Privacy in Targeted Advertising: A Survey

Targeted advertising has transformed the marketing landscape for a wide variety of businesses, by creating new opportunities for advertisers to reach prospective customers by delivering personalised ads, using an infrastructure of a number of intermediary entities and technologies. The advertising and analytics companies collect, aggregate, process and trade a vast amount of user's personal data, which has prompted serious privacy concerns among both individuals and organisations. This article presents a detailed survey of the associated privacy risks and proposed solutions in a mobile environment. We outline details of the information flow between the advertising platform and ad/analytics networks, the profiling process, advertising sources and criteria, the measurement analysis of targeted advertising based on user's interests and profiling context and the ads delivery process, for both in-app and in-browser targeted ads; we also include an overview of data sharing and tracking technologies. We discuss challenges in preserving user privacy that include threats related to private information extraction and exchange among various advertising entities, privacy threats from third-party tracking, re-identification of private information and associated privacy risks. Subsequently, we present various techniques for preserving user privacy and a comprehensive analysis of the proposals based on such techniques; we compare the proposals based on the underlying architectures, privacy mechanisms and deployment scenarios. Finally, we discuss the potential research challenges and open research issues.