsterdam)

Read More

Assessing the Impact of Interface Vulnerabilities in Compartmentalized Software

Hugo Lefeuvre (The University of Manchester), Vlad-Andrei Bădoiu (University Politehnica of Bucharest), Yi Chen (Rice University), Felipe Huici (Unikraft.io), Nathan Dautenhahn (Rice University), Pierre Olivier (The University of Manchester)

Read More