Ashkan Soltani | |
|---|---|
 | |
| Alma mater | University of California, San Diego (B.A.) University of California, Berkeley (M.A.) |
| Occupation | Chief Technologist, Federal Trade Commission; Privacy and security researcher |
| Website | ashkansoltani |
Ashkan Soltani is the executive director of the California Privacy Protection Agency. [1] [2] He has previously been the Chief Technologist of the Federal Trade Commission and an independent privacy and security researcher based in Washington, DC. [3]
Soltani attended the University of California, San Diego, where he received a bachelor's degree in cognitive science. [4] Soltani would later receive a master's degree from the University of California, Berkeley School of Information. [5]
Between 2010 and 2011, Soltani worked for the US Federal Trade Commission as a staff technologist in the Division of Privacy and Identity Protection, where he assisted with the investigations of Google and Facebook. Soltani previously worked as the primary technical consultant to The Wall Street Journal's "What They Know" series investigating online privacy.
In 2011, he testified at two different hearings held by US Senate committees focused on privacy related matters. Julia Angwin, in her 2014 book Dragnet Nation, describes Soltani as 'the leading technical expert on ad tracking technology'. [6] He was part of the team at The Washington Post that shared the 2014 Pulitzer Prize for Public Service with The Guardian US and earned the 2014 Gerald Loeb Award for Large Newspapers [7] for their coverage of the disclosures about surveillance done by the US National Security Agency. [8] [9] [10] [11]
In 2021, Soltani became the executive director of the California Privacy Protection Agency. [1]
Soltani's first high-profile research project was a 2009 study, supported by the National Science Foundation's Team for Research in Ubiquitous Secure Computing, documenting the use of zombie Flash cookies by several online advertising networks. [12] Soltani and his colleagues at Berkeley revealed that websites were recreating tracking cookies after consumers deleted them by storing the unique tracking identifiers in Flash cookies, which were not automatically deleted when consumers cleared their browser cookies. [13]
After the publication of Soltani's research, class action law firms filed suit against several advertising networks and websites. Quantcast, Clearspring and VideoEgg collectively agreed to pay a total of $3.4 million to settle the lawsuits. [14]
In 2011, Soltani and Berkeley law professor Chris Hoofnagle published a follow-up study, documenting the use of web browser cache ETags to store persistent identifiers. [15] As with the case of Flash cookies, the identifiers stored in the ETags persisted even after consumers deleted their browser cookies. [16] The ETag tracking issue caught the attention of several members of Congress, who wrote to the Federal Trade Commission in September 2011 and urged the agency to investigate the use of advanced tracking technologies as a potentially unfair or deceptive business practice. [17]
Several companies performing ETag based tracking that were identified by the research team were subsequently sued by class action lawyers. In January 2013, KISSmetrics, an online advertising network, settled its ETag related lawsuit for $500,000. [18]
Electronic Privacy Information Center (EPIC) is an independent nonprofit research center in Washington, D.C. EPIC's mission is to focus public attention on emerging privacy and related human rights issues. EPIC works to protect privacy, freedom of expression, and democratic values, and to promote the Public Voice in decisions concerning the future of the Internet.
MUSCULAR (DS-200B), located in the United Kingdom, is the name of a surveillance program jointly operated by Britain's Government Communications Headquarters (GCHQ) and the U.S. National Security Agency (NSA) that was revealed by documents released by Edward Snowden and interviews with knowledgeable officials. GCHQ is the primary operator of the program. GCHQ and the NSA have secretly broken into the main communications links that connect the data centers of Yahoo! and Google. Substantive information about the program was made public at the end of October 2013.
Internet privacy involves the right or mandate of personal privacy concerning the storing, repurposing, provision to third parties, and displaying of information pertaining to oneself via Internet. Internet privacy is a subset of data privacy. Privacy concerns have been articulated from the beginnings of large-scale computer sharing.
HTTP cookies are small blocks of data created by a web server while a user is browsing a website and placed on the user's computer or other device by the user's web browser. Cookies are placed on the device used to access a website, and more than one cookie may be placed on a user's device during a session.
The ETag or entity tag is part of HTTP, the protocol for the World Wide Web. It is one of several mechanisms that HTTP provides for Web cache validation, which allows a client to make conditional requests. This mechanism allows caches to be more efficient and saves bandwidth, as a Web server does not need to send a full response if the content has not changed. ETags can also be used for optimistic concurrency control to help prevent simultaneous updates of a resource from overwriting each other.
Barton David Gellman is an American author known for his reports on September 11 attacks, on Dick Cheney's vice presidency and on the global surveillance disclosure. Beginning in June 2013, he authored The Washington Post's coverage of the U.S. National Security Agency, based on top secret documents provided to him by ex-NSA contractor Edward Snowden. He published a book for Penguin Press on the rise of the surveillance-industrial state in May 2020.
Samy Kamkar is an American privacy and security researcher, computer hacker and entrepreneur. At the age of 16, he dropped out of high school. One year later, he co-founded Fonality, a unified communications company based on open-source software, which raised over $46 million in private funding. In 2005, he created and released the fastest spreading virus of all time, the MySpace worm Samy, and was subsequently raided by the United States Secret Service under the Patriot Act. He also created SkyJack, a custom drone which hacks into any nearby Parrot drones allowing them to be controlled by its operator and created the Evercookie, which appeared in a top-secret NSA document revealed by Edward Snowden and on the front page of The New York Times. He has also worked with The Wall Street Journal, and discovered the illicit mobile phone tracking where the Apple iPhone, Google Android and Microsoft Windows Phone mobile devices transmit GPS and Wi-Fi information to their parent companies. His mobile research led to a series of class-action lawsuits against the companies and a privacy hearing on Capitol Hill. Kamkar has a chapter giving advice in Tim Ferriss' book Tools of Titans.
