Vekaria, Yash;
Canino, Aurelio Loris;
Levitsky, Jonathan;
Ciechonski, Alex;
Callejo, Patricia;
Mandalari, Anna Maria;
Shafiq, Zubair;
(2025)
Big Help or Big Brother? Auditing Tracking, Profiling, and Personalization in Generative AI Assistants.
In:
Proceedings of the 34th USENIX Security Symposium.
(pp. pp. 8115-8134).
USENIX: Seattle, WA, USA.
Preview |
Text
Mandalari_2503.16586v1.pdf - Accepted Version Download (2MB) | Preview |
Abstract
Browser assistants have started to integrate powerful capabilities of GenAI in web browsers to offer functionalities such as question answering, content summarization, and agentic web navigation. These assistants, available today as browser extensions, raise significant privacy concerns because they can track detailed browsing activity (e.g., searches, clicks) and autonomously perform tasks such as form filling. In this paper, we analyze the design and behavior of GenAI browser extensions, focusing on how they collect, process, and share user data, and whether they profile users based on explicit or inferred demographic attributes and interests. We develop a novel prompting framework and perform network traffic analysis to audit the nine GenAI browser assistants for tracking, profiling, and personalization. We find that GenAI browser assistants typically rely on server-side APIs rather than local models, and can be invoked automatically without explicit user interaction. GenAI browser assistants often collect and share full webpage content, including the HTML DOM and user form inputs in some cases, with their first-party servers. Some also share identifiers and user prompts with third-party trackers such as Google Analytics. This data collection and sharing happens even on pages containing sensitive information, such as health records or personal information such as names or social security numbers entered in a web form. Moreover, several GenAI browser assistants infer attributes (e.g., age, gender, income, interests) and use them to personalize responses across browsing contexts. Our findings show that GenAI browser assistants collect and share personal and sensitive information for profiling and personalization, highlighting the need for safeguards as they increasingly mediate web browsing.
| Type: | Proceedings paper |
|---|---|
| Title: | Big Help or Big Brother? Auditing Tracking, Profiling, and Personalization in Generative AI Assistants |
| Event: | 34th USENIX Security Symposium |
| Location: | Seattle, WA, USA |
| Open access status: | An open access version is available from UCL Discovery |
| Publisher version: | https://www.usenix.org/conference/usenixsecurity25... |
| Language: | English |
| Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Electronic and Electrical Eng |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10214829 |
Archive Staff Only
 |
View Item |
