TY - JOUR A1 - Haupt, Johannes A1 - Bender, Benedict A1 - Fabian, Benjamin A1 - Lessmann, Stefan T1 - Robust identification of email tracking BT - a machine learning approach JF - European Journal of Operational Research N2 - Email tracking allows email senders to collect fine-grained behavior and location data on email recipients, who are uniquely identifiable via their email address. Such tracking invades user privacy in that email tracking techniques gather data without user consent or awareness. Striving to increase privacy in email communication, this paper develops a detection engine to be the core of a selective tracking blocking mechanism in the form of three contributions. First, a large collection of email newsletters is analyzed to show the wide usage of tracking over different countries, industries and time. Second, we propose a set of features geared towards the identification of tracking images under real-world conditions. Novel features are devised to be computationally feasible and efficient, generalizable and resilient towards changes in tracking infrastructure. Third, we test the predictive power of these features in a benchmarking experiment using a selection of state-of-the-art classifiers to clarify the effectiveness of model-based tracking identification. We evaluate the expected accuracy of the approach on out-of-sample data, over increasing periods of time, and when faced with unknown senders. (C) 2018 Elsevier B.V. All rights reserved. KW - Analytics KW - Data privacy KW - Email tracking KW - Machine learning Y1 - 2018 U6 - https://doi.org/10.1016/j.ejor.2018.05.018 SN - 0377-2217 SN - 1872-6860 VL - 271 IS - 1 SP - 341 EP - 356 PB - Elsevier CY - Amsterdam ER - TY - JOUR A1 - Fabian, Benjamin A1 - Bender, Benedict A1 - Hesseldieck, Ben A1 - Haupt, Johannes A1 - Lessmann, Stefan T1 - Enterprise-grade protection against e-mail tracking JF - Information Systems N2 - E-mail tracking provides companies with fine-grained behavioral data about e-mail recipients, which can be a threat for individual privacy and enterprise security. This problem is especially severe since e-mail tracking techniques often gather data without the informed consent of the recipients. So far e-mail recipients lack a reliable protection mechanism. This article presents a novel protection framework against e-mail tracking that closes an impor- tant gap in the field of enterprise security and privacy-enhancing technologies. We conceptualize, implement and evaluate an anti-tracking mail server that is capable of identifying tracking images in e-mails via machine learning with very high accuracy, and can selectively replace them with arbitrary images containing warning messages for the recipient. Our mail protection framework implements a selective prevention strategy as enterprise-grade software using the design science research paradigm. It is flexibly extensible, highly scalable, and ready to be applied under actual production conditions. Experimental evaluations show that these goals are achieved through solid software design, adoption of recent technologies and the creation of novel flexible software components. KW - E-Mail Tracking KW - Enterprise-grade KW - Anti-Tracking Infrastructure KW - Software Prototype Y1 - 2020 U6 - https://doi.org/10.1016/j.is.2020.101702 SN - 0306-4379 IS - 97 PB - Elsevier CY - Amsterdam ER - TY - CHAP A1 - Bender, Benedict A1 - Fabian, Benjamin A1 - Lessmann, Stefan A1 - Haupt, Johannes T1 - E-Mail Tracking BT - status quo and novel countermeasures T2 - Proceedings of the 37th International Conference on Information Systems (ICIS) N2 - E-mail advertisement, as one instrument in the marketing mix, allows companies to collect fine-grained behavioural data about individual users’ e-mail reading habits realised through sophisticated tracking mechanisms. Such tracking can be harmful for user privacy and security. This problem is especially severe since e-mail tracking techniques gather data without user consent. Striving to increase privacy and security in e-mail communication, the paper makes three contributions. First, a large database of newsletter e-mails is developed. This data facilitates investigating the prevalence of e- mail tracking among 300 global enterprises from Germany, the United Kingdom and the United States. Second, countermeasures are developed for automatically identifying and blocking e-mail tracking mechanisms without impeding the user experience. The approach consists of identifying important tracking descriptors and creating a neural network-based detection model. Last, the effectiveness of the proposed approach is established by means of empirical experimentation. The results suggest a classification accuracy of 99.99%. KW - E-Mail Tracking KW - Countermeasures KW - Privacy KW - Security KW - Machine Learning Y1 - 2016 UR - https://aisel.aisnet.org/icis2016/ISSecurity/Presentations/13/ ER - TY - CHAP A1 - Bender, Benedict A1 - Fabian, Benjamin A1 - Haupt, Johannes A1 - Neumann, Tom T1 - Track and Treat BT - usage of e-mail tracking for newsletter individualization T2 - Twenty-Sixth European Conference on Information Systems (ECIS 2018) N2 - E-Mail tracking mechanisms gather information on individual recipients’ reading behavior. Previous studies show that e-mail newsletters commonly include tracking elements. However, prior work does not examine the degree to which e-mail senders actually employ gathered user information. The paper closes this research gap by means of an experimental study to clarify the use of tracking-based infor- mation. To that end, twelve mail accounts are created, each of which subscribes to a pre-defined set of newsletters from companies based in Germany, the UK, and the USA. Systematically varying e-mail reading patterns across accounts, each account simulates a different type of user with individual read- ing behavior. Assuming senders to track e-mail reading habits, we expect changes in mailer behavior. The analysis confirms the prominence of tracking in that over 92% of the newsletter e-mails contain tracking images. For 13 out of 44 senders an adjustment of communication policy in response to user reading behavior is observed. Observed effects include sending newsletters at different times, adapting advertised products to match the users’ IT environment, increased or decreased mailing frequency, and mobile-specific adjustments. Regarding legal issues, not all companies that adapt the mail-sending behavior state the usage of such mechanisms in their privacy policy. KW - E-Mail Tracking KW - Newsletter KW - Individualization KW - Personalization KW - Privacy Y1 - 2018 UR - https://aisel.aisnet.org/ecis2018_rp/59 ER -