Papers by Cristiana Santos Santos
arXiv (Cornell University), Feb 5, 2024
We very much welcome the EDPB's Guidelines. Please find hereunder our feedback to the Guidelines ... more We very much welcome the EDPB's Guidelines. Please find hereunder our feedback to the Guidelines 2/2023 on Technical Scope of Art. 5(3) of ePrivacy Directive. 1 Our comments are presented after a quotation from the proposed text by the EDPB in a box.
arXiv (Cornell University), Sep 17, 2023
Deceptive and coercive design practices are increasingly used by companies to extract profit, har... more Deceptive and coercive design practices are increasingly used by companies to extract profit, harvest data, and limit consumer choice. Dark patterns represent the most common contemporary amalgamation of these problematic practices, connecting designers, technologists, scholars, regulators, and legal professionals in transdisciplinary dialogue. However, a lack of universally accepted definitions across the academic, legislative, and regulatory space has likely limited the impact that scholarship on dark patterns might have in supporting sanctions and evolved design practices. In this paper, we seek to support the development of a shared language of dark patterns, harmonizing ten existing regulatory and academic taxonomies of dark patterns and proposing a three-level ontology with standardized definitions for 64 synthesized dark pattern types across low-, meso-, and high-level patterns. We illustrate how this ontology can support translational research and regulatory action, including transdisciplinary pathways to extend our initial types through new empirical work across application and technology domains. CCS Concepts: • Human-centered computing → Human computer interaction (HCI); Empirical studies in HCI.
On 2 February 2022, the Belgian Data Protection Authority (DPA) issued a decision concerning IAB ... more On 2 February 2022, the Belgian Data Protection Authority (DPA) issued a decision concerning IAB Europe and its Transparency and Consent Framework (TCF), a system designed to facilitate compliance of real-time bidding (RTB), a widespread online advertising approach, with the GDPR. In this article, we summarise the context of this decision and analyse the decision itself. We argue that by characterising IAB Europe as a joint controller with RTB actors, the Belgian decision gives DPAs an agreed-upon blueprint to deal with a structurally difficult enforcement challenge. Furthermore, under the DPA's simple-looking remedial orders are deep technical and organisational tensions. We analyse these "impossible asks", concluding that absent a fundamental change to RTB, IAB Europe will be unable to adapt the TCF to bring RTB into compliance with the decision.
Corpus of 30 court decisions from the European Court of Human Rights manually annotated with even... more Corpus of 30 court decisions from the European Court of Human Rights manually annotated with events and their components (what, who and when). Please visit corpus webpage for further information on the corpus, statistics, and guidelines.
Social Science Research Network, 2021
HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific r... more HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.
HAL (Le Centre pour la Communication Scientifique Directe), Dec 1, 2020
HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific r... more HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.
HAL (Le Centre pour la Communication Scientifique Directe), Nov 15, 2021
Searching the Web to find doctors and make appointments online is a common practice nowadays. How... more Searching the Web to find doctors and make appointments online is a common practice nowadays. However, simply visiting a doctors website might disclose health related information. As the GDPR only allows processing of health data with explicit user consent, health related websites must ask consent before any data processing, in particular when they embed third party trackers. Admittedly, it is very hard for owners of such websites to both detect the complex tracking practices that exist today and to ensure legal compliance. In this paper, we present Ernie, a browser extension we designed to visualise six state-of-the-art tracking techniques based on cookies. Using Ernie, we analysed 385 health related websites that users would visit when searching for doctors in Germany, Austria, France, Belgium, and Ireland. More specifically, we explored the tracking behavior before any interaction with the consent pop-up and after rejection of cookies on websites of doctors, hospitals, and health related online phone-books. We found that at least one form of tracking occurs on 62% of the websites before interacting with the consent pop-up, and 15% of websites include tracking after rejection. Finally, we performed a detailed technical and legal analysis of three health related websites that demonstrate impactful legal violations. This paper shows that while, from a legal point of view, health related websites are more privacy-sensitive than other kinds of websites, they are exposed to the same technical difficulties to implement a legally compliant website. We believe Ernie, the browser extension we developed, to be an invaluable tool for policy-makers and regulators to improve detection and visualization of the complex tracking techniques used on these websites. • Security and privacy → Pseudonymity, anonymity and untraceability; Web application security; Privacy protections; • * The views, opinions and positions expressed in this article are those of the author and are not endorsed by its institution. The work has been carried out by Nataliia Bielova while she was at Inria until August 2021.
