Jonathan Mayer is an Assistant Professor of Computer Science and Public Affairs at Princeton University. Before joining the Princeton faculty, Jonathan served as the technology law and policy advisor to United States Senator Kamala Harris and as the Chief Technologist of the Federal Communications Commission Enforcement Bureau. Jonathan's research centers on the intersection of technology and law, with emphasis on national security, criminal procedure, consumer privacy, network management, and online speech. Jonathan is both a computer scientist and a lawyer, and he holds a Ph.D. in computer science from Stanford University and a J.D. from Stanford Law School.
Co-authored with Patrick Mutchler. This is a project of the Stanford Security Lab.
Just over a month ago we launched MetaPhone, an Android app for crowdsourcing phone metadata. Our results have already confirmed that phone activity easily reveals private relationships, is deeply interconnected, and can trivially be identified.
We’ve received lots of great feedback on the study from researchers and participants. One request has been especially consistent: show me my metadata!
Starting today, the MetaPhone app will provide personalized results about your phone metadata privacy.
Our recent research on Google’s circumvention of the Safari cookie blocking feature has led to some confusion, in part owing to the company’s statement in response (reproduced in its entiretybelow). This post is an attempt to elucidate the central issues. As with the original writeup, I aim for a neutral viewpoint in the interest of establishing a common factual understanding.
Apple’s Safari web browser is configured to block third-party cookies by default. We identified four advertising companies that unexpectedly place trackable cookies in Safari. Google and Vibrant Media intentionally circumvent Safari’s privacy feature. Media Innovation Group and PointRoll serve scripts that appear to be derived from circumvention example code.
By Jonathan Mayer and Edward W. Felten
Special to The Bee
By Edward Felten and Jonathan Mayer
Snooping on the Internet is tricky. The network is diffuse, global, and packed with potential targets. There’s no central system for identifying or locating individuals, so it’s hard to keep track of who is online and what they’re up to. What’s a spy agency to do?
Privacy Substitutes by Jonathan Mayer & Arvind Narayanan
Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.
"“The federal government is the largest consumer of commercial wireless services and is susceptible to the same cybersecurity risks in our communications infrastructure,” Jonathan Mayer, a computer science professor at Princeton University, told the panel.
“A foreign intelligence service could easily use cell-site simulators to collect highly confidential information about government operations, deliberations and personnel movements,” Mayer added."
"However, because many large global companies already comply with similar restrictions under a major new European digital privacy law that took effect in May, the new California law will have limited impact, according to some experts.
"“I’m not aware of any instance where a law enforcement agency has successfully tracked down one of these devices,” Jonathan Mayer, a chief technologist at the Federal Communications Commission’s Enforcement Bureau, told the subcommittee. Nor has the Justice Department prosecuted anyone for operating a cell site simulator, he added.
The challenge, Mayer said, was that there was no “telltale sign of cell site simulation . . . there are only indicia that give rise to suspicion.”"
"The Federal Communications Commission has hired Jonathan Mayer, a rising star in privacy circles, to serve as its technical lead for investigations into telephone, television and Internet service providers.
He will work primarily on consumer protection issues, especially those having to do with security and privacy, agency spokeswoman Shannon Gilson confirmed.
Privacy and Civil Liberties Oversight Board Chairman Adam Klein and Board Members Edward Felten and Jane Nitze have announced a May 31, 2019 public forum in Washington, DC to examine the USA FREEDOM Act and the government’s call detail records (CDR) program under that law. Several key provisions of the USA FREEDOM Act will sunset in December unless they are reauthorized by Congress.
Advanced technologies are revolutionizing how the government investigates, charges and prosecutes criminal cases—and defense attorneys must keep pace. Even small police departments can purchase powerful surveillance technologies, and internet companies collect vast troves of data on virtually everyone. This two-day CLE conference will discuss the government's use of technologically advanced investigative techniques in criminal cases, and the issues raised by those techniques under the Fourth Amendment and other federal law.
Cybersecurity and Privacy in the Internet Economy: Information Sharing, Data Security, and Intellectual Property
Because of Edward Snowden’s remarkable public service, we know that the National Security Agency, with the cooperation of some large firms, has amassed an unprecedented database of personal information. The ostensible goal in collecting that information is to protect national security. The effect, according to Reed Hundt, is to undermine democracy.
This talk presents an empirical assessment of the NSA’s legal restrictions, including research cited by President Obama’s intelligence review group. We find that present limits on bulk surveillance programs come up far short; authorities to intercept international Internet traffic and domestic telephone metadata place ordinary Americans at risk.
In this first episode, Mike and I explore how your simplest digital footprints – fragments of Google searches, Facebook likes, and innocuous tweets – can expose deeply intimate facts about you. Like whether your parents are divorced and whether you own a gun. In fact, these vanilla datasets that we all generate every time we use the Internet reveal surprising clues about our personalities and behavior. So how can that information be used, and who is collecting it? We talk to Michal Kosinski of Stanford’s Graduate School of Business, and Jonathan Mayer, a computer scientist and lawyer.
As consumers increasingly adopt encryption tools, government officials have warned of the “Going Dark” problem – the notion that widespread encryption will thwart legitimate government efforts to investigate crime and safeguard national security. To address this problem, law enforcement and intelligence community officials have suggested that companies include “backdoors” in their products to permit lawful government access to encrypted data. This proposal has been met with criticism from technologists and privacy advocates alike.
"WELNA: It could indeed. Hackers, by definition, are trying to break into other people's computer accounts and steal their information, so monitoring their activity means watching them poach on other people's Internet usage and private data. I talked with Jonathan Mayer, a computer security fellow at Stanford who's reviewed these latest Snowden documents. He says because of the way the surveillance law is written, the NSA can actually hang on to that hacked information.
CIS Affiliate Scholar David Levine interviews Jonathan Mayer, Stanford Ph.D. candidate in computer science, author of Terms of Abuse: An Empirical Assessment of the Federal Hacking Law, and How to Fix It.
Listen to the full piece at Marketplace.org.
"Now Neustar might lose the contract to Ericsson, which is based in Sweden. Neustar says this would be bad for national security, said Jonathan Mayer, a fellow at Stanford's Center for International Security and Cooperation.
“It certainly is a legitimate concern that the company that routes calls is in position to know a fair amount about law enforcement and intelligence investigations,” Mayer said."