Third-Party Data Leaks on Municipal Websites




Rauti, Sampsa; Carlsson, Robin; Puhtila, Panu; Leppänen, Ville

Yang, Xin-She; Sherratt, Simon; Dey, Nilanjan; Joshi, Amit

International Congress on Information and Communication Technology

PublisherSpringer Science and Business Media Deutschland GmbH

2024

Lecture notes in networks and systems

Proceedings of Ninth International Congress on Information and Communication Technology, ICICT 2024, London, Volume 5

Lecture Notes in Networks and Systems

1000

599

610

978-981-97-3288-3

978-981-97-3289-0

2367-3370

2367-3389

DOIhttps://doi.org/10.1007/978-981-97-3289-0_48(external)

https://doi.org/10.1007/978-981-97-3289-0_48(external)

https://research.utu.fi/converis/portal/detail/Publication/457651043(external)



This paper addresses the use of third-party services on public sector websites. We focus on Finnish municipalities and their use of third-party services, analyzing network traffic from 309 municipal websites to explore what kind of personal data is transmitted to third parties. Our findings show that 51.8% of municipal websites reveal the pages visited by the user to third parties without consent. This way, sensitive data such as search terms used by website visitors can be leaked to third parties. The paper also offers recommendations to improve privacy on public sector websites. We have also contacted the municipalities with serious data leaks and recommended privacy improvements by disabling or replacing problematic third-party services.



This research has been funded by Academy of Finland project 327397, IDA—Intimacy in Data-Driven Culture.


Last updated on 2025-27-01 at 19:03