Abstract
Personalization technologies offer powerful tools for enhancing the user experience in a wide variety of systems, but at the same time raise new privacy concerns. For example, systems that personalize advertisements according to the physical location of the user or according to the user’s friends’ search history, introduce new privacy risks that may discourage wide adoption of personalization technologies. This article analyzes the privacy risks associated with several current and prominent personalization trends, namely social-based personalization, behavioral profiling, and location-based personalization. We survey user attitudes towards privacy and personalization, as well as technologies that can help reduce privacy risks. We conclude with a discussion that frames risks and technical solutions in the intersection between personalization and privacy, as well as areas for further investigation. This frameworks can help designers and researchers to contextualize privacy challenges of solutions when designing personalization systems.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
Acquisti A., Gross R.: Imagined communities: Awareness, information sharing, and privacy on the facebook. In: Danezis, G., Golle, P. (eds) Privacy enhancing technologies, Lecture notes in computer science, vol 4258, pp. 36–58. Springer, Berlin (2006). doi:10.1007/119574543
Anton A.I., Earp J.B., Young J.D.: How internet users’ privacy concerns have evolved since 2002. IEEE. Secur. Priv. 8(1), 21–27 (2010)
Arlein R.M., Jai B., Jakobsson M., Monrose F., Reiter M.K.: Privacy-preserving global customization. In: 2nd ACM conference on electronic commerce, pp. 176–184. ACM Press, Minneapolis (2000)
Awad N.F., Krishnan M.S.: The personalization privacy paradox: an empirical evaluation of information transparency and the willingeness to be profiled online for personalization. MIS Quarterly 30(1), 13–28 (2006)
Barkhuus L., Brown B., Bell M., Sherwood S., Hall M., Chalmers M.: From awareness to repartee: sharing location within social groups. In: Proceeding of the twenty-sixth annual SIGCHI conference on Human factors in computing systems, pp. 497–506. ACM Press, New York (2008)
Benisch M., Kelley P., Sadeh N., Cranor L.: Capturing location-privacy preferences: quantifying accuracy and user-burden tradeoffs. Pers. Ubiquitous Comput. 15(7), 679–694 (2011)
Beresford A.R., Stajano F.: Location privacy in pervasive computing. IEEE. Pervasive Comput. 2(1), 46–55 (2003)
Berkovsky S., Eytani Y., Kuflik T., Ricci F.: Privacy-enhanced collaborative filtering. In: Kobsa A., Cranor L. (eds.) PEP05, UM05 workshop on privacy-enhanced personalization, pp. 75–84. Edinburgh (2005)
Bonneau J., Preibusch S.: The privacy jungle: On the market for data protection in social networks. In: Moore, T., Pym, D., Ioannidis, C. (eds) Economics of information security and privacy, pp. 121–167. Springer, New York (2009)
Canny, J.: Collaborative filtering with privacy via factor analysis. In: Proceedings of the 25th annual international ACM SIGIR conference on research and development in information retrieval, pp. 238–245. ACM Press, Tampere (2002)
Cassel, L., Cassel, L., Wolz, U.: Client side personalization. In: Proceedings of the joint DELOS-NSF workshop on personalization and recommender systems in digital libraries, Dublin City University, Dublin (2001)
Ceri, S., Dolog, P., Matera, M., Nejdl, W.: Model-driven design of web applications with client-side adaptation. In: International conference on web engineering, ICWE’04, vol. 3140, pp. 201–214. Springer, Munich (2004)
Coroama V., Langheinrich M.: Personalized vehicle insurance rates—a case for client-side personalization in ubiquitous computing. Ubiquitous Comput. Workshop Priv. Enhanced Personal. CHI’ 06(22), 56–59 (2006)
Cranor, L.F.: I didn’t buy it for myself: privacy and ecommerce personalization. In: 2003 ACM workshop on privacy in the electronic society, pp. 111–117 ACM Press, Washington, DC (2003)
