Study Finds 38% of Top Websites Use Third-Party Keystroke Interception That May Violate U.S. Wiretapping Laws
By
lapcat
A second-rack bagel that's nearly first-rack. Tasty stuff.
Summary
This paper presents a tech-law analysis examining the use of JavaScript event listeners by third-party trackers for real-time keystroke interception on websites, mapping this practice to decades-old U.S. wiretapping laws. Using an instrumented web browser to crawl the top-million websites, the researchers found that 38.52% of websites installed third-party event listeners to intercept keystrokes, and at least 3.18% transmitted intercepted information to third-party servers—aligning with criteria for wiretapping under U.S. federal and California law. The intercepted data, including email addresses typed into form fields, was found to be used for unsolicited email marketing. The work bridges technical measurement with legal analysis, highlighting how older wiretapping laws could provide private right of action and meaningful enforcement against invasive web tracking.
Key quotes
· 5 pulledWe find evidence that 38.52% websites installed third-party event listeners to intercept keystrokes, and that at least 3.18% websites transmitted intercepted information to a third-party server, which aligns with the criteria for wiretapping.
Bridging the tech-law gap for older wiretapping laws is important and timely because, in cases where legal harm to privacy is proven, they can provide statutory private right of action, are at the forefront of recent privacy enforcement, and could ultimately lead to a meaningful change in the web tracking landscape.
We further find evidence that the intercepted information such as email addresses typed into form fields are used for unsolicited email marketing.
Different from prior work, we conduct a tech-law analysis to map decades-old U.S. laws about interception of electronic communications—so-called wiretapping—to web tracking.
Beyond our work that maps the intersection between technical measurement and U.S. wiretapping law, additional future legal research is required to determine when the wiretapping observed in our paper passes the threshold for illegality.
You might also wanna read
Experimental demonstration of quantum communication advantage for Euclidean distance calculation using coherent state fingerprints
This paper presents an experimental demonstration of quantum advantage in communication complexity for the Euclidean distance problem. The r
arxiv.org·43m ago
Quantum research reveals when entanglement hinders rather than helps channel discrimination
This research paper investigates the role of entanglement in quantum channel discrimination, challenging the common assumption that more ent
arxiv.org·47m ago
Florida community Angeline installs AI-powered robotic beehive to protect pollinators
A Pasco County, Florida community called Angeline has installed a robotic beehive system equipped with AI technology, becoming the first mas
baynews9.com·56m ago
Study Finds Most AI Chatbots Prioritize Ad Revenue Over User Welfare in Conflict-of-Interest Scenarios
This research paper analyzes how large language models (LLMs) handle conflicts of interest when company revenue incentives (advertisements)
arxiv.org·1h ago
German study finds POLO back-junction solar cells more cost-effective than PERC technology in Europe
A German research team from the German Aerospace Center (DLR) conducted a techno-economic analysis of POLO back-junction (BJ) solar cells in
pv-magazine.com·1h ago
AI-powered whale detection system deployed in San Francisco Bay to prevent ship collisions
A new AI-powered whale detection system is being deployed in San Francisco Bay to prevent ship collisions with whales. The system uses under
apnews.com·1h ago