Insights about the first five years of Right to Be Forgotten requests at Google
The “Right to be Forgotten” (RTBF) is a landmark European ruling that governs the delisting of personal information from search results. This ruling establishes a right to privacy, whereby individuals can request that search engines delist URLs across the Internet that contain “inaccurate, inadequate, irrelevant or excessive” information uncovered by ... Read More
Understanding the online safety and privacy challenges faced by South Asian women
For South Asian women, a major hurdle to their meaningful participation online is their ability to ensure their safety. This post illustrates this challenge by recounting the safety and privacy challenges faced by women across India, Pakistan, and Bangladesh, who talked to us about their online experiences. Overall, we find ... Read More
Password checkup: from 0 to 650, 000 users in 20 days
On February 5th, for Safer Internet Day, our team launched its first public-facing system, called Password Checkup . Password checkup allows users to check, in a privacy-preserving manner, whether their username and password matches one of the more than 4B+ credentials exposed by third-party data breaches of which Google is ... Read More
Account security – a divided user perception
This post considers the perception clash that exists between what users perceive to be their most valuable accounts (email and social networks) and those they think they should protect the most (online banking). This perception disconnect is potentially harmful, as it may lead users to invest their limited willingness to ... Read More
Rethinking the detection of child sexual abuse imagery on the internet
A critical part of child sexual abuse criminal world is the creation and distribution of child sexual abuse imagery (CSAI) on the Internet. To combat this crime efficiently and illuminate current defense short-coming, it is vital to understand how CSAI content is disseminated on the Internet. Despite the importance of ... Read More
The bleak picture of two-factor authentication adoption in the wild
This post looks at two-factor authentication adoption in the wild, highlights the disparity of support between the various categories of websites, and illuminates how fragmented the two factor ecosystem is in terms of standard adoption. Performing a longitudinal analysis highlights that the adoption rate of 2FA (two-factor authentication) has been ... Read More
Quantifying the impact of the Twitter fake accounts purge – a technical analysis
This post provides an overview of the impact of the Twitter 2018 accounts purge through the lens of its impact on 16k of Twitter’s most popular accounts. Overall, we found that on average, popular accounts lost 2.8 percent of their followers bases due to the purge. In terms of raw ... Read More
Attacks against machine learning — an overview
This blog post survey the attacks techniques that target AI (artificial intelligence) systems and how to protect against them. At a high level, attacks against classifiers can be broken down into three types: Adversarial inputs , which are specially crafted inputs that have been developed with the aim of being ... Read More
How to handle mistakes while using AI to block attacks
This post looks at the main difficulties faced while using a classifier to block attacks: handling mistakes and uncertainty such that the overall system remains secure and usable. At a high level, the main difficulty faced when using a classifier to block attacks is how to handle mistakes. The need ... Read More
Challenges faced while training an AI to combat abuse
This post looks at the main challenges that arise when training a classifier to combat fraud and abuse. At a high level, what makes training a classifier to detect fraud and abuse unique is that it deals with data generated by an adversary that actively attempts to evade detection. Sucessfully ... Read More