Private Workshop Participants

Alessandro Acquisti is an Associate Professor at the Heinz College, Carnegie Mellon University, and the co-director of CMU Center for Behavioral Decision Research (CBDR). His research focuses on the economics of privacy. His studies have spearheaded the application of behavioral economics to the analysis of privacy decision making, and the analysis of disclosure behavior and privacy trade-offs in online social networks. Alessandro has been the recipient of the PET Award for Outstanding Research in Privacy Enhancing Technologies, the IBM Best Academic Privacy Faculty Award, the Heinz College Award for Teaching Excellence, and multiple best paper awards. He is a member of the National Academies’ Committee on Public Response to Alerts and Warnings Using Social Media and Associated Privacy Considerations, and has held visiting positions at the Universities of Harvard, Chicago, Rome,Paris, and Freiburg, at Microsoft Research in New England, and at Google. He holds a PhD from UC Berkeley, and Master degrees from UC Berkeley, the London School of Economics, and Trinity College Dublin. 

Lila Bailey joined Berkeley Law in 2011 as a Clinical Teaching
Fellow in the Samuelson Law, Technology & Public Policy Clinic. She came
to the Clinic from The William and Flora Hewlett Foundation, where she
worked in the Education Program on Open Educational Resources
(OER)—high-quality educational materials provided freely under a
flexible copyright license that allows anyone, anywhere, to access,
customize, and share those resources via the Internet.

Prior to her work at the Hewlett Foundation, Bailey was in-house counsel
for Creative Commons, a non-profit organization that offers open
copyright licenses. While there, she provided legal and programmatic
advice within the organization and educated the public about the use and
benefits of Creative Commons licenses, especially in the area of
education. Before going in-house, Bailey was an associate at Wilson,
Sonsini, Goodrich & Rosati where she worked on Intellectual Property
litigation and strategic counseling matters for Silicon Valley
technology companies and start-ups. Bailey also held an Intellectual
Property Fellowship with the Electronic Frontier Foundation in 2007.

Rebecca Balebako is a PhD candidate at Carnegie Mellon University in Engineering and Public Policy.  She is advised by Dr. Lorrie Cranor, and is a member of the Cylab Usable Privacy and Security Lab.  Her work has included measuring the effectiveness and usability of privacy tools in reducing behavioral advertising, and using insights from behavioral economics to improve privacy decisions.  Before entering the PhD program, Rebecca was a web programmer for 10 years, and taught programming and computer skills in West Africa for 3 years.

Jason Beatty: I have been pretty entrenched in startups and application development since 97, if not earlier.  Prior to PrivacyChoice I started a company that focused on network tools/pen testing apps for mobile devices. Before that I was a developer/reverse engineer as well as one of the two developers of ‘mmoGlider’ a software product that sold over 140K copies, but also lead to a pretty interesting court battle, mdy v. blizzard (Ed Felten assisted us on that one ).  Before Glider, I worked for Primedia Corp after they acquired, a company that I helped start 7 years earlier. 

Rainer Boehme is Assistant Professor of Information Systems and IT Security at the University of Muenster, Germany, since 2010. Prior to this, he was Postdoctoral Fellow at the International Computer Science Institute (ICSI) in Berkeley, CA. He holds a doctoral degree (Dr.-Ing.) in computer science and a master’s degree in communications, economics and computer science, both from Technische Universitaet Dresden in Germany. Back in Dresden he worked in Andreas Pfitzmann’s privacy and data security group. Rainer Boehme’s research interests include privacy-enhancing technologies, economics of privacy, and privacy metrics. He has also worked for the European Central Bank on macroeconomic forecasting and financial stability.

Joseph Bonneau completed his PhD at the University of Cambridge in May 2012, supervised by Ross Anderson and researching authentication on the web, privacy in social networks, censorship, and security economics. His doctoral work included a large-scale, privacy-preserving study of user password choices at Yahoo! His work has also included several large-scale surveys of implementation choices at real web sites, including privacy practices in social networks and merchants and password practices at merchants, social networks and news websites. Prior to his PhD he completed a BS in computer science and MS in cryptography at Stanford, and worked as a cryptographer at Cryptography Research, Inc.

Frederik Borgesius is a PhD researcher at the
Institute for Information Law of the University of Amsterdam. His research
concerns behavioural targeting, privacy, and European data protection

Before joining IViR, Frederik worked in the
music industry for many years (as a producer, DJ, publisher and label owner)
and dealt with copyright on a daily basis. While running his own company he
studied law at the Open University and earned his Bachelor’s degree in 2008. During
his research Master’s at the IViR he worked part-time at SOLV attorneys, a law
firm dedicated to technology, media and communications. Frederik has also
studied six months at Hong Kong University.

