The researchers also developed a way for third parties to extend RePriv’s capabilities. They built a demonstration browser extension that tracks a user’s interactions with Netflix to collect more detailed data about that person’s movie preferences. The extension could be used by a site such as Fandango to personalize the movie information it presents—again, with user permission.
“There is a clear tension between privacy and personalized technologies, including recommendations and targeted ads,” says Elie Bursztein, a researcher at the Stanford Security Laboratory, who is developing an extension for the Chrome Web browser that enables more private browsing. “Putting the user in control by moving personalization into the browser offers a new way forward,” he says.
“In the medium term, RePriv could provide an attractive interface for service providers that will dissuade them from taking more abusive approaches to customization,” says Ari Juels, chief scientist and director of RSA Laboratories, a corporate research center.
Juels says RePriv is generally well engineered and well thought out, but he worries that the tool goes against “the general migration of data and functionality to the cloud.” Many services, such as Facebook, now store information in the cloud, and RePriv wouldn’t be able to get at data there—an omission that could hobble the system, he points out.
Juels is also concerned that most people would be permissive about the information they allow RePriv to release, and he believes many sites would exploit this. And he points out that websites with a substantial competitive advantage in the huge consumer-preference databases they maintain would likely resist such technology. “RePriv levels the playing field,” he says. “This may be good for privacy, but it will leave service providers hungry.” Therefore, he thinks, big players will be reluctant to cooperate with a system like this.
Livshits argues that some companies could use these characteristics of RePriv to their advantage. He says the system could appeal to new services, which struggle to give users a personalized experience the first time they visit a site. And larger sites might welcome the opportunity to get user data from across a person’s browsing experience, rather than only from when the user visits their site. Livshits believes they might be willing to use the system and protect user privacy in exchange.