The use of personal data in French public services: e-mails, websites, apps

TL;DR

This paper analyzes the pervasive use of personal data in French public services, highlighting how mobile apps, emails, and websites extensively employ trackers and cookies, mainly by major tech companies, for functionality and advertising.

Contribution

It provides an empirical analysis of tracking practices in French public services, revealing the dominance of GAFAM and Xiti in data collection and advertising targeting.

Findings

Mobile apps frequently use permissions and tracers, mainly from Android and Google.

Emails contain trackers from Google, Xiti, and Iroquois, even in public service contexts.

Government websites heavily feature Google trackers and cookies for audience measurement and targeted advertising.

Abstract

The study we carried out enabled us to extract some conclusions, which are contrasted with the results obtained. First, in the field of mobile applications, permissions and tracers are almost always present. Android, as far as PlayStore permissions are concerned, is the main entity concerning this domain. Under the pretext of guaranteeing an optimal functioning of the applications, these permissions can sometimes hide some very dangerous tracing means for the users. Google, a major player in tracing and a major power in the storage of information of net users, is behind most tracers. Trackers have two main missions. On the one hand, they allow the application to work, like Facebook's trackers that are used to log into the application or Google's trackers that allow either to trace crashes or to analyze how the application is used. On the other hand, they allow you to manage the advertising that appears in the application, which can be targeted or not. Regarding tracking in emails, we find stakeholders quite present: Google, Xiti and Iroquois. Even if they are most often used in the context of hearing measurements, they are present in public service emails. Finally with websites, Google is very present in government websites. We find common actors for applications and emails such as GAFAM or Xiti. Most of the cookies present are for audience measurement and advertising display which is often targeted.