Frederik’s research concerns the following
question. In the context of behavioural targeting, how could European
regulation be improved to protect privacy, without unduly restricting the
autonomy of internet users? European data protection regulation emphasizes
informed consent. But insights from behavioural economics cast doubt on the
effectiveness of this approach as a privacy protection measure. Therefore, the
research looks at another regulatory approach.

If aiming to empower the individual is not
the right tactic to protect privacy, perhaps prohibitions could be introduced
in addition to the data protection regime. Different rules could apply to
different circumstances. Are data gathered while internet users are looking to
buy shoes, less sensitive than data that reveal which books or online newspapers
they read? Do truly innocent data exist?

Jim Brock runs, which rates websites based on privacy practices and qualifications. Web users can see privacyscores while they surf, and can opt-in to transmit tracking events from their browser. This data improves privacyscoring and powers privacy analytics for site publishers to monitor and reduce privacy risk. Privacyscore is a project of PrivacyChoice, which makes privacy easier through tracking control tools for web users, a hosted privacy framework for mobile apps, and privacy data APIs used by companies such as, Keynote Systems and DoubleVerify. Previously, Jim founded Attributor, a content tracking platform, led a business division at Yahoo!, co-founded an startup investment firm, served as Yahoo!’s founding counsel, led the Internet practice at Venture Law Group in Silicon Valley and graduated from the University of Chicago Law School.

Jason Christopher is a Lecturer and the Director of IT at UC Berkeley’s Goldman School of Public Policy. His research interests focus primarily on applying IT tools and open-source content management systems to public policy, mainly for biosecurity in synthetic biology, but also in higher ed. He served as the technical director of UC Berkeley’s Synthetic Biology Security Program, where he developed an Experiments of Concern Web Portal for scientists conducting dual-use research and VIREP, a virulence factor database for use with genetic sequence screening.He is also interested in instructional technology, specifically integrated audio/video/web systems as blended learning platforms. Formerly, he was co-founder of Questron Inc., a technology firm specializing in IT and A/V systems design and integration, primarily serving the K-12 environment. At Questron, Jason developed local origination broadcast devices (videorama/videoplex), managed network and systems modernizations, wrote grant proposals for state technology awards and authored IT instructional programs for teachers and administrators. He continues to consult through Tech Comfort LLC.  More generally, he is interested in emerging web technologies and their effects on legal and political issues in society. He has an MA in Legal and Political Theory from University College, London. Jason teaches “Information Technology and Public Policy” at the Goldman School and guest lectures on cybersecurity and instructional technology, as it applies to pedagogy.

Aldo Cortesi has run a small security consultancy for just over 10 years. He’s performed countless penetration tests, audited many millions of lines of code,lead teams developing sensitive bits of software, and helped secure justifiably paranoid organizations like governments and banks. He’s recently gained an interest in privacy issues. Work in this area includes the creation of mitmproxy (an interception tool used to expose high-profile problems like the recent Path address book upload issue), the launch of (a site that aims to provide privacy analytics for the social web), and the disclosure of significant problems relating to Apple device UDIDs.

Emiliano De Cristofaro is a Research Scientist at the Palo Alto Research Center (PARC), where he works in the Security and Privacy group. He got a B.Sc. in Computer Science from the University of Salerno (Italy) in 2005 and a PhD in Networked Systems from the University of California, Irvine (advised by Gene Tsudik) in 2011. Emiliano has been an intern in NEC Europe Labs, INRIA Rhone Alpes, and Nokia Research Center. His research interests include security, privacy, and applied cryptography. Emiliano has been working on the concept of sharing sensitive information with privacy. His goal is to address a number of privacy concerns arising from everyday scenarios where sensitive data must be shared between entities without mutual trust. His approach is to identity and/or design appropriate cryptographic protocols and build efficient systems that enable information sharing with privacy in a number of applications, such as, database screening, healthcare and genomic applications, micro-blogging OSNs, collaborative smartphone applications, etc. His publications include more than 30 papers, some of which appearing in world’s leading academic conferences in security and privacy, such as, ACM CCS, IEEE Security and Privacy, and IACR Asiacrypt.