Culnan, M.J., Milne, G.R.: The culnan milne survey on consumers and online privacy notices: summary of responses. http://www.ftc.gov/bcp/workshops/glb/supporting/culnan-milne.pdf). Accessed Dec 2001
Dalal, M.: Personalized social & real-time collaborative search. In: Proceedings of the 16th international conference on World Wide Web, WWW ’07, pp. 1285–1286. ACM Press, New York (2007)
Davis, W.: Report: Marketers limit behavioral targeting due to privacy worries. Tech. rep., Media Post Report (2010)
Dwyer, C., Hiltz, S.R., Passerini, K. Trust and privacy concern within social networking sites: a comparison of facebook and myspace. In: Proceedings of the thirteenth americas conference on information systems (AMCIS 2007), Keystone (2007)
Egelman, S., Tsai, J., Cranor, L., Acquisti, A.: Timing is everything? The effects of timing and placement of online privacy indicators. In: Proceedings of the 27th international conference on Human factors in computing systems, pp. 319–328. ACM Press, New York (2009)
Facebook (2010) Facebook instant personalization. http://blog.facebook.com/blog.php?post=384733792130. Accessed 26 April 2010
Federal Trade Commission: self-regulatory principles for online behavioral advertising. Tech. rep., Federal Trade Commission (2009)
Forrester Consulting: Outbound email and dataloss prevention in today’s enterprise. http://www.proofpoint.com/outbound (2008). Accessed March 2008
Gedik B., Liu L.: Protecting location privacy with personalized k-anonymity: architecture and algorithms. IEEE Trans. Mobile Comput. 7(1), 1–18 (2008)
Gerber, S., Fry, M., Kay, J., Kummerfeld, B., Pink, G., Wasinger, R. PersonisJ: mobile, Client-Side user modelling. In: International conference on user modeling, adaptation, and personalization, lecture notes in computer science, vol. 6075, pp. 111–122. Springer, Berlin (2010)
Google (2008) Social graph API. http://code.google.com/apis/socialgraph/. Accessed 01 Feb 2008
Google (2011) Google +1 button - social search. http://www.google.com/+1/button/. Accessed 01 June 2011
Gruteser M., Liu X.: Protecting privacy, in continuous location-tracking applications. Secur. Priv. IEEE. 2(2), 28–34 (2004)
Helft M., Wortham J.: Facebook bows to pressure over privacy. New York Times, New York (2010)
Heymann, P., Koutrika, G., Garcia-Molina: Can social bookmarking improve web search? In: Proceedings of the international conference on web search and web data mining, WSDM ’08, pp. 195–206. New York (2008)
Hitchens, M., Kay, J., Kummerfeld, B., Brar, A. Secure identity management for pseudo-anonymous service access. In: Hutter, D., Ullmann, M. (eds.) Security in pervasive computing: second international conference, pp. 48–55, Boppard (2005)
Hoh, B., Gruteser, M.: Protecting location privacy through path confusion. In: Security and privacy for emerging areas in communications networks, 2005. SecureComm 2005. First international conference on security and privacy for emerging areas in communications networks, pp. 194–205. IEEE Computer Society, Washington (2005)
Iachello, G., Smith, I., Consolovo, S., Abowd, G., Hughes, J., Howard, J., Potter, F., Scott, J., Sohn, T., Hightower, J., LaMarca, A.: Control, deception, and communication: Evaluating the deployment of a location-enhanced messaging service. In: Ubicomp ’05, pp. 213–231. Springer-Verlag, Berlin (2005)
Kay, J.: Scrutable adaptation: because we can and must. In: Adaptive hypermedia and adaptive web-based systems, pp. 11–19. Springer, Berlin (2006)
Kay, J., Kummerfeld, B., Lauder, P. Managing private user models and shared personas. In: Workshop on user modelling for ubiquitous computing, 9th international conference on user modeling, pp. 1–11. Johnstown (2003)
Kelley, P.G., Drielsma, P.H., Sadeh, N., Cranor, L.F.: User-controllable learning of security and privacy policies. In: Proceedings of the 1st ACM workshop on AISec, pp. 11–18. ACM Press, Alexandria (2008)
Knijnenburg, B.P., Willemsen, M.C., Gantner, Z., Soncu, H., Newell, C.: Explaining the user experience of recommender systems. User Model. User Adapt. Interact. 22 (2012). doi:10.1007/s11257-011-9118-4
