A Review of Privacy Risks of Third-Party Web Analytics - UTU Research Portal

A4 Refereed article in a conference publication

A Review of Privacy Risks of Third-Party Web Analytics

Authors: Heino, Timi; Rauti, Sampsa; Rajapaksha, Sammani; Puhtila, Panu

Editors: Yang, Xin-She; Sherratt, Simon;Dey, Nilanjan; Joshi, Amit

Conference name: International Congress on Information and Communication Technology

Publisher: Springer Science and Business Media Deutschland GmbH

Publication year: 2025

Journal: Lecture Notes in Networks and Systems

Book title : Proceedings of Tenth International Congress on Information and Communication Technology, ICICT 2025, London, Volume 6

Volume: 1412

First page : 259

Last page: 269

ISBN: 978-981-96-6428-3

eISBN: 978-981-96-6429-0

ISSN: 2367-3370

eISSN: 2367-3389

DOI: https://doi.org/10.1007/978-981-96-6429-0_22

Publication's open availability at the time of reporting: No Open Access

Publication channel's open availability : No Open Access publication channel

Web address : https://link.springer.com/chapter/10.1007/978-981-96-6429-0_22

Abstract

Today, web analytics services are widely used on modern websites. While their main selling point is to improve the user experience and return of investment, de facto it is to increase the profits of third-party service providers through the access to the harvested data. In this paper, we present the current state-of-the-art research on the use of web analytics tools, and what kind of privacy threats these applications pose for the website users. Our study was conducted as a literature review, where we focused on papers that described third-party analytics in detail and which discussed their relation to user privacy and the privacy challenges they pose. We focused specifically on papers dealing with the practical third-party analytics tools, such as Google Analytics or CrazyEgg. We review the application areas, purposes of use, and data items collected by web analytics tools, as well as privacy risks mentioned in the literature. Our results show that web analytics tools are used in ways which severely compromise user privacy in many areas. Practices such as collecting a wide variety of unnecessary data items, storing data for extended periods of time without a good reason and not informing users appropriately are common. In this study, we also give some recommendations to alleviate the situation.

Funding information in the publication:
This research has been funded by Academy of Finland project 327397, IDA—Intimacy in Data-Driven Culture.