Know instantly how much privacy a website visit costs you
Costante's work is a prototype and can be built into web browsers, which then give users an advance warning of the extent to which websites make use of their personal data. The tool gives websites a rating of between 0 and 1, where zero stands for 'no privacy costs'. Companies like Google have a very high score, says the researcher: "Google stores every search you make, including when and where you made it and from which devices. That's quite a frightening thought."
In her PhD research Costante looked at the entire cycle of online data traffic to find solutions to weaknesses for each point in the cycle. She found for example that the databases in which providers store personal data are not secure. They may have access control (who is allowed to access them and what are they allowed to see), but they don't monitor what users do once they have been admitted. To do this, Costante developed a tool that creates profiles of users' regular behavior. It then monitors everything they do, to allow timely detection of deviations.
Data theft such as at Sony, in which data from 77 million PlayStation users was stolen a few years ago, can be stopped more quickly with her tool, the TU/e researcher explains. That can save companies costly losses and reputation damage.
There have been earlier attempts to build this kind of tool, but this is the first that gives such low numbers of false alarms and does not significantly slow down data traffic. SecurityMatters, a spin-off from TU/e and the University of Twente, also intends to offer the results of Costante's work as a product, for example to banks.