Workshop on Innovation in Metadata Privacy: Analysis and Construction Techniques (IMPACT) 2025 Program

Search engines and recommendation systems are central to how we interact in the Internet, but they pose significant privacy risks. Even when they are assumed secure, information (such as search queries, click behavior, and recommendation interactions) can be used to track, profile, and infer sensitive information. Private Information Retrieval (PIR) offers a promising solution, enabling users to query and retrieve information without revealing their interests.

This talk will explore the foundations of PIR, its recent advancements, and its practical applications in search engines and recommendation systems. We will discuss how PIR can be integrated into large-scale systems while balancing efficiency and usability. We will also outline key challenges (such as deployment barriers, economic feasibility, and open research problems) that need to be addressed for PIR to become a widely adopted privacy-enhancing technology.

Speaker's Biography: Sofía Celi is a Senior Cryptography Researcher at Brave, specializing in privacy-enhancing technologies, post-quantum cryptography, and secure communication systems. She is a member of the Advisory Council at the Open Technology Fund (OTF) and holds leadership roles within the IETF, IRTF, and W3C. Sofía has also provided expert consultations for the United Nations and human rights organizations, focusing on the intersection of emerging technologies and digital rights.

As a co-founder of Criptolatinos and Women in Cryptography, Sofía is committed to fostering diversity in cryptography and security. She is actively engaged in the academic community, serving as a member of the Latincrypt Steering Committee, Publicity Co-Chair of the PETS Symposium, IACR ePrint Co-Editor, and IEEE Security & Privacy Ethics Co-Chair.
Sofía has received the Distinguished Paper Award at IEEE S&P, was a runner-up for the Best Paper Award at ESORICS and for the Pwnie Award.

Sofía lives with her amazing partner, Jurre van Bergen, and has two beloved dogs.

Internet of Things (IoT) devices have been expanding rapidly and significantly improved the automation and convenience in modern smart homes. Such functionalities are supported by large amount of data collection, analysis and sharing, which may bring privacy threat to the smart home users. It is crucial to identify unauthorized traffic volume data generated by IoT device, to help user better understand the privacy threat to their IoT environment. This paper presents a cost-effective approach to monitoring data-sharing activities of household IoT devices using the Cisco OpenDNS platform. We have analyzed the Internet traffic data generated from four popular devices to identify unauthorized third-party data sharing. We have discovered that such data sharing exists in multiple types of IoT devices installed in the smart home, the Smart TVs are sharing user-specific viewing data with third parties without user’s consent, iPhone exhibits involuntary synchronization, and the IoT Plugs also show no unauthorized connection behavior. This user-specific, deployable pipeline contrasts with prior testbeddependent studies and highlights the need for transparent data governance.

Wireless devices, especially Bluetooth and Wi-Fi devices, emit radio communication both to scan for neighboring devices and to advertise themselves. For example, a mobile phone would typically be searching for Wi-Fi access points and Bluetooth devices, e.g., headsets, and advertise itself for connections. For this purpose, communication interfaces use a Medium Access Control (MAC) address which is a unique identifier to differentiate one device from another. However, the use of such unique identifiers can violate the privacy of the device and hence of the user; an attacker is able to use such unique identifiers in order to passively track a device. MAC address randomization – techniques that periodically change the MAC addresses of a device – were developed as a privacy-enhancing measure against such attacks. However research shows that this can be easily circumvented. In this paper, we survey approaches and techniques for metadata anonymization in Bluetooth and Wi-Fi, as well as the de-anonymization attacks. Many of these attacks rely on physical characteristics of the communication medium and on implementation flaws of both wireless protocols and MAC address randomization protocols. We conclude by discussing open challenges both in metadata protection and deanonymization.

With the ascendance of artificial intelligence (AI), one of the largest problems facing privacy-enhancing technologies (PETs) is how they can successfully counter-act the large-scale surveillance that is required for the collection of data–and metadata–necessary for the training of AI models. While there has been a flurry of research into the foundations of AI, the field of privacy-enhancing technologies still appears to be a grabbag of techniques without an overarching theoretical foundation. However, we will point to the potential unification of AI and PETS via the concepts of signal and noise, as formalized by informationtheoretic metrics like entropy. We overview the concept of entropy (“noise”) and its applications in both AI and PETs. For example, mixnets can be thought of as noise-generating networks, and so the inverse of neural networks. Then we defend the use of entropy as a metric to compare both different PETs, as well as both PETs and AI systems.

The principle of privacy-by-design more often than not requires the implementation of privacy-enhancing technologies (PETs). In turn, the implementation of PETs requires indepth knowledge of cryptography engineering, which hinders a.o. rapid prototyping, modularity, and readability. This article proposes research on loose coupling of cryptographic primitives to business logic. As a running example, we look at the permission management of Signal’s private groups, and propose an alternative design, keeping in mind extensibility, modularity, and improved transparency and auditability.

We design a privacy-preserving data proxy mechanism within the FIWARE Data Space framework, utilizing searchable encryption to ensure metadata confidentiality. The system is engineered to enable secure and efficient data querying, hiding the queries from the proxy and other data in the proxy from the querying agent. Recognizing the necessity of regulatory compliance, this paper integrates GDPR compliance modules into the FIWARE Data Space architecture, addressing data collection, storage, sharing, and erasure processes to enhance global applicability and regulatory adherence. In essence, we preserve metadata privacy. Experimental evaluations demonstrate the feasibility of the proposed query privacy mechanisms, focusing on metadata confidentiality and system scalability in data-intensive environments.

Internet censorship is a significant threat to the freedom of speech and open access to information across the world. While there exists an arsenal of tools to circumvent Internet censorship, they fall short in helping censored users effectively and reliably. In this talk, I will present insights from a decade of research on combating Internet censorship, highlighting the key technical and non-technical challenges, as well as promising directions for future advancements.

Speaker's Biography: Amir Houmansadr is an Associate Professor of computer science at UMass Amherst. He received his Ph.D. from the University of Illinois at Urbana-Champaign, and was a postdoctoral researcher at the University of Texas at Austin. Amir is broadly interested in the security and privacy of networked/AI systems. To that end, he designs and deploys privacy-enhancing technologies, analyzes network protocols and services (e.g., messaging apps and machine learning APIs) for privacy leakage, and performs theoretical analysis to derive bounds on privacy (e.g., using game theory and information theory). Amir has received several awards including the 2013 IEEE S&P Best Practical Paper Award, a 2015 Google Faculty Research Award, a 2016 NSF CAREER Award, a 2022 DARPA Young Faculty Award (YFA), the 2023 Best Practical Paper Award from the FOCI Community, the first place at CSAW 2023 Applied Research Competition, a Distinguished Paper Award from ACM CCS 2023, a 2024 Applied Networking Research Prize (ANRP), and a 2024 DARPA Directors Award.