Kobsa A.: Generic user modeling systems. User Model. User Adapt. Interact. 11(1–2), 49–63 (2001)
Kobsa A.: Generic user modeling systems. In: Brusilovsky, P., Kobsa, A., Nejdl, W. (eds) The adaptive web: methods and strategies of web personalization, pp. 136–154. Springer Verlag, Heidelberg (2007a)
Kobsa A.: Privacy-enhanced web personalization. In: Brusilovsky, P., Kobsa, A., Nejdl, W. (eds) The Adaptive Web, pp. 628–670. Springer-Verlag, Berlin (2007b)
Kobsa A., Schreck J.: Privacy through pseudonymity in User-Adaptive systems. ACM. Trans. Internet Technol. 3(2), 149–183 (2003)
Kobsa A., Koenemann J., Pohl W.: Personalized hypermedia presentation techniques for improving online customer relationships. Knowl. Eng. Rev. 16, 111–155 (2001)
Lampinen, A., Tamminen, S., Oulasvirta, A.: All my people right here, right now: management of group co-presence on a social networking site. In: GROUP ’09: Proceedings of the ACM 2009 international conference on supporting group work, pp. 281–290. ACM Press, New York (2009)
Lewis K., Kaufman J., Christakis N.: The taste for privacy: an analysis of college student privacy settings in an online social network. J. Comput. Mediat. Commun. 14(1), 79–100 (2008)
Lu, Y., Peng, F., Wei, X., Dumoulin, B.: Personalize web search results with user’s location. In: Proceeding of the 33rd international acm sigir conference on research and development in information retrieval, SIGIR 2010, pp. 763–764, Geneva (2010)
Malin, B., Sweeney, L., Newton, E.: Trail re-identification: learning who you are from where you have been. Technical Report LIDAP-WP12, Carnegie Mellon University, Laboratory for international data privacy (2003)
Mayer, J.R., Narayanan, A.: Do not track iab/w3c/ietf position paper. Tech. rep., W3C (2011)
McDonald A.M., Cranor L.F.: Beliefs and behaviors: Internet users’ understanding of behavioral advertising. Tech. rep. Carnegie Mellon University, Pittsburgh (2010)
Mehta, B.: Cross system personalization by learning manifold alignments. In: Proceedings of the 21st national conference on artificial intelligence, Vol. 2, pp. 1920–1921. AAAI Press, Menlo Park (2006)
Mehta, B.: Learning from what others know: privacy preserving cross system personalization. In: Proceedings of the 11th international conference on user modeling, UM ’07, pp. 57–66. Springer-Verlag, Berlin (2007)
Mehta B., Niederee C., Stewart A, Degemmis M., Lops P., Semeraro G.: Ontologically-enriched unified user modeling for cross-system personalization. In: Ardissono, L., Brna, P., Mitrovic, A. (eds) User Modeling 2005, Lecture notes in computer science, vol. 3538, pp. 119–123. Springer, Berlin (2005)
Microsoft Internet explorer tracking protection lists. http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists (2010). Accessed Sept 2010
Miller B.N., Konstan J.A., Riedl J.: PocketLens: toward a personal recommender system. ACM. Trans. Inf. Syst. 22(3), 437–476 (2004)
Mulligan, D., Schwartz, A.: Your place or mine?: privacy concerns and solutions for server and client-side storage of personal information. In: Proceedings of the tenth conference on computers, Freedom and privacy: challenging the assumptions, pp. 81–84. ACM Press, Toronto (2000)
Mullins, R.: VentureBeat report: privacy group argues buzz breaks wiretap laws. http://venturebeat.com/2010/02/17/privacy-group-argues-buzz-breaks-wiretap-laws/ (2010). Accessed 17 Feb 2010
Nakashima, E.: AOL search queries open window onto users’ worlds. Washington Post (2006)
Nissenbaum H.: Privacy as contextual integrity. Wash. Law Rev. Assoc. 79, 119–158 (2004)
Palen, L., Dourish, P.: Unpacking “privacy” for a networked world. In: Proceedings of the SIGCHI conference on human factors in computing systems (CHI ’03), pp. 129–136. ACM Press, New York (2003)
Paliouras, G.: Discovery of web user communities and their role in personalization. User Model. User Adapt. Interact. 22(1–2), 151–175 (2012)
Polat, H., Du, W.: Privacy-preserving collaborative filtering using randomized perturbation techniques. In: IEEE international conference on data mining (ICDM’03). IEEE Computer Society, Los Alamitos (2003)