Evercookie is a JavaScript application programming interface (API) that identifies and reproduces intentionally deleted cookies on the clients' browser storage. It was created by Samy Kamkar in 2010 to demonstrate the possible infiltration from the websites that use respawning. Websites that have adopted this mechanism can identify users even if they attempt to delete the previously stored cookies.
A zombie cookie is data and code that has been placed by a web server, when a visitor visits the website, on the visitor's computer or other device in a hidden location outside the visitor's web browser's dedicated cookie storage location, and that automatically recreates an HTTP cookie as a regular cookie after the original cookie had been deleted. This data and code may be stored online or directly on the visitor's device, in a breach of browser security. This mechanism makes zombie cookies very difficult to remove. Since they do not entirely rely on normal cookie protocols, the visitor's web browser may continue to recreate deleted cookies even though the user has opted not to receive cookies.
Do Not Track (DNT) is a no longer official HTTP header field, designed to allow internet users to opt-out of tracking by websites—which includes the collection of data regarding a user's activity across multiple distinct contexts, and the retention, use, or sharing of data derived from that activity outside the context in which it occurred.
Browser security is the application of Internet security to web browsers in order to protect networked data and computer systems from breaches of privacy or malware. Security exploits of browsers often use JavaScript, sometimes with cross-site scripting (XSS) with a secondary payload using Adobe Flash. Security exploits can also take advantage of vulnerabilities that are commonly exploited in all browsers.
Chris Jay Hoofnagle is an American professor at the University of California, Berkeley who teaches information privacy law, computer crime law, regulation of online privacy, internet law, and seminars on new technology. Hoofnagle has contributed to the privacy literature by writing privacy law legal reviews and conducting research on the privacy preferences of Americans. Notably, his research demonstrates that most Americans prefer not to be targeted online for advertising and despite claims to the contrary, young people care about privacy and take actions to protect it. Hoofnagle has written scholarly articles regarding identity theft, consumer privacy, U.S. and European privacy laws, and privacy policy suggestions.
Edward Joseph Snowden is an American former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and subcontractor. His disclosures revealed numerous global surveillance programs, many run by the NSA and the Five Eyes Intelligence Alliance with the cooperation of telecommunication companies and European governments, and prompted a cultural discussion about national security and individual privacy.
Ongoing news reports in the international media have revealed operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly emanate from a cache of top secret documents leaked by ex-NSA contractor Edward Snowden, which he obtained whilst working for Booz Allen Hamilton, one of the largest contractors for defense and intelligence in the United States. In addition to a trove of U.S. federal documents, Snowden's cache reportedly contains thousands of Australian, British, Canadian and New Zealand intelligence files that he had accessed via the exclusive "Five Eyes" network. In June 2013, the first of Snowden's documents were published simultaneously by The Washington Post and The Guardian, attracting considerable public attention. The disclosure continued throughout 2013, and a small portion of the estimated full cache of documents was later published by other media outlets worldwide, most notably The New York Times, the Canadian Broadcasting Corporation, the Australian Broadcasting Corporation, Der Spiegel (Germany), O Globo (Brazil), Le Monde (France), L'espresso (Italy), NRC Handelsblad, Dagbladet (Norway), El País (Spain), and Sveriges Television (Sweden).
This is a category of disclosures related to global surveillance.
Global mass surveillance can be defined as the mass surveillance of entire populations across national borders.
The Fourth Amendment Protection Acts, are a collection of state legislation aimed at withdrawing state support for bulk data (metadata) collection and ban the use of warrant-less data in state courts. They are proposed nullification laws that, if enacted as law, would prohibit the state governments from co-operating with the National Security Agency, whose mass surveillance efforts are seen as unconstitutional by the proposals' proponents. Specific examples include the Kansas Fourth Amendment Preservation and Protection Act and the Arizona Fourth Amendment Protection Act. The original proposals were made in 2013 and 2014 by legislators in the American states of Utah, Washington, Arizona, Kansas, Missouri, Oklahoma and California. Some of the bills would require a warrant before information could be released, whereas others would forbid state universities from doing NSA research or hosting NSA recruiters, or prevent the provision of services such as water to NSA facilities.
This timeline of global surveillance disclosures from 2013 to the present day is a chronological list of the global surveillance disclosures that began in 2013. The disclosures have been largely instigated by revelations from the former American National Security Agency contractor Edward Snowden.
Jonathan Mayer is an American computer scientist and lawyer. He is an Assistant Professor of Computer Science and Public Affairs at Princeton University affiliated with the Center for Information Technology Policy, and was previously a PhD student in computer science at Stanford University and a fellow at the Center for Internet and Society and the Center for International Security and Cooperation. During his graduate studies he was a consultant at the California Department of Justice.
Google's changes to its privacy policy on March 16, 2012 enabled the company to share data across a wide variety of services. These embedded services include millions of third-party websites that use AdSense and Analytics. The policy was widely criticized for creating an environment that discourages Internet-innovation by making Internet users more fearful and wary of what they put online.