Tentative Program

Recently, social media has seen a significant uptick in the spread of AI-generated content, especially videos. Videos generated by high-quality models make it difficult for humans and detectors to distinguish between real and fake content, which may open the door to misuse and abuse. We conduct preliminary data collection from TikTok and analysis to set the stage for a two-pronged research approach. Our proposed research directions will (1) systematically evaluate and potentially advance diffusion-based AI video detection models and (2) examine the potential harms, if any, associated with viewing AI-generated videos. (extended PDF)

Generative AI (GenAI) systems and chatbots rely on vast corpora of consumer data. The use of such data for training GenAI has raised concerns around data ownership, copyright issues, and potential harm to consumers. In this work, we explore a related but less examined angle: the ownership and privacy of data originating from deceased individuals. We propose three post-mortem data management principles to guide the protection of deceased individuals' data, and analyze popular GenAI chatbots policies and answers to legacy requests. We plan to systematically audit consumer GenAI chatbots on their behavior regarding post-mortem data management. (extended PDF)

The expansion of business-to-business (B2B) generative AI (gen-AI) services has the potential to transform small business entrepreneurship (SBE). These services can bring productivity benefits and increased financial gains to SBEs, but they also pose potential risks and privacy implications to SBEs and their consumers. Because B2B services are often invisible to consumers, these risks may be transferred with minimal transparency. More work is needed to understand how SBEs select, integrate, and navigate concerns related to gen-AI usage as well as to articulate the norms and expectations that consumers have for SBEs that they engage with. We propose a mixed-methods study consisting of semi-structured interviews of SBEs regarding their usage of B2B gen-AI services, followed by a large-scale vignette study of consumers about their expectations and perceptions of hypothetical SBE use cases for gen-AI. Such findings are an important part of participatory governance of broader gen-AI and protecting consumers as well as SBEs, who are ultimately consumers of B2B services themselves. (extended PDF)

Popular social media platforms TikTok, Facebook and Instagram allow third-parties to run targeted advertising campaigns on sensitive attributes in-platform. These ads are interactive by default, meaning users can comment or "react" (e.g., "like", "love") to them. We find that this platform-level design choice creates a privacy loophole such that advertisers can view the profiles of those who interact with their ads, thus identifying individuals that fulfill certain targeting criteria. This behavior is in contradiction to the promises made by the platforms to hide user data from advertisers. We conclude by suggesting design modifications that could provide users with transparency about the consequences of ad interaction to protect against unintentional disclosure. (extended PDF)

Targeted advertising systems use personal data to deliver customized advertisements, raising significant concerns about discriminatory practices or overexposure to harmful content. One example of such practice is the Pink Tax, where users identified as women are subject to a price increase. Solutions in this space focus primarily on enabling advertising while ensuring privacy protection, overlooking the broader social consequences of algorithmic targeting on individuals and communities. In this talk, we introduce a framework for evaluating targeted advertising systems through harm caused by exposure to ads and advertising utility in terms of alignment of ads with user profile characteristics. Considering both dimensions jointly enables to understand the impact of ads on users while considering (potentially conflicting) interests of all parties involved. Our framework operates in a black-box manner: it feeds (simulated) user profiles to the ad ecosystem via browsing and collects the ads that users are served. Then, it analyzes the ads to infer harmful exposure; and uses an LLM-based framework to evaluate relevance of ads.

We evaluate Google's current ad ecosystem. Using browsing data from 36 German users, we collect 704 personalized ads across categories such as gambling, fashion, technology, and finance. We evaluate these ads and find evidence of a gender bias in gambling advertisement targeting, with 77% of gambling ads delivered to male users, most of whom had not previously visited gambling-related websites. (extended PDF)

Users' perceptions of menstrual tracking privacy is a subject of extensive study, but little attention has been paid to the technical aspects of fertility tracking apps' data handling practices. We propose a measurement study of the fertility tracking app ecosystem, leveraging network and program analysis to explore apps' communications with third party ad networks. Selecting a corpus of fertility tracking apps from the Google Play Stores, we systematize and define user interaction paths to collect data on registration, menstruation journaling, and pregnancy tracking features. Our analysis of TLS-stripped network traffic, which is ongoing, has uncovered examples of apps transmitting fine-grained user data, such as pregnancy status and trimester, to ad networks. However, widespread nested encryption and obfuscation practices motivate a need for incorporating program analysis into the study. (extended PDF)

YouTube has today become the primary news source for many users worldwide, which raises concerns about the role its recommendation algorithm can play in the spread of misinformation and political polarization. Prior work in this area has mainly analyzed how recommendations evolve based on users' watch history within the platform. Nevertheless, recommendations can also depend on off-platform browsing activity that Google collects via trackers on news websites, a factor that has not been considered so far. To fill this gap, we propose a sock-puppet-based experimental framework that automatically interacts with news media articles and then collects YouTube recommendations to measure how cross-site tracking affects the political and misinformation content users see. Moreover, by running our audits in both tracking-permissive and tracking-restrictive browser environments, we assess whether common privacy-focused browsers can protect users from tracking-driven political and misinformation bubbles on YouTube. (extended PDF)