Polat, H., Du, W.: SVD-based collaborative filtering with privacy. In: 20th ACM symposium on applied computing, pp. 791–795. Santa Fe (2005)
Riedl J.: Personalization and privacy. Internet Comput. IEEE. 5(6), 29–31 (2001)
Ristenpart, T., Maganis, G., Krishnamurthy, A., Kohno, T.: Privacy-preserving location tracking of lost or stolen devices: cryptographic techniques and replacing trusted third parties with DHTs. In: Proceedings of the 17th conference on security symposium, pp. 275–290. USENIX Association, San Jose (2008)
Schafer J., Frankowski D., Herlocker J., Sen S.: Collaborative filtering recommender systems. In: Brusilovsky, P., Kobsa, A., Nejdl, W. (eds) The Adaptive Web, pp. 291–324. Springer-Verlag, Berlin (2007)
Spiekermann S., Cranor L.F.: Engineering privacy. IEEE. Trans. Softw. Eng. 35(1), 67–82 (2009)
Story L., Stone B.: Facebook retreats on online tracking. New York Times, New York (2007)
Stutzman F., Kramer-Duffield J.: Friends only: examining a privacy-enhancing behavior in facebook. In: Mynatt, ED, Schoner, D, Fitzpatrick, G, Hudson, SE, Edwards, K, Rodden, T (eds) CHI, pp. 1553–1562. ACM, New York (2010)
Sweeney L.: K-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl Based Syst. 10(5), 557–570 (2002)
Tang, K.P., Keyani, P., Fogarty, J., Hong, J.I.: Putting people in their place: an anonymous and privacy-sensitive approach to collecting sensed data in location-based applications. In: Proceedings of the SIGCHI conference on human factors in computing systems, pp. 93–102. ACM Press, Montréal (2006)
Toch, E., Cranshaw, J., Drielsma, P.H., Tsai, J.Y., Kelley, P.G., Springfield, J., Cranor, L., Hong, J., Sadeh, N.: Empirical models of privacy in location sharing. In: Proceedings of the 12th ACM international conference on Ubiquitous computing, Ubicomp ’10, pp. 129–138. ACM Press, New York (2010)
TRUSTe, TNS: 2009 study: consumer attitudes about behavioral targeting. Tech. rep., TRUSTe (2009)
Tsai J., Kelley P.G., Cranor L.F., Sadeh N.: Location-sharing technologies: Privacy risks and controls. J. Law Policy Inf. Soc. 6(2), 119–151 (2010)
Tsai J.Y., Egelman S., Cranor L., Acquisti A.: The effect of online privacy information on purchasing behavior: an experimental study. Inf. Syst. Res. 22, 254–268 (2011)
Turow, J., King, J., Hoofnagle, C.J., Bleakley, A., Hennessy, M.: Americans reject tailored advertising and three activities that enable it. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1478214 (2009). Accessed 29 Sept 2009
Volokh E.: Personalization and privacy. Commun ACM 43, 84–88 (2000)
Wang, Y.: A framework for Privacy-Enhanced personalization. Ph.D. Dissertation, University of California, Irvine (2010)
Wang, Y., Kobsa, A.: Impacts of privacy laws and regulations on personalized systems. In: Kobsa, A., Chellappa, R.K., Spiekermann, S. (eds.) PEP06 CHI06 workshop on privacy-enhanced personalization, pp. 44–46. Montréal (2006)
Wang, Y., Kobsa, A.: Respecting users’ individual privacy constraints in web personalization. In: Conati, C., McCoy, K., Paliouras, G. (eds.) UM07, 11th international conference on user modeling, Berlin–Heidelberg–New York, pp. 157–166. Springer-Verlag, Corfu (2007)
Wang, Y., Norcie, G., Cranor, L.F.: Who is concerned about what? a study of american, chinese and indian users’ privacy concerns on social networking sites. In: 4th international conference on trust and trustworthy computing (TRUST2011), Springer, Pittsburgh 2011
Yi, X., Raghavan, H., Leggetter, C.: Discovering users’ specific geo intention in web search. In: WWW ’09: Proceedings of the 18th international conference on World wide web, pp. 481–490. ACM Press, New York 2009
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Toch, E., Wang, Y. & Cranor, L.F. Personalization and privacy: a survey of privacy risks and remedies in personalization-based systems. User Model User-Adap Inter 22, 203–220 (2012). https://doi.org/10.1007/s11257-011-9110-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11257-011-9110-z