Kent cyber security researchers sign open letter to the UK charity sector on privacy invasive advertising

Letter to charity

On Wednesday 18 November 2020, three researchers from Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) joined other UK researchers in signing an open letter to the UK Charity Sector.

Dr Virginia Franqueira, Professor Shujun Li and Professor David Chadwick, signed the open letter which was written in response to a recent report published by ProPrivacy on the widespread use of programmatic advertising in the charity sector and the potential risks this poses to the privacy of users of charity websites.

The ProPrivacy report reveals that many charities, through their use of such advertising technologies, are potentially putting people’s personal data at risk, inadvertently allowing AdTech companies to profile users based on data harvested via ads embedded on web pages they visit.

Dr Virginia Franqueira says: ‘the matter is particularly concerning as many users of charity services are in a vulnerable position and dealing with extremely sensitive issues such as mental health, disability, debt and end-of-life care. Because these third party elements load on a website before the user is able to consent to them, users are potentially being profiled based on visiting certain sites. While there is an understandable need to advertise charitable services to the public, to promote the valuable work they do for society and raise awareness, it is important that the sector recognises the data security risks in using this technology and does its utmost to protect the privacy of the public’.

As part of its socio-technical security and privacy research theme, many KirCCS researchers are actively doing research related to privacy and data protection, including the EU H2020 project “Privacy Matters (PriMa) Innovative Training Networks”, the EPSRC-funded project “PriVELT: PRIvacy-aware personal data management and Value Enhancement for Leisure Travellers” and a number of recent papers published on GDPR (“Is your chatbot GDPR compliant? Open issues in agent design”, “A Data-Driven Analysis of Blockchain Systems’ Public Online Communications on GDPR”, “From Data Flows to Privacy Issues: A User-Centric Semantic Model for Representing and Discovering Privacy Issues”).

The full text of the open letter is available to read on the ProPrivacy website, here: