Back
  1. Home
  3. Detailled Reference
Download
Paper published in a journal (Scientific congresses, symposiums and conference proceedings)
Cookie Banners, What’s the Purpose? Analyzing Cookie Banner Text Through a Legal Lens
Santos, Cristiana; ROSSI, Arianna; SANCHEZ CHAMORRO, Lorena et al.
2021In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS '21)
Peer reviewed
Permalink
https://hdl.handle.net/10993/48253
 

Files (1)Send toDetailsStatisticsBibliographySimilar publications

Files

Full Text
WPES_cookie banners.pdf
Author preprint (386.5 kB)
Download

All documents in ORBilu are protected by a user license.

Send to


Details


Keywords :
Security; Privacy; User experience
Abstract :
[en] A cookie banner pops up when a user visits a website for the first time, requesting consent to the use of cookies and other trackers for a variety of purposes. Unlike prior work that has focused on evaluating the user interface (UI) design of cookie banners, this paper presents an in-depth analysis of what cookie banners say to users to get their consent. We took an interdisciplinary approach to determining what cookie banners should say. Following the legal requirements of the ePrivacy Directive (ePD) and the General Data Protection Regulation (GDPR), we manually annotated around 400 cookie banners presented on the most popular English-speaking websites visited by users residing in the EU. We focused on analyzing the purposes of cookie banners and how these purposes were expressed (e.g., any misleading or vague language, any use of jargon). We found that 89% of cookie banners violated applicable laws. In particular, 61% of banners violated the purpose specificity requirement by mentioning vague purposes, including “user experience enhancement”. Further, 30% of banners used positive framing, breaching the freely given and informed consent requirements. Based on these findings, we provide recommendations that regulators can find useful. We also describe future research directions.
Disciplines :
European & international law
Author, co-author :
Santos, Cristiana ;  Utrecht Universtity
ROSSI, Arianna  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > IRiSC
SANCHEZ CHAMORRO, Lorena  ;  University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > Department of Behavioural and Cognitive Sciences (DBCS)
BONGARD, Kerstin ;  University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > Department of Behavioural and Cognitive Sciences (DBCS) ; University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > Department of Behavioural and Cognitive Sciences (DBCS)
Abu-Salma, Ruba;  King’s College London > Computer Science > Cybersecurity Group
 These authors have contributed equally to this work.
External co-authors :
yes
Language :
English
Title :
Cookie Banners, What’s the Purpose? Analyzing Cookie Banner Text Through a Legal Lens
Publication date :
15 November 2021
Event name :
20th Workshop on Privacy in the Electronic Society
Event place :
Seoul, South Korea
Event date :
15-10-2021
Audience :
International
Journal title :
Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS '21)
Publisher :
ACM, New York, United States - New York
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR14717072 - Deceptive Patterns Online, 2020 (01/06/2021-31/05/2024) - Gabriele Lenzini
Funders :
FNR - Fonds National de la Recherche [LU]
Available on ORBilu :
since 06 October 2021

Statistics

Number of views
250 (44 by Unilu)
Number of downloads
237 (17 by Unilu)
More statistics

Bibliography

Similar publications


Contact ORBilu