The authors of the article conducted privacy and security analyses on more than 150,000 government websites in 206 countries and more than 1150 Android apps in 71 countries. They found that 17% of government websites and 37% of government Android apps host Google trackers. They also noted that more than a quarter (27 percent) of Android apps disclose sensitive data to potential third parties or network attackers. And they knew about 304 sites and 40 apps reported as malicious through VirusTotal, a security website.
“The effects were surprising,” says co-author Mohammad Mannan, an associate professor at the Concordia Institute for Information Systems Engineering (CIISE) in the Gina Cody School of Engineering and Informatics. I don’t want to sell data to third parties. And some countries, especially in the European Union, are looking to restrict industry tracking. So why do they allow it on their own sites?
unintentional invasive
The researchers began their search by building an initial list containing tens of thousands of automated search-and-crawl government websites and other strategies between July and October 2020. They then conducted in-depth scans to retrieve links at the source of the html page. The team used tracking metrics from OpenWPM, an automated open source software used for Internet privacy measures, to collect data such as scripts and cookies used in website code, as well as device fingerprinting techniques.
They crawled Android apps through searching for GOOGLE Play store URLs discovered on government sites and then in developers’ URLs and email addresses. When possible, they downloaded the apps (many of which were geo-blocked) and analyzed them for the built-in tracking SDKs. .
Analyses revealed that 30% of the government had one or more JavaScript trackers on their landing pages. The most well-known trackers belonged to Alphabet: YouTube (13% of), doubleclick. net (13%) and Google (almost 4%). They found some 1,647 tracking SDKs in 1,166 government Android apps. More than a third (37. 1%) came from Google, with others from Facebook (6. 4%), Microsoft (2. 1%) and OneSignal (2. 9%).
Mannan points out that the use of trackers is unintentional. Government developers are likely to use existing software packages to build their sites and apps that involve tracking scripts or come with links to social media sites infused with trackers like Facebook or Twitter.
No options
Although the use of trackers is widespread, Mannan is particularly critical of jurisdictions like the EU and California that claim to have strong privacy legislation but in practice are not much different from the others. obligations such as paying taxes or seeking medical care are at greater risk.
“Governments are aware of online threats to privacy, but at the same time they are allowing those potential breaches through their own services,” he said.
Mannan urges governments to take a hard look at their own sites and apps to ensure privacy security and make sure they comply with their own laws.
Please indicate the appropriate maximum category to facilitate the processing of your application
Thank you for taking the time to provide your feedback to the editors.
Your opinion is for us. However, we do not guarantee individual responses due to the large volume of messages.