Practical Privacy Compliance via New Systems and Abstractions - Kinan Dak Albab
- Starts: 3:30 pm on Thursday, January 23, 2025
- Ends: 4:30 pm on Thursday, January 23, 2025
Title: Practical Privacy Compliance via New Systems and Abstractions; Abstract: Data privacy has become a focal point for public discourse. In response, Data protection and privacy regulations have been enacted globally, including the GDPR and CCPA, and companies make various promises to end-users in their privacy policies. However, high-profile privacy violations remain commonplace, in part because complying with privacy regulations and policies is challenging for applications and developers.
This talk demonstrates Kinan and researchers can help developers achieve privacy compliance by designing new privacy-conscious systems and abstractions. This talk focuses on his work on Sesame (SOSP24), my system for end-to-end compliance with privacy policies in web applications. To provide practical guarantees, Sesame combines new static analysis for data leakage with advances in memory-safe languages and lightweight sandboxing, as well as standard industry practices like code review. Kinan's work in this area also includes K9db (OSDI23), a privacy-compliant database that supports compliance by construction with GDPR-style subject access requests. By creating privacy abstractions at the systems level, we can offer applications privacy guarantees by design, to simplify compliance and improve end-user privacy.
Bio: Kinan is interested in building real systems and practical tools to improve privacy in the real world using techniques from computer systems, cryptography, and programming languages. His software has been used in the real world to perform privacy-preserving analytics for the social good, and validate the next generation of SDN network switches at Google. Website: https://www.babman.io/.
- Location:
- CDS 1646