price discrimination experiment logo
$heriff
Detecting Price Discrimination
price discrimination experiment logo



Latest news:

[1/11/2017] - A documentary in the Spainish TV Televisio 3 (Catalonia) Televisio 3.
[5/5/2017] - Our work, Who is Fiddling with Prices? Building and Deploying a Watchdog Service for E-commerce has been accepted to the ACM SIGCOMM 2017 conference.
[10/5/2016] - A documentary in the Swiss national TV about private data and transparency RTS un.
[18/10/2015] - From version 1.2.7 (Firefox) and version 0.1.1 (Chrome), $heriff allow you to see product prices from other $heriff users within the same country using the webRTC protocol. Three new features ensure that the requests are not malicious:
(1) $heriff first checks to see if the URL is known (using similarweb.com service), if not, then is checking our custom white list hosted in our servers (sheriff.dynu.com).
(2) As a second step of protection, the remote browser is only allowed to serve one remote request at a time. This step ensures that $heriff is not misusing your browser resources.
(3) The last step of protection involves a check request from each individual peer against a black list of known domains related to inappropriate content such as adult content, drugs, etc. If the requested domain falls into any of those categories the price request is rejected.

If you see a popup warning that a specific domain is not supported, please send as an email.

[30/9/2015] - New version for Google Chrome browser is now available here. For any issues please send us your feedback.

[1/3/2015] - $heriff introduction video


1. Select price

2. Check it

3. Examine differences

$heriff is an experimental service that allows to search for traces of price discrimination in the Internet. We want to see whether e-retailers vary their prices dynamically based on the information that they can collect online for the potential customer (such as her location, browser/OS, incoming link, navigation history, etc.).

Related Publications

How to use it

Check the manual to learn how to use the extension.

Measurement

Once the data is uploaded to the server, the server launches queries to the selected URL. It spawns queries with different User-Agent field, and from different geographic locations (with PlanetLab proxies). Once it receives back content of the web pages, it displays the results on the measurement page.

Collected Data

Apart from the data regularly recorded by web servers (IP, timestamps, user agents, ...) we collect:

  • Source code of the web page that is being checked. The source code (web site contents) is necessary for the extension as a proof when price discrimination is detected since most websites change their website contents frequently. Also this data can be used for further analysis by the tool.
  • Domains of the resources that were requested from the examined page. The extension is informing the user which third party domains have been contacted upon visiting the specific web site. Usually third party domains are responsible for user tracking and targeting. The extension is collecting this data to be able to identify which third party domains are actually monitoring the users on the web. This type of data has nothing to do with the user’s personal data.
  • Additional information helpful in finding location of the price on the page. When the user highlight a product price the extension is building a graph based on the structure of the html code (content of the website). The extension is using the graph to be able to identify the price from the same website as observed from different locations worldwide (from another countries). The graph is necessary for cases when the website from another country are not exactly the same with the one that users observed. This is happening since most web sites contents are customized based on user location. In this case the extension may fail to extract the product price. The graph helps the extension to overcome this situation.
  • Please note we do NOT store any browsing behavior, ONLY the webpage where you want to check the prices on.
  • The data is recorded ONLY when the user asks for price comparison.
  • Also note that Personally Identifiable Information ("PII") like credit card information, emails, passwords, real name, etc. are NOT by default stored, as we do NOT have access to them. However, when requesting price comparison, users should be mindful of the "Useful Tips" section - not following the tips set forth therein could expose your PII.
  • The data is recorded ONLY when the user asks for price comparison.

Donating your data for this research project

For users who choose to donate their data for reaseach ("opt-in"), we additionally collect the following:

  • Unique ID of the $heriff extension. Note that after uninstalling the extension we cannot link the donated data with you or your browser.
  • First and third party cookies for each price comparison request (This is a small text file added to your browser by the visited webpages). Note that we collect cookies ONLY from webpages where you want to check the price on.
  • Browser history as observed during price comparison request. We collect the last 1000 visited URLs - your recent browser history. That includes the full URL without any possible arguments that may exists.

The opt-in feature, i.e., the donation of user data feature, is disabled by default (Donate History, Donate Cookies checkboxes = unchecked). You can check the current status of the options by clicking on the $heriff logo (upper-right corner of your browser). You can selectively opt-in for each option by just selecting the corresponding checkbox for each option. Please review the "Useful Tips" section below before opting-in to our donation feature.

We highly encourage our user to enable this feature since collecting more information can help us to identify how price discrimination is occurred, by whom and how.

The data is used solely for the research purposes.

Useful Tips

Since the price comparison requests are recorded to our servers we recommend the following:

  • Avoid sending price comparisons from webpages that contains sensitive private data, such as health, religion, sexual orientation, etc.
  • Avoid sending price comparisons from web banking systems or any similar web services that include user names and passwords or any similar data that may reveal your real identity.
  • If you ever request such type of price comparison by mistake please send us a feedback message (Red button at lower-left corner of your browser) from the price comparison results page (This is the new popup window that appears after each price comparison request) so we can delete it from our servers.
  • Note that when you enable the donation features, your browser history and cookies are only collected when price request is send. By enabling and disabling the donation features, no data is collected, you have to at least send one price check requests.
  • If for any reason you want to have your data deleted from our system please send as a feedback message with the subject "remove my data". It is very important that you do so before unistalling the add-on.

Terms of Use

The browser extension and the measurement infrastructure are designed for the research purposes. We do our best to assure that it works as intended, although we can give no warranty.

Acknowledgements

We use PlanetLab infrastructure to run multiple proxies around the world.

Contact

For further information contact:
Costas Iordanou