About

<<

Summary

I work at Brave Software, shipping privacy features in the browser as part of the Research team and conducting privacy reviews across the company. I previously worked at Salesforce on DNS privacy and (in an earlier team) on privacy & data governance. I have an interest in privacy-respectful standards and am active in the IETF and W3C. I care about social implications of technology, and was an Internet of Rights fellow at ARTICLE 19, a UK-based human rights organization. I am currently on the Advisory Council of Open Tech Fund's Information Controls Fellowship.

Engineering / Open Source

1. Brave browser
• Features: De-AMP, Google Sign-In Permission, Debounce.
• PRs for Brave browser.
2. SugarCoat
• Autogenerate privacy-preserving JavaScript resource replacements.
• Popular on Hacker News, Reddit and other places.
3. XFR-over-TLS support for NSD
• Add support for RFC 9103 to the NSD auth server.
4. Co-maintainer of and contributer to tough-cookie.
• RFC6265 Cookies and CookieJar for Node.js
• 30 million weekly downloads

Research

1. Co-chair, NDSS 2021 DNS Privacy Workshop.
2. "Bringing Content Blocking To The Masses" - Talk given at USENIX PEPR '22.
3. "DNS Privacy Vs." - Panel at USENIX PEPR '22.
4. Artifact reviewer, PoPETS 2021.

Standards

1. Working on Distributed Secret Sharing for Private Threshold Aggregation Reporting (STAR) at IETF.
2. Co-chair, Oblivious HTTP Application Intermediation (OHAI) at IETF.
3. RFC 9103: Encrypted DNS Zone Transfers.
• Gave talks at DINR 2020, OARC
4. Co-chair, Privacy Research Group at IETF/IRTF.
5. Invited expert, W3C Privacy Interest Group.
• Some reviews: Accessible Rich Internet Applications, WebRTC Scalable Video Coding

Writing

1. De-AMP - #1 on Hacker News, and featured in The Verge, ZDNet, Engadget.
2. Normalization of privacy violations - #1 on Hacker News

Mentoring

1. Mentor for MITPOSSE.
2. IETF Guide - I mentor newcomers to IETF to help them active and contributing members of IETF. One mentee blogged about it!

Patents