Privacy Dashboard

 Privacy Dashboard Workshop: Tracking the Trackers Brussels, June 24th, 2011

The Privacy Dashboard is a Firefox add-on designed to help you understand what personal information is being collected by websites, and to provide you with a means to control this on a per website basis.

The Dashboard installs an icon on the browser's navigation toolbar that changes according to the current website:

  • websites that take good care of your privacy
  • websites which collect some information, but lack a machine readable privacy policy
  • websites that enable third parties to track you across the Web

The Dashboard alerts you the first time you visit a website (except for nicely behaved ones) giving you the opportunity to set your preferences. Thereafter you review these by clicking the Dashboard icon (or the Tools|Privacy Dashboard menu item) when visiting the website.

The 'Data Track' tab allows you to make a range of queries about sites. The 'Location' tab deals with your physical (geo)location. The 'Current Website' tab provides information on the current site, and allows you to review and update your preferences. Note that the Dashboard's assessment of a website provides no guarantees as to the privacy friendliness of that site. You are advised to check the site's privacy policy.

Installation

Download the dashboard.xpi file and drag the saved copy to your Firefox browser.

The Privacy Dashboard is also available on the Mozilla addons website, see:

Sharing your findings

The Privacy Dashboard allows you to opt in to sharing your findings with others. The data collected by the Dashboard as you browse gives a view about a small part of the Web. By pooling data from many users it will be possible to build up a much more detailed picture of how sites are tracking users. If you would like to help with this effort please activate the checkbox on the 'Share Findings' tab of the Dashboard dialog. The anonymized data will be periodically uploaded to the designated server (you can change which server is used). The uploaded data covers the properties of each site visited, e.g. whether it has third parties which set lasting cookies, but it doesn't include anything that could be used to identify you. Thanks for helping to make the Web a bit more transparent!

You can query the data collected so far using the following link:

The URL for sharing your data (see dashboard sharing tab) is:

Help with tracking the privacy practices of websites over time

We are looking for volunteers with an interest in tracking the privacy practices of websites over time and helping to present this information. This will include tracking changes to site privacy policies as the Dashboard can't do so by itself.

Privacy Dashbot

The Dashboard add on can be combined with a list of sites that it will then automatically visit the home page of each site. This was first done in January 2011 for the top 1000 websites worldwide according to Google, and used to seed the online interface for querying shared findings. A tool was created to analyse this data, e.g. to find clusters of dependencies between sites in a form that can be fed to graph visualization tools like  Graphviz and  Gephi.

You can help make the Dashboard even better!

If you are a software developer or translator you are invited to help with its ongoing development. The Dashboard is implemented as a mix of markup, style sheets, and scripts. You can use the 'Browse Source' tab above to peruse the files. More information is available at Dashboard Developers. If you are HCI expert, UI designer, interaction architect, or just interested in the user interface (UI) of the Privacy Dashboard consider joining the UI discussions.

Further information

The Privacy Dashboard was developed with funding from the European Union's 7th Framework Programme for the  PrimeLife project, a pan-european research project focusing on bringing sustainable privacy and identity management to future networks and services.

PrimeLife report  D1.2.3 describes three privacy enhancing Web browser extensions. The first (the Privacy Dashboard) instruments the practices used by websites and third parties to collect personal data and track users, as well as offering users the means to set per site preferences. This extension was further extended to automatically collect data on the top thousand websites as listed by Google, and some preliminary results are presented in this report.

The second browser extension provides a fresh take on P3P (W3C's Platform for Privacy Preferences), using the vocabulary defined by P3P for machine readable privacy policies covering information collected from HTTP requests that web browser make to web sites as part of the process of loading a web page. The policies are constrained to make it easier to provide a user interface for setting preferences, and for generating human readable descriptions of the conflicts between the user's preferences and the site's policy. The browser extension looks for a link to the site's privacy policy which is represented in JSON (JavaScript Object Notation) for ease of processing.

The third browser extension explores the potential for privacy enhancing Web authentication using zero knowledge proofs, and is based upon the Java-based Identity Mixer library developed by IBM research.

Dave Raggett <dsr@w3.org>, W3C
Peter Wolkerstorfer, CURE

Copyright © 2011 W3C ® (MIT, ERCIM, Keio)