Plausible Deniability for ISP Log and Browser Suggestion Obfuscation with a Phrase Extractor on Potentially Open Text

摘要

We revisit the issue of maintaining a reasonable amount of privacy for browser users when logs are at risk of being sold and profiles are at risk of being viewed under embarrassing circumstances. A URL that generates dynamic calls in javascript is designed so users have plausible deniability when items show up in profiles, recommendations, or suggested text completions. Three design features are notable: (1) the use of open seed text and an unrestricted user-customizable list of URLs provided externally by the user, and not logged, so broad, indisputable claims of origination are possible; (2) the use of an AI/NLP part-of-speech informed phrase extractor (chunker) to generate queries that cluster semantically; (3) the use of a generative grammar of search-term sequences, or dialogues, to produce more realistic searches. An algorithmic technique is employed to assist in determining what requests were made by the tool post hoc, so forensics are still possible, but only when a specific user's logs have been produced for analysis. We also discuss how an "arms race" between analytics AI and obfuscating AI can be won by combining multiple tools, and how such a race can be avoided simply by deliberately reducing precision, unilaterally, by those who do user profiling analytics.