The Impact of User Location on Cookie Notices

(Inside and Outside of the European Union)

Conference paper (2019)

Authors

Rob Van Eijk Universiteit Leiden
H. Asghari Organisation & Governance - TPM
Philipp Winter University of California
Arvind Narayanan Princeton University
Research Group
Organisation & Governance (TPM) (TU Delft)
Copyright: © 2019 Rob Van Eijk, H. Asghari, Philipp Winter, Arvind Narayanan
GDPR VPN Cookie Notice Web Privacy Measurement EPrivacy
More Info
expand_more

Published Date

2019

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Technology, Policy and Management

Department

Multi Actor Systems

Research Group

Organisation & Governance

Abstract

The web is global, but privacy laws differ by country. Which set of privacy rules do websites follow? We empirically study this question by detecting and analyzing cookie notices in an automated way. We crawl 1,500 European, American,and Canadian websites from each of 18 countries. We detect cookie notices on 40% of websites in our sample. We treat the presence or absence of cookie notices, as well as visual differences,as proxies for differences in privacy rules. Using a series of regression models, we find that the website’s Top Level Domain explains a substantial portion of the variance in cookie notice metrics, but the users vantage point does not. This suggests that websites follow one set of privacy rules for all their users. There is one exception to this finding: cookie notices differ when accessing.com domains from inside versus outside of the EU. We highlight ways in which future research could build on our preliminary findings.