Recent work

<<

Summary

I lead the Privacy and Webcompat Engineering team at Brave Software. We ship privacy features in the browser, conduct privacy reviews, work on advancing the state-of-the-art in adblocking while maintaining webcompat, and collaborate with the Research team to ship novel privacy interventions. I've previously worked on DNS, encrypted DNS, consent tooling and telemetry. I have an interest in privacy-respectful standards and am active in the IETF and W3C. I care about social implications of technology, and was an Internet of Rights fellow at ARTICLE 19, a UK-based human rights organization. I am currently on the Advisory Council of Open Tech Fund's Information Controls Fellowship. I recently contributed an essay on how privacy technology and protocols are increasingly dependent on centralized infrastructure (and why that's a problem) in Meatspace Press's book "Eaten by the Internet", which you can buy here.

I blog at shivankaul.com/blog.

Engineering / Open Source

1. Brave browser
• Features: De-AMP, Google Sign-In Permission, Debounce.
• Pull requests for Brave browser.
2. SugarCoat
• Autogenerate privacy-preserving JavaScript resource replacements.
• Popular on Hacker News, Reddit and other places.
3. XFR-over-TLS support for NSD
• Add support for RFC 9103 to the NSD auth server.

Research

1. "Shipping a Privacy-Preserving Telemetry System to Millions of Users" - Talk given at USENIX PEPR '23.
2. "Bringing Content Blocking To The Masses" - Talk given at USENIX PEPR '22.
3. Co-chair, NDSS 2021 DNS Privacy Workshop.
4. Technical Program Committee, USENIX PEPR '23, '24.
5. "DNS Privacy Vs." - Panel at USENIX PEPR '22.
6. Artifact reviewer, PoPETS 2021.

Standards

1. Working on Distributed Secret Sharing for Private Threshold Aggregation Reporting (STAR) at IETF.
2. Co-chair, Key Transparency (KEYTRANS) at IETF.
3. Co-chair, Oblivious HTTP Application Intermediation (OHAI) at IETF.
4. RFC 9103: Encrypted DNS Zone Transfers
• Gave talks at DINR 2020, OARC
5. Co-chair, Privacy Research Group at IETF/IRTF.
6. Invited expert, W3C Privacy Interest Group.
• Some reviews: Accessible Rich Internet Applications, WebRTC Scalable Video Coding

Writing

1. De-AMP - #1 on Hacker News, and featured in The Verge, ZDNet, Engadget.
2. Normalization of privacy violations - #1 on Hacker News.

Mentoring

1. I've done various one-off mentoring for programs like MITPOSSE and IETF Guides.
2. I do a lot of mentoring as part of leading my team.

Patents

Old Projects

1. I created a Chrome extension that allowed users to pretty-print emails called PrettyPrintGmail.
   • 10,000+ users.
   • Used by at least one school district in New Jersey.
   • No longer maintained.
2. Ex-maintainer of and contributor to tough-cookie.
• RFC6265 Cookies and CookieJar for Node.js
• 30 million weekly downloads.