2020 IEEE International Conference on Web Services (ICWS) 2020
DOI: 10.1109/icws49710.2020.00017
|View full text |Cite
|
Sign up to set email alerts
|

GDPR: When the Right to Access Personal Data Becomes a Threat

Help me understand this report
View preprint versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
38
0

Year Published

2021
2021
2023
2023

Publication Types

Select...
5
3
1

Relationship

0
9

Authors

Journals

citations
Cited by 30 publications
(38 citation statements)
references
References 7 publications
0
38
0
Order By: Relevance
“…First, we observe that there is a statistically significant correlation between unique visitors counts and Tranco rank (Pearson's r = −0.042 *** ). 16 This is expected, given that the Tranco ranking includes data from underlying sources like Alexa, 17 which are themselves compiled from web browsing history data. We also observe that the correlation between unique visitors and Tranco rank is stronger for websites that include DNSMPI links (r = −0.16 *** ) than those without (r = −0.033 *** ).…”
Section: Unique Visitorsmentioning
confidence: 99%
See 1 more Smart Citation
“…First, we observe that there is a statistically significant correlation between unique visitors counts and Tranco rank (Pearson's r = −0.042 *** ). 16 This is expected, given that the Tranco ranking includes data from underlying sources like Alexa, 17 which are themselves compiled from web browsing history data. We also observe that the correlation between unique visitors and Tranco rank is stronger for websites that include DNSMPI links (r = −0.16 *** ) than those without (r = −0.033 *** ).…”
Section: Unique Visitorsmentioning
confidence: 99%
“…The rights granted to Californians under the CCPA are similar to those granted to European citizens under the GDPR, including the right to access and delete data that has been collected about them. Unfortunately, researchers have identified problems with the processes that data collectors have adopted to implement these rights, including: interface designs that are hard for people to locate and use effectively [3,42]; data processors that ignore or are slow to respond to data access requests [72]; and systems that rely on weak authentication methods and thus leak sensitive data to unauthorized parties [17,55].…”
Section: Data Access Deletion and Opt-outmentioning
confidence: 99%
“…Several prior works have researched the potential authentication issues in relation to verifying the identity of the data subject (DS) when performing a SAR. In these scientific experiments, the researchers simulate a potential adversary that attempts to perform a SAR under the name of another individual, essentially stealing their personal data [3,8]. Malevolent attackers can use this technique to gain access to sensitive data related to individuals and abuse it for identity fraud or highly targeted phishing attacks, demonstrating a real threat to the privacy of data subjects.…”
Section: Introductionmentioning
confidence: 99%
“…In cases where users are indeed able to exercise their rights, user data is poorly handled. For example, online services often ignore or respond late to data access requests [66] and even leak sensitive user data to unauthorized users because of weak authentication mechanisms [42,49]. While some negligence could be attributed to the complexity of the regulations, unpreparedness, or oversights of online services, a lot of it could be due to blatant inconsideration towards data protection regulations from online services.…”
Section: Introductionmentioning
confidence: 99%