Privacy on the Web Andreas Gal, PhD Founder & Born in Hungary, grew up in Germany PhD in Computer Science, UC Irvine Accidentally industry-turned academic Background in compilers, systems, security 7 years at Mozilla, most recently as CTO Left in July to found an IoT startup About your speaker 1.Whats privacy? 2.Do people really care about privacy? 3.Selling privacy 4.Making privacy valuable 5.Privacy and the Internet of Everything Overview Ill try to explain my subjective view on online privacy after working on the Web for 7 years I am not speaking for any employer, past on present Please feel free to ask questions during the talk, especially if you disagree Disclaimer 1.Privacy The concealment of information 2.Privacy Peace and Quiet (robocalls are a violation of my privacy) 3.Privacy Freedom and Autonomy (abortion is a right grounded in privacy) Defining Privacy The Economics of Privacy, Richard A. Posner, October 1980 Once upon a time, via, Do people care about privacy? An example Oct 16: In order to book your flights we need your scanned passport, on the page where your picture and passport number appear. Thank you in advance. Oct 16: Please help me understand why you need my passport picture and passport number for a domestic flight from California [to Boston] where I wont be using my passport. Oct 16: As our agency is based in Spain and the flight has US as destination, your passport is required. Without it the agency cannot book your flights. Oct 19: We remind you that as our agency is based in Spain and your flight has an international destination for us (US) the agency requires your passport to book the flights. If you cannot send us the scanned Passport our agency we will need the following information in it: Full name (Given Names + Surname), Passport number, Nationality, Date of birth, Place of birth, Date of expiration.Thank you for your understanding. Do people care about privacy? An example Before I tell you what I did, please remember I have a PhD in computer science I worked on Internet security for much of my life The request came via unencryptedThe request came via unauthenticatedThe request is completely nonsensical Do people care about privacy? An example For many years Firefox users defected to Chrome over the poor history/password sync feature. Firefox Sync (then Weave) launched in 2007, a full year before Chrome. How was this possible? Privacy in consumer products Privacy-first Product Design C748BDA748480CC6E6881E Pros Only user has control over his/her information Resillient to digital attacks, even by state-level actors Resillient to legal attacks (Lavabit) Basic use cases all well covered Cons Completely missed user expectations Crypto is hard to grasp, people didnt understand what they are getting Works different than most products (with crappy privacy) Missed use case: backup Privacy-first Product Design Backup & Multi-device use case C748BDA748480CC6E6881E C748BDA748480CC6E6881E 3. Following Chromes lead Password-based encryption (pretty useless) Little protection against mass surveillance Multi-device setup and backup use cases solved Users are happy with the part they get (experience), and dont understand what they lost Today: usability over privacy Privacy is hard to sell Mozilla emphasizes choice and control, not privacy when marketing Firefox Google claims Chrome is fast, simple, secure Microsoft tried to market privacy for IE9 in Many completely missed that feature (tracking protection) In fact, most people wont even try Hard to explain & easy to game People dont like to buy Privacy Simon Sinek, TEDx Puget Sound, 2009 The secret of successful Internet services Greed + Privacy can we make that work? Lets talk about online advertisement When you see an ad, the ad sees you, and can track you. EFF / Privacy Badger FAQ Its essentially impossible to take on tracking without also fixing online advertisement Ads + tracking Online advertisement is out of control 22 million Firefox users agree User agent really? Incentives are poorly aligned The browser as a leaky sieve browser personal data tracking What the browser should look like Most ads on the Internet would break (short term problem) Monetization would plummet (Dysport couldnt find me any more) but also What if we blocked all trackers tomorrow? Sites would get a lot more valuable! Your Food Ad Here Your Food Ad Here Your Food Ad Here Blocking trackers would increase the value publishers capture Prisoners dilemma unclear they would ever be able to move in this direction Silver lining: rapidly declining CPIs may force their hand! We found our deadly sin! And how to get browser vendors on board Next up: Internet of (Every)Thing(s) IoT will be 1990s all over The other privacy might be easier to grasp IoT is physical can we fix crypto? IoT demands that we do better with respect to privacy. Ironically, it may also be easier to do so. Last words Questions? Thank you!