DeepAI AI Chat
Log In Sign Up

On Privacy Risks of Public WiFi Captive Portals

07/03/2019
by   Suzan Ali, et al.
Concordia University
0

Open access WiFi hotspots are widely deployed in many public places, including restaurants, parks, coffee shops, shopping malls, trains, airports, hotels, and libraries. While these hotspots provide an attractive option to stay connected, they may also track user activities and share user/device information with third-parties, through the use of trackers in their captive portal and landing websites. In this paper, we present a comprehensive privacy analysis of 67 unique public WiFi hotspots located in Montreal, Canada, and shed some light on the web tracking and data collection behaviors of these hotspots. Our study reveals the collection of a significant amount of privacy-sensitive personal data through the use of social login (e.g., Facebook and Google) and registration forms, and many instances of tracking activities, sometimes even before the user accepts the hotspot's privacy and terms of service policies. Most hotspots use persistent third-party tracking cookies within their captive portal site; these cookies can be used to follow the user's browsing behavior long after the user leaves the hotspots, e.g., up to 20 years. Additionally, several hotspots explicitly share (sometimes via HTTP) the collected personal and unique device information with many third-party tracking domains.

READ FULL TEXT

page 1

page 2

page 3

page 4

02/17/2021

User Tracking in the Post-cookie Era: How Websites Bypass GDPR Consent to Track Users

During the past few years, mostly as a result of the GDPR and the CCPA, ...
01/31/2022

Privacy Limitations Of Interest-based Advertising On The Web: A Post-mortem Empirical Analysis Of Google's FLoC

In 2020, Google announced they would disable third-party cookies in the ...
03/07/2021

Differential Tracking Across Topical Webpages of Indian News Media

Online user privacy and tracking have been extensively studied in recent...
08/01/2022

The Hitchhiker's Guide to Facebook Web Tracking with Invisible Pixels and Click IDs

Over the past years, advertisement companies have used a variety of trac...
01/04/2022

OConsent – Open Consent Protocol for Privacy and Consent Management with Blockchain

In the current connected world - Websites, Mobile Apps, IoT Devices coll...
08/21/2019

Case Study: Disclosure of Indirect Device Fingerprinting in Privacy Policies

Recent developments in online tracking make it harder for individuals to...