Nick Doty (conference co-chair) is a PhD student at the UC Berkeley School of Information, studying how privacy and other values are considered in the technical design process. He currently researches location privacy (including surveys of use of the W3C Geolocation API and other JavaScript APIs) and privacy in Web standards and co-teaches the Information Organization Lab and Technology & Policy Lab at the iSchool. He also works for the World Wide Web Consortium (W3C) on improving support for privacy in technical standard-setting.

Matt Fredrikson is a fifth-year graduate student pursuing his PhD in Computer Science at the University of Wisconsin-Madison, where he received his M.S. in 2010. His research focuses on understanding privacy issues at the software level, using insights and techniques from the formal methods and programming languages communities to guide his efforts. In particular, he is interested in developing techniques and building tools that are capable of characterizing the privacy threat posed by software commonly run inside of browsers, as well as the software currently driving the many recent advances in personalized medicine. Since entering graduate school, he has worked on related problems in privacy, malware analysis, and formal verification, including during internships at Microsoft, IBM, and SRI. He recently helped organize a workshop on Web security and privacy at the IEEE Symposium on Security and Privacy, and is the recipient of the Microsoft Research PhD Fellowship.

Dr. Jens Grossklags is an Assistant Professor at the College of Information Sciences and Technology at the Pennsylvania State University. Previously, he served as a Postdoctoral Research Associate at the Center for Information Technology Policy, and as a Lecturer of Computer Science at Princeton University. In 2009, he completed his doctoral dissertation at UC Berkeley’s School of Information. While at UC Berkeley, he also obtained master’s degrees in Computer Science, and Information Management and Systems.He is studying information privacy, security, technology policy and networked interactions from a theoretical and practical perspective. Specifically, Dr. Grossklags is motivated to contribute to a better understanding of the current and future marketplace for personal and corporate information, and improved designs of the underlying evolving security infrastructure. His academic work is very cross-disciplinary and utilizes analytic, empirical and experimental methodologies.

Seda Gürses: I am currently a post-doc at COSIC/ESAT at the (formerly catholic) University of Leuven working on privacy in online social networks, requirements engineering, privacy enhancing technologies and identity management systems. I am also part of the Privacy and Identity Management Group led by Claudia Diaz. I completed my PhD titled “Multilateral Privacy Requirements Analysis in Online Social Networks” at the Arenberg School in the group HMDB of the Computer Science Department also at the University of Leuven under the supervision of Bettina Berendt, Bart Preneel and Thomas Santen. I am currently the coordinator of the interdisciplinary project “Security and Privacy in Social Networks” (SPION) supported by the Agency for Innovation by Science and Technology (IWT) in Belgium. In addition to my academic work I collaborate with artists and other meddlesome communities who apply their interdisciplinary methods to topics that arise at the intersection of free and open source software, privacy, surveillance and intellectual property.

Serge Egelman is a postdoctoral researcher at the University of California, Berkeley. His research focuses on usable security, with the specific aim of better understanding how people make decisions surrounding their privacy and security, and then creating improved interfaces that better align stated preferences with behaviors. This has included human subjects research on social networking privacy, access controls, authentication mechanisms, web browser security warnings, and privacy-enhancing technologies. He received his PhD from Carnegie Mellon University and prior to that was an undergraduate at the University of Virginia. He has also performed research at NIST, Brown University, Microsoft Research, and Xerox PARC.

Rob van Eijk is a PhD. candidate at Leiden University Dual PhD Centre The Hague. He holds a MSc from Leiden Institute of Advanced Computer Science at Leiden University, and a BSc in Electrical Engineering from Eindhoven University of applied sciences.

He joined the Dutch Data Protection Authority (Dutch DPA) in April 2010 where he works as a technologist. Prior to joining the Dutch DPA, he conducted IT forensics and fraud investigations as a contractor. He represents the Dutch DPA in national and international meetings such as the Technology Subgroup of the Article 29 Data Protection Working Party, and the International Working Group on Data Protection in Telecommunications (IWGDPT). He represents the Article 29 Data Protection Working Party in the ongoing debate on Do Not Track in the W3C Tracking Protection Working Group.

He has been assessed by APMG International as approved PRINCE2© Trainer, and by the IPMA as Certified Project Manager. In November 2010 he was a visiting lecturer in agile project management at the Software School of Xiamen University, and contributed to the China Holland Educational Competence and Knowledge Center on IT (CHECK-IT).

His research interests include customer lifetime value, management of privacy risks, graph mining and network data analytics.

