It wasn't me! Plausible Deniability in Web Search

TL;DR

This paper investigates how users can detect, assess, and defend their plausible deniability in web search, demonstrating that threats are detectable and proposing a defense method using proxy topics.

Contribution

The paper introduces scalable tools for users to evaluate and protect their privacy against search engine personalization threats, including a novel defense technique.

Findings

Threats to plausible deniability are detectable across tested topics.

Noise query injection and click obfuscation are ineffective defenses.

Using uninteresting proxy topics enhances privacy protection.

Abstract

Our ability to control the flow of sensitive personal information to online systems is key to trust in personal privacy on the internet. We ask how to detect, assess and defend user privacy in the face of search engine personalisation? We develop practical and scalable tools allowing a user to detect, assess and defend against threats to plausible deniability. We show that threats to plausible deniability of interest are readily detectable for all topics tested in an extensive testing program. We show this remains the case when attempting to disrupt search engine learning through noise query injection and click obfuscation are used. We use our model we design a defence technique exploiting uninteresting, proxy topics and show that it provides amore effective defence of plausible deniability in our experiments.