CS5436/INFO5303: Privacy in the Digital Age

Cornell Tech, Spring 2018

Credits: 3.0 | Letter Grade Only

Professors: Helen Nissenbaum | Vitaly Schmatikov

TA: Nirvan Tyagi

About the Course

This course surveys the current state of digital privacy from multiple perspectives, including technology, law, policy, and ethics. Cases to be studied are online tracking, surveillance and Internet censorship, big data, privacy engineering, Internet of Things, and location privacy. Each module will include a session devoted to relevant technologies in addition to a session devoted to ethical, social, and policy analysis.

Textbook: Privacy in Context by Nissenbaum

Schedule and Readings

Jan 24

Course Overview

Jan 29

Concepts of Privacy

Jan 31

Fundamentals of the Web

Feb 5

Web Tracking

  • Reading: "What They Know: The Business of Tracking You on the Internet." A Wall Street Journal Investigation
  • Reading: "Hoofnagle et al. "Behavioral Advertising: The Offer You Cannot Refuse"
  • Reading: "Mayer and Mitchell. "Third-Party Web Tracking: Policy and Technology"
  • Reading: " Narayanan and Reisman. "The Princeton Web Transparency and Accountability Project"

Feb 7

Contextual Integrity

  • Reading: "Privacy in Context" — chapter 7
  • Reading: ""A Contextual Approach to Privacy Online"

Feb 12

Contextual Integrity (Continued)

Feb 14

Mobile and Cross-device Tracking

  • Reading: "Brookman et al. "Cross-Device Tracking: Measurement and Disclosures"

Feb 21

Privacy Engineering

  • Reading: Gürses and del Alamo. "Privacy Engineering: Shaping an Emerging Field of Research and Practice"
  • Reading: Gürses et al. "Engineering Privacy by Design Reloaded"

Feb 26

Beauty and the Burst (Guest: Roei Schuster)

Feb 28

Contextual Integrity (Continued)

Feb 26

Contextual Integrity Exercise

Mar 7

Anonymization and re-identification

  • Reading: Narayanan and Shmatikov. "Myths and Fallacies of 'Personally Identifiable Information' "

Mar 12

Technical Definitions of Privacy

Mar 14

Differential Privacy

  • Reading: Nissim et al. "Differential Privacy: A Primer for a Non-technical Audience"

Mar 19

U.S. Legal Landscape

  • Reading: Bill of Rights
  • Reading: Solove. "A Brief History of Information Privacy Law"

Mar 26

Obfuscation

  • Reading: Howe and Nissenbaum. "TrackMeNot: Resisting Surveillance in Web Search"
  • Reading: Howe and Nissenbaum. "Engineering Privacy and Protest: a Case Study of AdNauseam"

Mar 28

The Fourth Amendment (Guest: Andrew Sebst)

  • Reading: Grimmelmann. "Internet Law: Cases and Problems" (pp. 215-230) (skip the "Note on Warrant Justification")
  • Supplemental: Grimmelmann, pp. 231-242
  • Supplemental: Smith v Maryland
  • Supplemental: US v Carpenter
  • Supplemental: Strandburg. "Home, Home on the Web and Other Fourth Amendment Implications of Technosocial Change"
    • Note: This article was published in 2011, and US v maynard referenced in it became US v Jones in the Supreme Court
  • Supplemental: Selbst. "Contextual Expectations of Privacy"

Apr 9

Researching and Privacy Attitudes (Guest: Kirsten Martin)

  • Reading: Martin. "Privacy Notices as Tabula Rasa"

Apr 11

Network Security

Apr 16

SSL/TLS

Apr 18

Tor and Anonymity Networks

Apr 23

Privacy Policies

  • Reading: Reidenberg et al. "Ambiguity in Privacy Policies and the Impact of Regulation"
  • Reading: Cranor et al. "Are They Worth Reading? An In-Depth Analysis of Online Trackers' Privacy Policies"

Apr 25

Privacy Policies (Continued)

  • Reading: GDPR summary
  • Reading: "Consumer Data Privacy in a Networked World," White House report - Executive Summary and Appendices A and B
  • Reading: "Records, Computers and the Rights of Citizens," U.S. Department of Health, Education & Welfare report - pages xix - xxiii

Apr 30

Machine Learning Meets Privacy

May 2

Genetic Privacy

  • Reading: Erlich and Narayanan. "Routes For Breaching and Protecting Genetic Privacy"

May 9

Ten things you should take away from this class