Paul Francis is a tenured faculty at the Max Planck Institute for Software Systems in Germany. Paul has held research positions at Cornell University, ACIRI, NTT Software Labs, Bellcore,and MITRE, and was Chief Scientist at two Silicon Valley startups. Paul’s research centers around routing and addressing problems in the Internet and P2P networks. Paul’s innovations include NAT, shared-tree multicast, the first P2P multicast system, the first DHT (as part of landmark routing), and Virtual Aggregation. Recently Paul has become interested in designing advertising systems that protect user privacy while allowing for effective targeting.

Dr. Gerald Friedland is a senior research scientist at the International Computer Science Institute, a private lab affiliated with the University of California, Berkeley, where he leads multimedia content analysis research, mostly focusing on acoustic techniques as an aid for video analysis. He is also focussing on the privacy aspects of multimedia retrieval. He is currently leading a group of 6 multimedia researchers supported by NSF, DARPA, IARPA, and industry grants. Gerald has published more than 100 peer-reviewed articles in conferences, journals, and books and is currently authoring a new textbook on multimedia computing together with Dr. Ramesh Jain. Gerald co-founded the IEEE International Conference on Semantic Computing and is a proud founder and program director of the IEEE International Summer School on Semantic Computing at UC Berkeley.  He is associate editor for ACM Transactions on Multimedia Computing, Communications, and Applications, is in the organization committee of ACM Multimedia 2011, 2012, and 2014. He is also serves as TPC Co-Chair of IEEE ICME 2012. He is the recipient of several research and industry recognitions, among them the European Academic Software Award and the Multimedia Entrepreneur Award by the German Federal Department of Economics. Most recently, he lead the team that won the ACM Multimedia Grand Challenge in 2009. Gerald received his doctorate (summa cum laude) and master’s degree in computer science from Freie Universitaet Berlin, Germany, in 2002 and 2006, respectively.

Dr. Nathan Good is Principal of Good Research. A fundamental goal of his work is researching usable networked systems and studying how to create devices and services to be simple and respectful of people’s privacy. He has worked at PARC, Yahoo and HP research labs. At Berkeley, he worked with TRUST and the Samuelson Law & Technology Clinic and was a member of the 2007 California Secretary of State Top-to-Bottom Review of Electronic Voting Systems. Nathan has published extensively on user experience studies, privacy, and security related topics. His research has been reported on in the New York Times, CNN and ABC, and he has testified on his research before the House, Senate and FTC. Nathan has a Phd in Information Science and a MS in Computer Science from the University of California at Berkeley

Chris Jay Hoofnagle (conference co-chair) is director of the Berkeley Center for Law & Technology’s information privacy programs and senior fellow to the Samuelson Law, Technology & Public Policy Clinic. He is an expert in information privacy law. He teaches computer crime law and a seminar on the Federal Trade Commission and online advertising. Hoofnagle has led research efforts to detect and quantify methods for user tracking online.  His work in the field has included: Can Advertisers Learn that No Means No?, Flash Cookies IFlash Cookies and Privacy II: Now with HTML5 and ETag Respawning, and Behavioral Adverstising: the offer you cannot refuse, 6 Harvard Law & Policy Review 701 (2012).

Subodh Iyengar: I am a Masters student in Computer Science at Stanford University. My research interests are in web security and privacy. Particularly, how we can construct technical mechanisms that can provide such guarantees on the web. A notable project that I have worked on which is directly related to privacy, is WebCrumbs, a visual analysis platform to discover privacy violating information flows (, both automatically, and semi-automatically.  I have also worked on several other implementations to enabling trackers to shift server side tracking to the client side in order to put more power into the user’s hands. In other work, I was responsible for discovering a critical security flaw in Yahoo Mail as well as a privacy flaw in Facebook, for which I was awarded the Facebook White hat Bounty. I will be graduating from the Masters program at Stanford in 2012.

Jaeyeon Jung researches security & privacy, systems, networking, and HCI. Since 2007, she has been leading the projects at Microsoft Research (currently) and Intel Labs (2007-2011) focused on improving the privacy of consumers through information flow transparency and user control. Jaeyeon received her Ph.D. in Computer Science from MIT in 2006, where she developed the threshold-random walk algorithm for detecting port scans and malware-infected systems. Following her PhD, she applied these algorithms at Mazu networks and observed their impact on customers’ systems. Jaeyeon holds a Bachelor’s and Master’s degrees from the Korea Advanced Institute of Science and Technology (KAIST). She is an affiliate faculty member at the University of Washington and KAIST.

Balachander Krishnamurthy is a member of technical staff at AT&T Labs–Research. His focus of research of is in the areas of Internet privacy, Online Social Networks, and Internet measurements. He has authored and edited ten books, published over 80 technical papers, holds thirty one patents, and has given invited talks in over thirty countries.

