Skip to main content

Cookies Anyone?

European consortium recruiting citizen scientists to take a byte out of online security breaches



A recent security breach on Facebook revealed the personal information of some 50 million users. This and other incidents have led many to ask how they can preserve their privacy online.

The EU General Data Protection Regulation (GDPR) requires organizations to safeguard personal data and uphold the privacy rights of anyone in EU territory.

One initiative designed to ensure compliance with the GDPR is CSI-COP (Citizen Scientists Investigating Cookies and App GDPR Compliance), an EU-funded project of eleven partner countries that engages citizen scientists across Europe, and the world, to investigate online activity.

Do we know what cookies are embedded in websites and in apps, and what they do with our data? Do we know what cookies are embedded in our own apps? By exploring cookies (small text files) embedded in websites and in apps on smartphones, citizen scientists can play a valuable role in ensuring privacy and providing a better understanding of what information is tracked online, facilitating the development of methods to preserve privacy in data collection.  

Leading the CSI-COP consortium from Israel is Dr. Maayan Zhitomirsky-Geffet, who oversees the field of ethical data-driven research at Bar-Ilan University's Department of Information Science.   

 CSI-COP is now offering a free, online information education course (MOOC) to inform and train citizen scientists about their digital rights, and to look beneath websites and apps to uncover hidden trackers and permissions. Entitled "Your Right to Privacy Online" the course covers topics such as privacy, data, online tracking, rights to data protection and privacy, and tool to protect data and privacy. Upon completion of the course, participants may join the CSI-COP transdisciplinary team and engage in the campaign to make the Internet experience privacy-by-default.

Dr. Zhitomirsky-Geffet: "If a stranger on the street asked us to give him our personal details, including name, address, telephone, what merchandise we recently bought and where we purchased it, where we regularly visit, whom we met over the weekend, and more, we wouldn't even think of providing this information. On the Internet, however, we do provide these and many other details about ourselves and our lives -- not only to other users we don't know but also to various bodies we don't even know exist. How can this be explained? In research literature the phenomenon is known as "the privacy paradox". Most of us are unaware of threats to our online privacy and how to prevent invasion of online privacy. The current project aims to raise public awareness and teach citizens about their online rights, and give them practical tools to protect their privacy in cyberspace, thus making them champions of privacy and ambassadors who will pass on this information to their families, children, friends and the general public."

The CSI-COP consortium is coordinated by Coventry University, UK and, in addition to Israel, includes partners from Greece, Hungary, The Netherlands, Finland, the Czech Republic, Germany, Spain, and Belgium.