Arvind Narayanan is an Assistant Professor at Princeton's Department of Computer Science and Center for Information Technology Policy and an Affiliate Scholar at the Stanford Law School Center for Internet and Society. He studies information privacy and security, and has a side-interest in tech policy. His research has shown that data anonymization is broken in fundamental ways, for which he jointly received the 2008 Privacy Enhancing Technologies Award. He is one of the researchers behind the "Do Not Track" proposal. You can follow Arvind on Twitter at @random_walker and on Google+ here.
The Do Not Track war has raged for well over a year now. There are, broadly, two Do Not Track proposals: one chiefly backed by the ad industry, and another advanced by privacy advocates. These proposals reflect vastly different visions for Do Not Track with vastly different practical consequences.
A 1993 New Yorker cartoon famously proclaimed, "On the Internet, nobody knows you're a dog." The Web is a very different place today; you now leave countless footprints online. You log into websites. You share stuff on social networks. You search for information about yourself and your friends, family, and colleagues. And yet, in the debate about online tracking, ad networks and tracking companies would have you believe we're still in the early 90s — they regularly advance, and get away with, “anonymization” or “we don’t collect Personally Identifiable Information” as an answer to privacy concerns.
Joint post with Jonathan Mayer.
Earlier today Mozilla announced support for Do Not Fool, a proposed mechanism for opting out of April Fools' pranks. We cannot support this misguided effort.
First, Do Not Fool would require fundamentally reengineering the Internet, the HTTP protocol, and countless websites. Many of your favorite web destinations like The Onion rely on fooling.
A frequent misconception of Do Not Track is that the goal is to prevent tracking by online advertisers. In fact, tracking is a much broader problem on the web, and our Do Not Track vision at Stanford, while principally aimed at "third-party" tracking, does not focus on specific industry segments. Barocas and Nissenbaum said it best:
Banks and financial institutions seem to be all over the blockchain. It seems they agree with the Bitcoin community that the technology behind Bitcoin can provide an efficient platform for settlement and for issuing digital assets. Curiously, though, they seem to shy away from Bitcoin itself. Instead, they want something they have more control over and doesn’t require exposing transactions publicly.
Consider three recent news articles about online privacy:
Google+ added a new feature that shows view counts on everything you post, including your photos. It’s enabled by default, but if you don’t want to be part of the popularity contest, there’s a setting to turn it off.
There is a new privacy tool called XPrivacy for Android that protects you from apps that are hungry for your personal information (it does this by by feeding them fake data).
Privacy Substitutes by Jonathan Mayer & Arvind Narayanan
""The study has important implications for surveillance law and policy," says Arvind Narayanan, a computer scientist and data privacy expert at Princeton University. "Our intuition for terms such as 'two hops,’ [and how it limits the number of people connected to you], proves wildly inaccurate when applied to modern telephone networks." And he notes that NSA has vastly more data and resources than academic researchers.
"Balancing the desire for greater transparency and the need to protect the privacy of victims can be a difficult issue for the authorities. And some police departments may not have in-house expertise to know which data should be kept anonymous, said Arvind Narayanan, a computer science professor at Princeton who researches privacy issues.
“Depending on what one is looking to release, it can be anywhere from easily doable to impossible,” said Narayanan."
"After lunch, Princeton University's Arvind Narayanan took the stage, drawing parallels between the histories of gold mining and telephone line installation and Bitcoin, and encouraging closer collaboration with academia and the Bitcoin community. He also discussed a paper he wrote at Princeton that concluded "only 28 out of nearly 200,000 websites registered with NameCoin led to non-trivial websites" at the time of publication."
"“From a technical point of view, this is Apple's ‘fault,’” Arvind Narayanan, an assistant professor of computer science at Princeton who has worked on developing Do Not Track, told me in an email. “If the API in question doesn't expose that functionality, there's nothing Google or Mozilla can do about it.”"
"It is difficult for society to work out a legal framework to differentiate between good and bad uses of this technology, says Arvind Narayanan, a computer scientist at Princeton University in New Jersey. “How do you regulate around Bitcoin without banning the technology itself?” he asks.
Solutions to many pressing economic and societal challenges lie in better understanding data. New tools for analyzing disparate information sets, called Big Data, have revolutionized our ability to find signals amongst the noise. Big Data techniques hold promise for breakthroughs ranging from better health care, a cleaner environment, safer cities, and more effective marketing. Yet, privacy advocates are concerned that the same advances will upend the power relationships between government, business and individuals, and lead to prosecutorial abuse, racial or other profiling, discrimination, redlining, overcriminalization, and other restricted freedoms.
View the full video on YouTube.
Talk by Arvind Narayanan at the University of Maryland.
Based on a paper-in-progress by Arvind Narayanan and Joseph Bonneau
Abstract: Behind the hype and tumult of the markets, researchers have been quietly producing a series of exciting results about Bitcoin and cryptocurrencies. In this paper we’ll explain why computer scientists should pay attention to these developments.