Exfiltration of personal data by session-replay scripts

I didn't know too much until now, why I had the reticence of downloading Yandex browser, now I know, sure:

Data release: list of websites that have third-party “session replay” scripts
on webtransparency.cs.princeton.edu: Site list

In a recent study we analyzed seven “session replay” services and revealed how they exfiltrate sensitive user data. Here we release the data behind our study, specifically, the list of websites from the Alexa top 1 million which embed scripts from analytics providers that offer session recording services. The appearance of a website on this list DOES NOT necessarily mean that session recordings occur, as website developers may choose not enable session recording functionality. ...

... As such, this list provides both an upper and lower bound of the presence of session recording companies on the web. Two of the 14 companies included in the data release, Yandex and Hotjar, have a diverse set of analytics services -- many of which have no overlap with session recording. The remaining companies mostly offer similar services which include: session replay, heat maps, click maps, and form analytics.

The list below contains sites that are ranked in the top 10,000 according to Alexa. ...

Some of the sites in the list stopped using session replay scripts as a response to our study. Also, the list is based on crawls made between June and September 2017; sites might have changed since the measurement. ...

____________________

Thats why I see frequently ContentBlockHelper anti-script Chrome extension blocking yandex.ru ...

- Thank you cruelsister to post this topic.
 
  • Like
Reactions: Solarquest, harlan4096 and Deleted member 178
You must log in or register to reply here.

You may also like...