Obfuscation
Obfuscation
A Users Guide for Privacy and Protest
Finn Brunton and Helen Nissenbaum
The MIT Press
Cambridge, Massachusetts
London, England
2015 Finn Brunton and Helen Nissenbaum
All rights reserved. No part of this book may be reproduced in any form by any electronic or mechanical means (including photocopying, recording, or information storage and retrieval) without permission in writing from the publisher.
Library of Congress Cataloging-in-Publication Data are available.
Includes bibliographical references and index.
ISBN 978-0-262-02973-5 (hardcover : alk. paper)
ISBN 978-0-262-33132-6 (retail e-book)
Acknowledgments
This book began with technologythe TrackMeNot projectand we owe our deepest thanks to Daniel Howe, who got it on its feet, and Vincent Toubiana, who joined the effort, expanded its scope, and continues tirelessly to support it and its adopters. Feedback and comments from the community of users and from the privacy community at large, and a joint technical paper with Lakshminarayanan Subramanian (Vincent Toubiana, Lakshminarayanan Subramanian, and Helen Nissenbaum, TrackMeNot: Enhancing the Privacy of Web Search) have opened our eyes to its potential and limitations. More recently, creating and launching a second system, AdNauseam, with Daniel Howe, in collaboration with the designer Mushon Zer-Aviv, further expanded our perspective on obfuscation and on the need for a deeper, systematic appreciation of what it offers as a method and a strategy.
As we began to work on a general understanding of obfuscation, we were able to explore many of the concepts in a paper published in First Monday and a chapter in Privacy, Due Process and the Computational Turn, which benefited enormously from review and editorial feedback in those venues.
Obfuscation became a book with the encouragement and thorough advice of the reviewers and of Marguerite Avery, Gita Manaktala, Susan Buckley, Katie Helke, and Paul Bethge at the MIT Press. Our thanks to all of them. Emily Goldsher-Diamond did meticulous work as a research assistant, as well as organizing many other aspects of this project. Work on this book through all its drafts was supported by grants from the National Science Foundation (ITR- 0331542: Sensitive Information in a Wired World), from EAGER (CNS-1355398: Values in Design for Future Internet ArchitectureNext Phase), from the Air Force Office of Scientific Research (MURI-ONR BAA 07-036: Collaborative Policies and Assured Information Sharing), and from the Intel Science and Technology Center for Social Computing. Support from these grants provided time, technology, and a collegial context for pursuing this project and bringing it to fruition.
Two major events helped shape and refine our thinking about obfuscation. One was the Symposium on Obfuscation (February 15, 2014), jointly organized by New York Universitys Department of Media, Culture, and Communication and the Information Law Institute and co-sponsored by the Intel Science and Technology Center for Social Computing. For making this event possible, we would like to thank Nicole Arzt, Emily Goldsher-Diamond, Dove Helena Pedlosky, Melissa Lucas-Ludwig, Erica Robles-Anderson, and Jamie Schulerand, above all, Seda Grses, who organized, structured, and shaped so much of the day. Every single speaker had a direct effect on our manuscript. The other event was the ongoing conversation of the Privacy Research Group at NYU, at whose weekly seminars we presented several stages of this material. The book would not have this final form without the PRG discussions; our fond thanks to everyone involved.
Other opportunities to present and test aspects of this work have been enormously productive, and our ideas have been greatly improved by the responses of supporters, critics, believers, and skeptics. These opportunities have included a joint MIT Center for Civic Media and Comparative Media Studies Colloquium; The New School for Social Research 2014 Graduate Conference; New Media Salon, Tel Aviv; Communications and Journalism Departmental Seminar, Hebrew University of Jerusalem; IBM R&D Labs, Haifa; Eyebeam Art + Technology Center; HotPETS 2013; Computers, Privacy and Data Protection, Brussels; and the Surveillance Studies Conference, Queens University.
We are deeply grateful for friends and colleagues with whom we could discuss obfuscation as it developed, and who offered feedback, criticism, encouragement, and ideas. In particular we would like to thank Julia Angwin, Solon Barocas, danah boyd, Claudia Diaz, Cynthia Dwork, Cathy Dwyer, Tarleton Gillespie, Mireille Hildebrandt, Ari Juels, Nick Montfort, Deirdre Mulligan, Arvind Narayanan, Martijn van Otterloo, Ira Rubinstein, Ian Spiro, Luke Stark, Katherine Strandburg, Matthew Tierney, Joe Turow, Janet Vertesi, Tal Zarsky, Malte Ziewitz, and Ethan Zuckerman.
Finally, this book would not have been possible without the support of our professional home base, the Department of Media, Culture, and Communication at New York University. Thanks to you all!
Introduction
We mean to start a revolution with this book. But not a big revolutionat least, not at first. Our revolution does not rely on sweeping reforms, on a comprehensive Year Zero reinvention of society, or on the seamless and perfectly uniform adoption of a new technology. It is built on preexisting components what a philosopher would call tools ready-to-hand, what an engineer would call commodity hardwarethat are available in everyday life, in movies, in software, in murder mysteries, and even in the animal kingdom. Although its lexicon of methods can be, and has been, taken up by tyrants, authoritarians, and secret police, our revolution is especially suited for use by the small players, the humble, the stuck, those not in a position to decline or opt out or exert control over our data emanations. The focus of our limited revolution is on mitigating and defeating present-day digital surveillance. We will add concepts and techniques to the existing and expanding toolkit for evasion, noncompliance, outright refusal, deliberate sabotage, and use according to our terms of service. Depending on the adversary, the goals, and the resources, we provide methods for disappearance, for time-wasting and analysis- frustrating, for prankish disobedience, for collective protest, for acts of individual redress both great and small. We draw an outline around a whole domain of both established and emerging instances that share a common approach we can generalize and build into policies, software, and action. This outline is the banner under which our big little revolution rides, and the space it defines is called obfuscation.
In a sentence: Obfuscation is the deliberate addition of ambiguous, confusing, or misleading information to interfere with surveillance and data collection. Its a simple thing with many different, complex applications and uses. If you are a software developer or designer, obfuscation you build into your software can keep user data safeeven from yourself, or from whoever acquires your startupwhile you provide social networking, geolocation, or other services requiring collection and use of personal information. Obfuscation also offers ways for government agencies to accomplish many of the goals of data collection while minimizing the potential misuses. And if you are a person or a group wanting to live in the modern world without being a subject of pervasive digital surveillance (and an object of subsequent analysis), obfuscation is a lexicon of ways to put some sand in the gears, to buy time, and to hide in the crowd of signals. This book provides a starting point.
Our project has tracked interesting similarities across very different domains in which those who are obliged to be visible, readable, or audible have responded by burying salient signals in clouds and layers of misleading signals. Fascinated by the diverse contexts in which actors reach for a strategy of obfuscation, we have presented, in chapters 1 and 2, dozens of detailed instances that share this general, common thread. Those two chapters, which make up part I of the book, provide a guide to the diverse forms and formats that obfuscation has taken and demonstrate how these instances are crafted and implemented to suit their respective goals and adversaries. Whether on a social network, at a poker table, or in the skies during the Second World War, and whether confronting an adversary in the form of a facial-recognition system, the Apartheid government of 1980s South Africa, or an opponent across the table, properly deployed obfuscation can aid in the protection of privacy and in the defeat of data collection, observation, and analysis. The sheer range of situations and uses discussed in chapters 1 and 2 is an inspiration and a spur: What kind of work can obfuscation do for you?
Next page