He co-founded the successful Internet Measurement Conference and the Workshop on Online Social Networks. He has been on the thesis committee of several PhD students, collaborated with over seventy five researchers worldwide, and given tutorials at several industrial sites and conferences.

His most recent book “Internet Measurements: Infrastructure, Traffic and Applications” (525pp, Wiley, with Mark Crovella), was published in July 2006 and is the first book focusing on Internet Measurement. His previous book ‘Web Protocols and Practice: HTTP/1.1, Networking Protocols, Caching, and Traffic Measurement’ (672 pp, Addison-Wesley, with Jennifer Rexford) is the first in-depth book on the technology underlying the World Wide Web, and has been translated into Portuguese, Japanese, Russian, and Chinese.

Bala is homepageless and not on any OSN but many of his papers can be found at

Ben Livshits is a researcher at Microsoft Research in Redmond, WA and an affiliate professor at the University of Washington. Originally from St. Petersburg, Russia, he received a bachelor’s degree in Computer Science and Math from Cornell University in 1999, and his M.S. and Ph.D. in Computer Science from Stanford University in 2002 and 2006, respectively. Dr. Livshits’ research interests include application of sophisticated static and dynamic analysis techniques to finding errors in programs.

Ben has published papers at PLDI, POPL, Oakland Security, Usenix Security, CCS, SOSP, ICSE, FSE, and many other venues. He is known for his work in software reliability and especially tools to improve software security, with a primary focus on approaches to finding buffer overruns in C programs and a variety of security vulnerabilities (cross-site scripting, SQL injections, etc.) in Web-based applications. He is the author of several dozen academic papers and patents. Lately he has been focusing on how end-user privacy can be improved by reexamining the role of the web browser. Ben generally does not speak of himself in the third person.

Tom Lowenthal works on the Privacy team at Mozilla, where he holds the illustrious title of Paranoia Advocate, and labors night and day to make sure that everything Mozilla builds respects user privacy and sovereignty not just before it gets out the door, but before it even gets into the hallway.

Like anyone who has spent years in the company of privacy and security researchers, Tom is incurably paranoid, pays only in cash, and tries to avoid making eye contact with security cameras, which is really more inconvenient than effective. A recent Princeton grad, Tom has written on technology policy for Ars Technica, helped with the Tor Project, and most recently worked as a Staff Technologist at the Federal Trade Commission.

Jonathan R. Mayer (conference co-chair) is a graduate student in Computer Science and Law at
Stanford University, where he is a Student Fellow at the Center for
Internet and Society. He received his undergraduate degree from
Princeton University in 2009 with a concentration in the Woodrow Wilson
School of Public and International Affairs. Jonathan’s area of study
encompasses the intersections of policy, law, and computer science, with
particular emphasis on computer security and national security. A proud
Chicago native, he is undaunted by freezing weather and enjoys celery
salt on a hot dog.

Aleecia M. McDonald is a privacy researcher and Resident Fellow
at the Stanford Center for Internet and Society, and works for Mozilla
as a Senior Privacy Researcher. Aleecia co-chairs the W3C Tracking
Protection Working Group, which defines the international standards for
Do Not Track and Tracking Selection Lists. Her research includes the
effects of browser settings on privacy, user expectations for Do Not
Track, behavioral economics and mental models of privacy, and the
efficacy of industry self regulation. In addition to a decade of
experience working for software startups, she holds a PhD in Engineering
& Public Policy from Carnegie Mellon where she studied online
privacy as a member of the Cylab Usable Privacy and Security (CUPS)
research laboratory.

Arvind Narayanan is a post-doctoral computer science researcher at Stanford and a junior affiliate scholar at the Stanford Law School Center for Internet and Society. He completed his Ph.D at UT Austin in 2009. He studies information privacy and security, and moonlights in policy.

Narayanan’s doctoral work exposed the problems with data anonymization. His paper on deanonymization of large datasets won the 2008 Privacy Enhancing Technologies award. Narayanan’s more recent work has focused on privacy-conscious system design in the areas of online behavioral advertising, including Do Not Track, and location privacy.

He can be found online at and blogs at 

Sören Preibusch is currently completing his Ph.D. at the University of Cambridge, Computer Laboratory. He previously worked at the German Institute for Economic Research as well as Humboldt-Universität zu Berlin and has been involved with privacy research for more than six years. Using field and lab-based experiments as well as observations in the wild, he studies consumers’ privacy preferences and how they manifest in data protection choices online. He also watches the supply for privacy in online industries and studies technical means to enforce privacy policies. Preibusch’s work blends technical and economic aspects with a focus on electronic market interactions and online social networking.

