IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v17y2025i10p463-d1767005.html

Quantifying Website Privacy Posture Through Technical and Policy-Based Assessment

Author

Listed:
  • Ioannis Fragkiadakis

    (Department of Digital Systems, University of Piraeus, 18534 Piraeus, Greece)

  • Stefanos Gritzalis

    (Department of Digital Systems, University of Piraeus, 18534 Piraeus, Greece)

  • Costas Lambrinoudakis

    (Department of Digital Systems, University of Piraeus, 18534 Piraeus, Greece)

Abstract

With the rapid growth of digital interactions, safeguarding user privacy on websites has become a critical concern. This paper introduces a comprehensive framework that integrates both technical and policy-based factors to assess a website’s level of privacy protection. The framework employs a scoring system that evaluates key technical elements, such as HTTP security headers, email authentication protocols (SPF, DKIM, DMARC), SSL/TLS certificate usage, domain reputation, DNSSEC, and cookie practices. In parallel, it examines the clarity and GDPR compliance of privacy policies. The resulting score reflects not only the technical strength of a website’s defenses but also the transparency with which data processing practices are communicated to users. To demonstrate its effectiveness, the framework was applied to two similarly sized private hospitals, generating comparative privacy scores under a unified metric. The results confirm the framework’s value in producing measurable insights that enable cross-organizational privacy benchmarking. By combining policy evaluation with technical analysis, this work addresses a significant gap in existing research and offers a reproducible, extensible methodology for assessing website privacy posture from a visitor’s perspective.

Suggested Citation

  • Ioannis Fragkiadakis & Stefanos Gritzalis & Costas Lambrinoudakis, 2025. "Quantifying Website Privacy Posture Through Technical and Policy-Based Assessment," Future Internet, MDPI, vol. 17(10), pages 1-19, October.
    • Handle: RePEc:gam:jftint:v:17:y:2025:i:10:p:463-:d:1767005
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/17/10/463/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/1999-5903/17/10/463/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Samuel G. Goldberg & Garrett A. Johnson & Scott K. Shriver, 2024. "Regulating Privacy Online: An Economic Evaluation of the GDPR," American Economic Journal: Economic Policy, American Economic Association, vol. 16(1), pages 325-358, February.
    2. Elham Al Qahtani & Yousra Javed & Sarah Tabassum & Lipsarani Sahoo & Mohamed Shehab, 2023. "Managing Access to Confidential Documents: A Case Study of an Email Security Tool," Future Internet, MDPI, vol. 15(11), pages 1-23, October.
    3. Karen Schnell & Kaushik Roy & Madhuri Siddula, 2023. "A Descriptive Study of Webpage Designs for Posting Privacy Policies for Different-Sized US Hospitals to Create an Assessment Framework," Future Internet, MDPI, vol. 15(3), pages 1-13, March.
    4. Kyungmin Sim & Honyeong Heo & Haehyun Cho, 2024. "Combating Web Tracking: Analyzing Web Tracking Technologies for User Privacy," Future Internet, MDPI, vol. 16(10), pages 1-23, October.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Kim, Jin-Hyuk & Newberry, Peter & Wagman, Liad, 2025. "Trading off convenience and privacy in social login," Economics Letters, Elsevier, vol. 254(C).
    2. Pauwels, Koen & Fagbola, Ladipo, 2025. "Understanding retail media: Perspectives and implications for stakeholders," Journal of Retailing, Elsevier, vol. 101(3), pages 315-330.
    3. Xinyu Li & Keongtae Kim, 2025. "Impacts of generative AI on user contributions: evidence from a coding Q &A platform," Marketing Letters, Springer, vol. 36(3), pages 577-591, September.
    4. Fangyan Wang & Sai Liang & Zaiyan Wei, 2025. "Guiding without Generating: Artificial Intelligence (AI)-Enabled Topic Nudges in Online Reviews," Papers 2511.09877, arXiv.org, revised Apr 2026.
    5. Carl Benedikt Frey & Giorgio Presidente, 2024. "Privacy regulation and firm performance: Estimating the GDPR effect globally," Economic Inquiry, Western Economic Association International, vol. 62(3), pages 1074-1089, July.
    6. Jing Yan, 2024. "Data privacy regulation and cross-border e-commerce," Empirica, Springer;Austrian Institute for Economic Research;Austrian Economic Association, vol. 51(4), pages 913-927, November.
    7. Dongqing Chen & Chaoqun Ma & Liwei Zhang & Lijie Li, 2025. "Unraveling the role of data sharing in open finance diffusion: an evolutionary game approach on complex networks," Future Business Journal, Springer, vol. 11(1), pages 1-28, December.
    8. Wu, Shansong & Xiao, Wei & Liang, Kai-Rong & Li, Kevin W., 2025. "A co-opetitive game analysis of platform compatibility strategies under data security regulation," Transportation Research Part E: Logistics and Transportation Review, Elsevier, vol. 201(C).
    9. Chen, Wanyi & Wang, Yiying & Wu, Dongjing & Yin, Xingqiang, 2024. "Can the establishment of a personal data protection system promote corporate innovation?," Research Policy, Elsevier, vol. 53(9).
    10. Colombo, Stefano & Graziano, Clara & Pignataro, Aldo, 2025. "Personalized pricing with imperfect customer recognition," Information Economics and Policy, Elsevier, vol. 70(C).
    11. Rupayan Pal & Sumit Shrivastav, 2024. "Privacy regulation, cognitive ability, and stability of collusion," Indira Gandhi Institute of Development Research, Mumbai Working Papers 2024-004, Indira Gandhi Institute of Development Research, Mumbai, India.
    12. Ke Rong & Yunshu Ling & Tianxi Yang & Cheng Huang, 2025. "Cross-border data transfer: patterns and discrepancies," Journal of International Business Policy, Palgrave Macmillan, vol. 8(1), pages 10-32, March.
    13. Paulich, Brianna JeeWon & Cheng, Yichen & Shah, Denish, 2026. "Managing conversions of anonymous online users: a privacy-compliant framework," Journal of Business Research, Elsevier, vol. 202(C).
    14. Nam, Sangjun & Kwon, Youngsun, 2024. "Is pay-or-consent for privacy justifiable? Evidence from different users' privacy attitudes toward behavioral data collection in South Korea," Telecommunications Policy, Elsevier, vol. 48(7).
    15. Stefano Colombo & Paolo G. Garella & Noriaki Matsushima, 2023. "Strategic anonymity and behavior-based pricing," ISER Discussion Paper 1219, Institute of Social and Economic Research, The University of Osaka.
    16. Jacopo Gambato & Bernhard Ganglmair & Julia K. Krämer, 2026. "Effective Regulation and Firm Compliance: The Case of German Privacy Policies," NBER Chapters, in: Data Privacy Protection and the Conduct of Applied Research: Methods, Approaches and New Findings, National Bureau of Economic Research, Inc.

    More about this item

    Keywords

    ;
    ;
    ;
    ;

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:17:y:2025:i:10:p:463-:d:1767005. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.