To create conditions favorable to privacy that last, hackers need to go on the offensive. The march of innovation in attacking privacy protections is ongoing, advanced by very well-resourced actors; to respond to new privacy attacks with new defenses is to perpetuate an arms race that disfavors privacy in the long term. Users - hackers, in particular - should instead adopt a strategic approach that responds to privacy attacks with tools for imposing costs on the attacker.
This talk surveys existing, working privacy technologies that fit the strategic outlook for undermining the arms race for privacy, and discusses their use. Technologies will include tools for traitor-tracing, bot-based web measurement, denial of service, and obfuscation of email and click behavior, as well as approaches to manual reporting, black-box experimentation for third-party auditing of privacy practices, and more.
Two central problems for strategic privacy technology are singled out for evaluation (and discussion): avoiding retribution from the service provider, and imposing proportional costs. The talk will end with thoughts on handling these problems, and with a few suggestions for the hacker community on how to take up the strategic perspective for maximum effect.