Mr. Preibusch has lead or accompanied the deployment of several public Web sites. He has contributed to privacy and social networking themes within the World Wide Web Consortium and for the European Network and Information Security Agency (ENISA). He holds a diploma in industrial engineering from Technical University Berlin (2008). Since 2003, Sören Preibusch has been a scholar of the German National Academic Foundation.

Anthony Prestia joined the NAI in February 2012 as Associate Counsel for Policy and Technology. He brings a wealth of experience in programming, business, and information privacy to this position. As Associate Counsel, Anthony assists in conducting the pre-certification review of new applicants, the annual compliance review of member companies, and also investigates consumer complaints and allegations of non-compliance with the NAI Code. With respect to NAI Code compliance, Anthony is spearheading efforts to enhance NAI’s technical monitoring program. He is also supporting the initiative to update the NAI Code to reflect changes in technologies, business models, regulatory requirements, and policy issues.

Prior to joining the NAI, Anthony worked on a number of legal and technology-related issues in the public and private sector. He served as an Attorney Advisor with the Social Security Administration where he performed appellate review of disability cases and helped develop an online tool for policy and compliance research. Prior to working at the Social Security Administration, Anthony worked as an attorney and web developer for two Internet startups. He leveraged his experience with PHP, Ruby on Rails, HTML5, CSS3, and JavaScript to develop interactive websites and applications, including data privacy and information security training materials for corporate clients.

Anthony graduated from The George Washington University Law School in 2009, where he served as the Executive Editor of the American Intellectual Property Law Association Quarterly Journal. He received his B.A. cum laude in Economics and Political Science from the University of Florida in 2006, where he was a member of the Omicron Delta Epsilon International Economics Honor Society.

Kim E. Richman is with the New York offices of Reese Richman LLP from
where he litigates consumer and securities fraud class actions. Mr.
Richman also specializes in civil rights litigation. Mr. Richman is an
accomplished trial attorney with experience both in federal and state

Mr. Richman draws his class action expertise from previously
working at both a small think tank in San Francisco and a large class
action firm. His experience includes litigating cases ranging from
protecting the privacy rights of consumers and fair use rights of the
public to corporate fraud and insider trading.

Kymberli Shoemaker is a technology compliance analyst for the Online Interest-Based Advertising Accountability Program of the Council of Better Business Bureaus/National Advertising Review Council.  The Accountability Program enforces the Digital Advertising Alliance’s Self-Regulatory Principles for Behavioral Advertising.  In this capacity, Kymberli monitors the compliance of companies covered by the Principles by employing Web measurement tools to identify and investigate instances on non-compliance by companies, prepares formal inquiries, and helps to formulate Accountability Program decisions. Kymberli received her BA in Political Science from Tufts University and is currently pursuing her Master’s of Information Management from the College of Information Studies at the University of Maryland, College Park.

Babak Siavoshy is a Teaching Fellow at the Samuelson Law, Technology
& Public Policy Clinic at the UC Berkeley School of Law (Boalt
Hall), where his interests center on the constitutional and legal
implications of emerging technologies. Prior to joining the Clinic,
Babak worked in the executive office of Attorney General Kamala D.
Harris, and helped develop the Department’s policies and priorities on a
variety of privacy and technology law issues.

Babak also served as an associate at the Washington D.C. office of
O’Melveny & Myers LLP, where he worked on Supreme Court, appellate
and trial matters. He co-wrote the respondent’s brief in United States v. Jones,
a Supreme Court case regarding the constitutionality of warrantless GPS
tracking of a vehicle. He also worked on amicus or merits briefing in a
number of other cases before the Court, including Snyder v. Phelps and Carachuri-Rosendo v. Holder.
Prior to joining O’Melveny, Babak was a Visiting Scholar at the
Georgetown Center on National Security and the Law. Babak’s research at
Georgetown focused on legal issues surrounding the use of biometric
identification technologies.

Babak served as a law clerk to the Honorable John T. Noonan, Jr., on
the United States Court of Appeals for the Ninth Circuit in San
Francisco. He graduated from Berkeley Law, where he worked on the
Berkeley Journal of International Law and the Berkeley Technology Law
Journal, and served as a Graduate Student Instructor in the Department
of Philosophy and the Department of Cognitive Science.   