This contribution presents a new approach to online dispute resolution. In this article we aim to... more This contribution presents a new approach to online dispute resolution. In this article we aim to assess whether the synergy and the performativity of Ambient Intelligent Systems (AmI), by inserting sensors in mobile devices that are familiar to us, can enhance the communication and the decision-making process in online dispute resolution. With these new contributions, we provide a perspective of the main legal implications of using this ubiquitous technology in ODR. We will portray the main criticisms and concerns addressed to Ambient Intelligence and we conceptualize them in the prism of online mediation. We will examine the relevance, applicability and adequacy of privacy and data protection legislation in the prospect of the emerging challenges of AmI.
Searching the Web to find doctors and make appointments online is a common practice nowadays. How... more Searching the Web to find doctors and make appointments online is a common practice nowadays. However, simply visiting a doctors website might disclose health related information. As the GDPR only allows processing of health data with explicit user consent, health related websites must ask consent before any data processing, in particular when they embed third party trackers. Admittedly, it is very hard for owners of such websites to both detect the complex tracking practices that exist today and to ensure legal compliance. In this paper, we present Ernie, a browser extension we designed to visualise six state-of-the-art tracking techniques based on cookies. Using Ernie, we analysed 385 health related websites that users would visit when searching for doctors in Germany, Austria, France, Belgium, and Ireland. More specifically, we explored the tracking behavior before any interaction with the consent pop-up and after rejection of cookies on websites of doctors, hospitals, and health related online phone-books. We found that at least one form of tracking occurs on 62% of the websites before interacting with the consent pop-up, and 15% of websites include tracking after rejection. Finally, we performed a detailed technical and legal analysis of three health related websites that demonstrate impactful legal violations. This paper shows that while, from a legal point of view, health related websites are more privacy-sensitive than other kinds of websites, they are exposed to the same technical difficulties to implement a legally compliant website. We believe Ernie, the browser extension we developed, to be an invaluable tool for policy-makers and regulators to improve detection and visualization of the complex tracking techniques used on these websites. • Security and privacy → Pseudonymity, anonymity and untraceability; Web application security; Privacy protections; • * The views, opinions and positions expressed in this article are those of the author and are not endorsed by its institution. The work has been carried out by Nataliia Bielova while she was at Inria until August 2021.
Frontiers in artificial intelligence and applications, Dec 1, 2020
The analysis of court decisions and associated events is part of the daily life of many legal pra... more The analysis of court decisions and associated events is part of the daily life of many legal practitioners. Unfortunately, since court decision texts can often be long and complex, bringing all events relating to a case in order, to understand their connections and durations is a time-consuming task. Automated court decision timeline generation could provide a visual overview of what happened throughout a case by representing the main legal events, together with relevant temporal information. Tools and technologies to extract events from court decisions however are still underdeveloped. To this end, in the current paper we compare the effectiveness of three different extraction mechanisms, namely deep learning, conditional random fields, and rule-based method, to facilitate automated extraction of events and their components (i.e., the event type, who was involved, and when it happened). In addition, we provide a corpus of manually annotated decisions of the European Court of Human Rights, which shall serve as a gold standard not only for our own evaluation, but also for the research community for comparison and further experiments.
American Journal of Respiratory and Critical Care Medicine, Jun 1, 1995
Inhaled platelet-activating factor (PAF) provokes considerable pulmonary gas exchange disturbance... more Inhaled platelet-activating factor (PAF) provokes considerable pulmonary gas exchange disturbances in normal man and in patients with mild asthma, similar to those observed in acute severe asthma. To further examine the mechanisms involved in PAF-induced ventilation-perfusion (VA/Q) mismatch, eight healthy, non-atopic, nonsmoking subjects were studied after administration of PAF aerosol (24 micrograms). They had been previously treated with inhaled salbutamol (300 micrograms) in a randomized, double-blind, cross-over, placebo-controlled design. After placebo, PAF provoked a fall in total arterial white cell count with a rebound leukocytosis. As shown in a previous study, an overall index of VA/Q inequality (DISP R-E*, 1.64 +/- 0.10) showed a threefold increase (P < 0.006) that accounted for the increase (79%) in AaPO2 (p < 0.04) after PAF, while the respiratory system resistance (Rrs) rose by 16% (p < 0.02). In contrast, after pretreatment with salbutamol inhaled PAF had no effects on pulmonary gas exchange, Rrs, or white cell count; facial flushing and cough were also hindered. The results are consistent with the hypothesis that salbutamol inhibits PAF-induced venoconstriction in both the airway and pulmonary microcirculation.