The U.S. Supreme Court's 2025 decision in Free Speech Coalition v. Paxton established that age verification systems must be "adequately tailored" to avoid undue burdens on adults' First Amendment rights. We conducted an IRB-approved, deceptive web experiment (n = 1635) examining how different age verification methods affect adults' decisions to access R-rated content. Completion rates varied significantly: checkbox self-attestation achieved 99%, government-ID methods only 23-27% regardless of data-handling reassurances, email-based estimation 86%, and AI facial estimation 51%. Follow-up survey responses (n = 884) revealed concerns about privacy, surveillance, and data security. These findings suggest that technically robust verification methods may be ineffective in practice if users systematically decline to comply. (extended PDF)

Digital identity frameworks (DIFs) are systems that enable users to obtain authenticated attributes (electronic identity documents, membership certificates) from issuers (governments, banks, private institutions) and store them in a digital wallet. Later, users can present (a portion of) such attributes to relying parties or verifiers (to obtain access to services, to prove eligibility for benefits, etc.). DIFs are being proposed and deployed in multiple jurisdictions worldwide, often backed by regulations. A prominent example is the European Union's proposed eIDAS 2.0 regulation, which envisions a broad ecosystem of attribute issuers, relying parties, and use cases. In the US, the development of mobile driver's licenses goes in the same direction. The privacy of these systems (or lack thereof) is an important consideration for consumers, and can hinder their deployment and acceptance. Therefore, much of the discussion around these systems revolves on how DIFs can be built while limiting information flows.

We argue that focusing the discussion on information flows actually impedes an open discussion of the harms stemming from introducing DIFs in our daily digital interactions. The lack of discussion prevents consumers from understanding the implications of using DIFs, prevents researchers from studying solutions that prevent wider harms, and prevents policy makers from producing effective regulations that can protect researchers. To aid in this debate, we identify harms that stem from introducing a digital identity framework, from using it as a tool to present verified attributes to enable digital interactions, and from particular implementation decisions. Some of these harms are inherent to the technology and its intended uses, and thus cannot be removed; and some depend on design decisions and might be mitigated by concrete implementations. We illustrate how these harms can materialize in a preliminary analysis of DIF-based age verification, an application of DIF gaining importance across the globe. (extended PDF)

While much attention has been given recently to Immigration and Customs Enforcement (ICE), the treatment of the people detained by ICE, and the treatment of those who protest ICE's actions, less attention has been given to exactly how ICE locates and tracks the people it targets. They do this, in part, through an immigration surveillance app (SmartLINK) that many migrants are required to installed on their phones. Migrants that have SmartLINK installed on their phones have their location tracked and must do "check-ins" that use face and voice recognition at random times. This app was developed for ICE by a private contractor, BI, in 2018.

There are publicly-available documents (e.g., contracts) describing how the app should behave, but it is unclear if SmartLINK currently complies with these terms or if there have been incidents of non-compliance in the past. Given the sensitive nature of the data collected by this app and the fact that it is developed by a government contractor, there is an opportunity to conduct a technical audit of the app that (similar to tax audits) includes historical records to evaluate contractual and regulatory compliance. To this end, we propose a retrospective, technical analysis of SmartLINK and relevant public records to answer, to the extent possible: has BI been transparent and honest---currently and historically---about the data practices of SmartLINK? (extended PDF)

Secondhand shopping has grown increasingly popular, particularly through consumer-to-consumer (C2C) platforms such as Facebook Marketplace, eBay, and OfferUp. Devices sold in such marketplaces must be properly digitally sanitized to ensure the security and privacy of the previous owner; however, prior work has repeatedly shown that secondhand devices often retain recoverable, sensitive data, and that consumers of such devices frequently lack a complete understanding of effective device sanitation. These studies are generally conducted independent of each other, such that they typically focus on either the persistence of remnant data, or user perceptions of deletion, but not both. To address this research gap, we propose a holistic study which traces a secondhand device seller's initial perception of device sanitization and their actual actions on the device before sale, to the actual data left on device and the seller's reaction to it. Clarifying this underexplored relationship is critical to protecting consumers in the rapidly expanding secondhand market. (extended PDF)

Discussions of online review manipulation often focus on intentionally dishonest practices, such as fake reviews. A far broader set of practices may influence the likelihood that consumers write reviews and the content of those reviews. These other practices may not intentionally deceive and may even offer some benefits to consumers. For example, a product manufacturer may aggressively urge customers to write reviews, resulting in additional honest review information for future customers. Even in the absence of ill intent, these practices may distort reviews and their details in ways that directly influence the purchasing decisions of prospective customers or do so indirectly via automated systems that rely on reviews. We propose to explore these dynamics by compiling relevant practices, evaluating the impact of those practices on consumer reviewing behavior and automated systems, assembling possible interventions, and assessing the impact of interventions on consumer perception and behavior. (extended PDF)