Ashkan Soltani is an independent researcher and consultant specializing in consumer privacy and security on the Internet. He has more than 15 years of experience as a technology consultant and has published three major reports on the extent and means of online tracking: “KnowPrivacy: The Current State of Web Privacy, Data Collection, and Information Sharing”, “Flash Cookies and Privacy”, and “Flash Cookies and Privacy II”. His work highlights the prevalence and practice of tracking online, including the use of specific technologies designed to circumvent consumer privacy choices online. He has served as a staff technologist in the Division of Privacy and Identity Protection at the Federal Trade Commission and also worked as the primary technical consultant on the Wall Street Journal’s What They Know series investigating Internet privacy and online tracking.

Finally, he recently testified as an independent expert in front of the Senate Commerce Committee hearing on “The State of Online Consumer Privacy” and the Senate Judiciary Committee hearing on Protecting Mobile Privacy: Your Smartphones, Tablets, Cell Phones and Your Privacy”

Robin Sommer is a staff researcher at the International Computer
Science Institute, Berkeley, and he is also affiliated with the Lawrence
Berkeley National Laboratory where he works closely with the Lab’s
cyber-security team. Robin’s research focuses on network security and
privacy in operational settings. He is the PI of an NSF project on
understanding and managing the impact of global inference on online
privacy, and he is also is co-leading the development of the open-source
Bro network security monitor. Robin Sommer holds a doctoral degree from
TU Munich, Germany.

Luke Stark is a third-year doctoral candidate in the Department of Media, Culture, and Communication at New York University; his research focuses on the history and philosophy of digital media technology and its role in coding and regulating the affective and emotional lives of individual users and wider publics. A native of Toronto, Canada, Luke holds an Honours BA in History & English and an MA in History, both from the University of Toronto; he has been generously funded by the Canadian Millennium Scholarship Foundation, the Social Sciences and Humanities Research Council of Canada, and the Government of Ontario. Luke’s work further engages with the changing dynamics of privacy and security in digital network environments; he is a Student Fellow at the NYU School of Law’s Information Law Institute (ILI), a member of the ILI’s Privacy Research Group and a Principal with PRGLabs. Luke is Research Assistant to the National Science Foundation’s Values in Design in the Future Internet Architecture project, headed by Helen Nissenbaum, and is a member of the New York University Graduate Forum.

Andrew Sudbury has been involved in the security industry and the problems
of managing information security at scale. He combines security and
financial experience to apply risk modeling and analysis techniques to
information security topics. He has written and spoken as these topics,
most recently at RSA 2009 as part of the Center for Internet Security’s
Metrics Panel.
As an early employee at @stake, a premier information security
consultancy, Andrew assessed the security of network storage devices and
high-privacy filesystems, as well as started research into quantitative
security modeling. He has also performed financial analytics for
special projects, such as determining the option value and exercise
efficiency of rate locks in a mortgage origination pipeline at Everbank,
an innovative private bank.
Most recently, as VP of Security Metrics, he led the creation of
information security metrics and scorecards from concept through the
first million in sales at ClearPoint Metrics, a security metrics product
start-up. Other past experiences include custom system design for
corporate and DoD clients and founding the first cyber-cafe and
Linux-based public access terminal network in Boston (Cafe
Andrew received an MBA from MIT Sloan and a SB from MIT. As part of
the MIT community, Andrew has been a judge for the MITES business plan
contest for local high-school students and the Lemelson-MIT Student
Prize for innovation. He still can’t use any kind of Linux but
Slackware, and is a two-wheeled enthusiast.

Omer Tene is Managing Director of Tene & Associates and an Associate
Professor at the College of Management School of Law, Rishon Le Zion,
Israel. He is a Visiting Fellow at the Berkeley Center for Law and
Technology and the Berkeley Institute for Jewish Law, and Israeli Law,
Economy and Society; an Affiliate Scholar at the Stanford Center for
Internet and Society; and a Senior Fellow at the Future of Privacy
Forum. He serves as rapporteur to the OECD for its review of its 1980
Privacy Guidelines. 

Vincent Toubiana is a research engineer at Alcatel-Lucent Bell Labs France where he works on Privacy Preserving Data Analytics and DoNotTrack. He holds a PhD in Computer Networks from Telecom ParisTech. In 2009, he worked as a Postdoctoral Researcher at New York University (NYU) with Professor Helen Nissenbaum where his research focused on web search privacy and privacy preserving behavioral targeting. He illustrated his research results by developing several browser extensions.

Rigo Wenning studied law in Germany and France. After exams he served as a researcher at University of Saarland at the Centre Juridique Franco Allemand and at the Institute for Computing & Law. Last project there was to bring the German federal constitutional court online.

