Category: Privacy & Security
-
"Loopholes for Circumventing the Constitution", the NSA Statement, and Our Response
CBS News and a host of other outlets have covered my new paper with Sharon Goldberg, Loopholes for Circumventing the Constitution: Warrantless Bulk Surveillance on Americans by Collecting Network Traffic Abroad. We’ll present the paper on July 18 at HotPETS [slides, pdf], right after a keynote by Bill Binney (the NSA whistleblower), and at TPRC…
-
No silver bullet: De-identification still doesn't work
Paul Ohm’s 2009 article Broken Promises of Privacy spurred a debate in legal and policy circles on the appropriate response to computer science research on re-identification techniques. In this debate, the empirical research has often been misunderstood or misrepresented. A new report by Ann Cavoukian and Daniel Castro is full of such inaccuracies, despite its claims of “setting…
-
"Privacy Comes at a Cost" – The U.S. Supreme Court’s Opinion in Riley v. California
In Riley v. California, a cell phone search-and-seizure opinion delivered by Chief Justice Roberts for a unanimous Court last month, the U.S. Supreme Court squarely recognized, and afforded special protection to, the ubiquitous use and storage of voluminous electronic data of many different types on mobile devices today. The opinion holds that, without a warrant,…
-
Privacy Implications of Social Media Manipulation
The ethical debate about Facebook’s mood manipulation experiment has rightly focused on Facebook’s manipulation of what users saw, rather than the “pure privacy” issue of which information was collected and how it was used. It’s tempting to conclude that because Facebook didn’t change their data collection procedures, the experiment couldn’t possibly have affected users’ privacy…
-
On Decentralizing Prediction Markets and Order Books
In a new paper to be presented next week at WEIS by Jeremy Clark, we discuss the challenges in designing truly decentralized prediction markets and order books. Prediction markets allow market participants to trade shares in future events (such as “Will the USA advance to the knockout stage of the 2014 World Cup?”) and turn…
-
Cognitive disconnect: Understanding Facebook Connect login permissions
[Nicky Robinson is an undergraduate whose Junior Independent Work project, advised by Joseph Bonneau, turned into a neat research paper. — Arvind Narayanan] When you use the Facebook Connect [1] login system, another website may ask for permission to “post to Facebook for you.” But what does this message mean? If you click “Okay”, what…
-
Bitcoin Mining Now Dominated by One Pool
The big news in the Bitcoin world, is that one entity, called GHash, seems to be in control of more than half of all of the mining power. A part of Bitcoin’s appeal has been its distributed nature: the idea that no one party is in control but the system operates through the cooperative action…
-
Encryption as protest
As a computer scientist who studies Privacy-Enhancing Technologies, I remember my surprise when I first learned that some groups of people view and use them very differently than I’m used to. In computer science, PETs are used for protecting anonymity or confidentiality, often via application of cryptography, and are intended to be bullet-proof against an…
-
Why King George III Can Encrypt
[This is a guest post by Wenley Tong, Sebastian Gold, Samuel Gichohi, Mihai Roman, and Jonathan Frankle, undergraduates in the Privacy Technologies seminar that I offered for the second time in Spring 2014. They did an excellent class project on the usability of email encryption.] PGP and similar email encryption standards have existed since the early…
-
Wickr: Putting the “non” in anonymity
[Let’s welcome new CITP blogger Pete Zimmerman, a first-year graduate student in the computer security group at Princeton. — Arvind Narayanan] Following the revelations of wide-scale surveillance by US intelligence agencies and their allies, a myriad of services offering end-to-end encrypted communications have cropped up to take advantage of the increasing demand for privacy from surveillance.…