Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
RePriv: Re-Envisioning In-Browser Privacy

Matthew Fredrikson and Ben Livshits


In this paper, we present RePriv, a system for managing and controlling the release of private information from the browser. We demonstrate how always-on user interest mining can effectively infer user interests in a real browser. We go on to discuss an extension framework that allows third-party code to extract and disseminate more detailed information, as well as language-based techniques for verifying the absence of privacy leaks in this untrusted code. To demonstrate the effectiveness of our model, we present RePriv extensions that perform personalization for Netflix, Twitter, Bing, and GetGlue.

We evaluated several aspects of RePriv in realistic scenarios. We show that RePriv's default in-browser mining can be done with no noticeable overhead to normal browsing, and that the results it produces converge quickly. We then go on to show similar results for each of our case studies: that RePriv enables high-quality personalization, as shown by cases studies in news and search result personalization we evaluated on thousands of instances, and that the performance impact each case has on the browser is minimal. We conclude that personalized content and individual privacy on the web are not mutually exclusive.


Publication typeProceedings
Published inProceedings of the IEEE Symposium on Security and Privacy
PublisherIEEE Computer Society

Newer versions

Drew Davidson and Benjamin Livshits. MoRePriv: Mobile OS Support for Application Personalization and Privacy, 3 May 2012.

Previous versions

Matthew Fredrikson and Ben Livshits. RePriv: Re-Envisioning In-Browser Privacy, 27 August 2010.

Nikhil Swamy, Benjamin Livshits, Arjun Guha, and Matthew Fredrikson. Verified Security for Browser Extensions, 19 November 2010.

Arjun Guha, Matthew Fredrikson, Benjamin Livshits, and Nikhil Swamy. Verified Security for Browser Extensions, IEEE, 22 May 2011.

> Publications > RePriv: Re-Envisioning In-Browser Privacy