In 1999 he moved on to W3C for policy analysis with a focus on Privacy. First team contact for P3P 1.0, then editor of the P3P 1.1 Specification he gave many presentations world wide on Privacy and data protection. W3C’s participation in the PRIME and Primelife FP 7 research projects was coordinated by Rigo encompassing exploration of identity management and what it means for the Web. This also meant a sustained participation in the policy debate around privacy and identity around new initiatives like do-not-track.

Since 2006 Rigo is also W3C’s Legal Counsel and gives advice to the management on most legal aspects of the Consortium’s operations. This includes contractual relationships, licensing, consulting in legal matters, strategy planning and steering of litigation.

Working out of W3C’s European host ERCIM, Rigo also contributes to W3C’s governmental relations in Europe. He is a member of the Information and Communications Technologies Standards Board, a round table for major standardization organizations in Europe. He was also involved in the reform of the European Standardization landscape as a member of the ICT Standardisation Steering Group of the European Commission. A frequent invitee to the European Interoperability Framework debate he has recently contributed an invited talk to the Interoperability Strategy Architecture.

As W3C’s Privacy Activity, Rigo is also involved with W3C’s Do Not Track efforts.

David Wetherall is a Professor of Computer Science &
Engineering at the University of Washington. He led Intel’s former Seattle
research lab on computing systems woven into the fabric of everyday life from
2006 to 2009.  Wetherall received his
Ph.D. in computer science from MIT, and his B.E. in electrical engineering from
the University of Western Australia. His research interests are focused on
network systems, especially wireless networks and mobile computing, and
Internet measurement and protocol design. He is known for pioneering research
on programmable networks, Internet mapping, network de-duplication, and
denial-of-service. For this research, he has received the SIGCOMM Test-of-Time
award, IEEE Bennett Prize, Sloan Fellowship and NSF CAREER award. For community
leadership, he has founded the HotNets workshop, and chaired the SIGCOMM, NSDI,
and MobiSys conferences. Wetherall is a Fellow of the ACM and co-author of
“Computer Networks.”

Nicholas Weaver is a researcher at the International Computer Science Institute in Berkeley and a visiting researcher at the University of California, San Diego. His interests lie in security and measurement, including systems to protect privacy (the Priv3 web browser extension), Spam and Malcode, and active network measurement tools (Netalyzr).

Tara Whalen joined the Office of the Privacy Commissioner of Canada (OPC) in 2009, where she works as an IT Research Analyst. Prior to joining the OPC, she conducted post-doctoral research in computer security at Carleton University, where she is now an adjunct research professor. Tara has over 15 years of experience in the information security and privacy fields, including roles in research labs, academia, federal government institutions, and the private sector. As an IT Research Analyst, Tara investigates a wide variety of issues. Currently, her focus is on the technical aspects of privacy, including app privacy, confidentiality of wireless communications, online tracking, location privacy, lawful intercept (wiretapping), surveillance, social network privacy, and human factor issues.

Craig Wills is Professor of Computer Science at Worcester Polytechnic Institute. He does research on Internet application performance and measurement with more recent work examining issues related to Internet privacy. He has specifically examined the leakage of private information to third parties when users browse the Web, what is done with this information by third parties and what interested users can do to prevent it.

Yinglian Xie has been a researcher at
Microsoft Research Silicon Valley since August 2006. She received her
Ph.D. in Computer Science from CMU in 2005 and B.S. in Computer Science
from Peking University at China in 1999. Her general research interests
are in the area of Internet security, privacy, distributed systems, and
networking. The primary focus of her current work is on fighting
large-scale attacks to online services and supporting host
accountability in the Internet. She has been actively working with a
number of product groups in Microsoft, including Hotmail, Windows Live
Safety Platform, Ad-center, Bing search, and Forefront. Her work takes a
data-driven approach and explores network-host properties (e.g., the
use of proxy servers and dynamically assigned IP addresses),
service-level topologies (e.g., the topologies of malicious Web
infrastructure), and user social connectivity (e.g., various
user-interaction graphs). Such fine-grained information is correlated
with application-specific traces for attack defense and for improving
services. Her recent work in the privacy area focuses on quantifying the
amount of information reveal by common host identifiers for tracking
hosts, and understanding the corresponding privacy and security
implications. In her spare time, Yinglian enjoys reading, cooking, and
playing with her two children.

Notice – Latest updates on COVID-19 policies and resources for the UC Berkeley campus community. — View Details