Privacy preserving targeted advertising

Authors: V. Toubiana, A. Narayanan, D. Boneh, H. Nissenbaum, and S. Barocas

Online behavioral advertising (OBA) refers to the practice of tracking users across web sites in order to infer user interests and preferences. These interests and preferences are then used for selecting ads to present to the user. There is great concern that behavioral advertising in its present form infringes on user privacy. The resulting public debate - which includes consumer advocacy organizations, professional associations, and government agencies - is premised on the notion that OBA and privacy are inherently in conflict.

In this paper we propose a practical architecture that enables targeting without compromising user privacy. Be- havioral profiling and targeting in our system takes place in the user's browser. We discuss the effectiveness of the sys- tem as well as potential social engineering and web-based attacks on the architecture. One complication is billing; ad-networks must bill the correct advertiser without knowing which ad was displayed to the user. We propose an efficient cryptographic billing system that directly solves the prob- lem. We implemented the core targeting system as a Firefox extension and report on its effectiveness.

In proceedings of NDSS 2010.

Full paper: pdf