Modern websites frequently use and embed third-party services to facilitate web development, connect to social media, or for monetization. This often introduces privacy issues as the inclusion of third-party services on a website can allow the third party to collect personal data about the website's visitors. While the prevalence and mechanisms of third-party web tracking have been widely studied, little is known about the decision processes that lead to websites using third-party functionality and whether efforts are being made to protect their visitors' privacy. We report results from an online survey with 395 participants involved in the creation and maintenance of websites. For ten common website functionalities we investigated if privacy has played a role in decisions about how the functionality is integrated, if specific efforts for privacy protection have been made during integration, and to what degree people are aware of data collection through third parties. We find that ease of integration drives third-party adoption but visitor privacy is considered if there are legal requirements or respective guidelines. Awareness of data collection and privacy risks is higher if the collection is directly associated with the purpose for which the third-party service is used.
翻译:现代网站经常使用和嵌入第三方服务,以促进网络开发、社交媒体连接或货币化,这往往引入隐私问题,因为将第三方服务纳入网站可以让第三方收集网站访问者的个人数据。虽然对第三方网络跟踪的普及程度和机制进行了广泛研究,但对导致使用第三方功能的网站的决策程序以及是否努力保护访问者的隐私知之甚少。我们报告了与参与创建和维护网站的395名参与者进行的在线调查的结果。关于我们调查的10个共同网站功能,如果隐私在如何整合功能的决定中发挥作用,如果在整合过程中作出了保护隐私的具体努力,以及人们在多大程度上了解通过第三方收集的数据。我们发现,融合的便利促使第三方收养,但如果有法律要求或相应的准则,则考虑到游客隐私问题。如果数据收集与第三方服务的目的直接相关,则对数据收集和隐私风险的认识更高。