Deceptive design practices are increasingly used by companies to extract proft, harvest data, and... more Deceptive design practices are increasingly used by companies to extract proft, harvest data, and limit consumer choice. Dark patterns represent the most common contemporary amalgamation of these problematic practices, connecting designers, technologists, scholars, regulators, and legal professionals in transdisciplinary dialogue. However, a lack of universally accepted defnitions across the academic, legislative and regulatory space has likely limited the impact that scholarship on dark patterns might have in supporting sanctions and evolved design practices. In this late breaking work, we seek to harmonize regulatory and academic taxonomies of dark patterns, proposing a preliminary three-level ontology to create a shared language that supports translational research and regulatory action. We identify potential directions for scholarship and social impact building upon this ontology. • Human-centered computing → Human computer interaction (HCI); Empirical studies in HCI.
Proceedings on Privacy Enhancing Technologies, Jul 1, 2022
Stateful and stateless web tracking gathered much attention in the last decade, however they were... more Stateful and stateless web tracking gathered much attention in the last decade, however they were always measured separately. To the best of our knowledge, our study is the first to detect and measure cookie respawning with browser and machine fingerprinting. We develop a detection methodology that allows us to detect cookies dependency on browser and machine features. Our results show that 1, 150 out of the top 30, 000 Alexa websites deploy this tracking mechanism. We find out that this technique can be used to track users across websites even when third-party cookies are deprecated. Together with a legal scholar, we conclude that cookie respawning with browser fingerprinting lacks legal interpretation under the GDPR and the ePrivacy directive, but its use in practice may breach them, thus subjecting it to fines up to 20 million e.
Lecture Notes in Computer Science, 2017
In this paper, we propose a new approach to formalize realworld obligations that may be found in ... more In this paper, we propose a new approach to formalize realworld obligations that may be found in existing legislation. Specifically, we propose to formalize real-world obligations by combining insights of two logical frameworks: Input/Output logic, belonging to the literature in deontic logic and normative reasoning, and the Reification-based approach of Jerry R. Hobbs, belonging to the literature in Natural Language Semantics. The present paper represents the first step of the Pro-LeMAS project, whose main goal is the one of filling the gap between the current logical formalizations of legal text, mostly propositional, and the richness of Natural Language Semantics.
HAL (Le Centre pour la Communication Scientifique Directe), Feb 25, 2020
HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific r... more HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.
arXiv (Cornell University), Mar 1, 2021
Understanding the legal status of IP addresses is complex. In Europe, the General Data Protection... more Understanding the legal status of IP addresses is complex. In Europe, the General Data Protection Regulation (GDPR) is supposed to have leveraged the legal status of IP addresses as personal data, but recent decisions from the European Court of Justice undermine this view. In the hope of providing more certainty, we have looked on how 109 websites deal with IP addresses. First, we analyzed the privacy policies of these websites to determine how they considered IP addresses. Most of them acknowledge in their privacy policy the fact that IP addresses are personal data. Second, we submitted subject access requests based on the IP addresses used to visit dierent websites. Our requests were often denied. Websites justify their answers with dierent explanations suchlike you need to register, or IP addresses do not allow to identify you, to name a few. If IP-based SARs are often denied, it creates an opening door for websites to track their accountless users without being accountable because users cannot exercise their rights (access, erasure etc.). We make several proposals to improve this situation by modifying how IP addresses are allocated to a user.
HAL (Le Centre pour la Communication Scientifique Directe), Dec 17, 2020
Copyright and moral rights for the publications made accessible in the public portal are retained... more Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain • You may freely distribute the URL identifying the publication in the public portal If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim.
Zenodo (CERN European Organization for Nuclear Research), Jun 4, 2022
Data Protection and Consenting Communication Mechanisms (DPCCMs) enable users to express their pr... more Data Protection and Consenting Communication Mechanisms (DPCCMs) enable users to express their privacy decisions and manage their online consent. Thus, they can become a crucial means of protecting individuals' online privacy and agency, thereby replacing the current problematic practices such as "consent dialogues". Based on an in-depth analysis of different DPCCMs, we propose an interdisciplinary set of factors that can be used for a comparison of such mechanisms. Moreover, we use the results from a qualitative expert study to identify some of the main multidisciplinary challenges that DPCCMs should address to become widely adopted data privacy mechanisms. We leverage both the factors and the challenges to compare two current open specifications, i.e. the Advanced Data Protection Control (ADPC) and the Global Privacy Control (GPC), and discuss future work.
Uploads
Papers by Cristiana Santos Santos