No Comments

Summary:

What if a programmer could write privacy policies into an application that would be enforced throughout the lifetime and workflow of that application? That’s what Jeeves aims to do.

Anyone reading the headlines these days knows we have a privacy problem. There are people out there who scour social networks for any and all information about you that they might be able to use to make money in legal and not-so-legal ways.  To make it easier for programmers to build privacy rules into their applications from the get-go, Jean Yang, a Ph.D at MIT’s CSAIL (Computer Science and Artificial Intelligence) school, has been working on Jeeves.

This is a huge issue in the era of social networking where people want to use Facebook and Twitter to share information — but only certain pieces of information with certain people.

But as anyone who has been unknowingly tagged in someone else’s Facebook photos, it’s hard to keep all your info within the confines of your privacy settings. Jeeves would, in theory, make that possible. If someone were to tag you in a photo, the application would not publish the tag if that fell outside your settings.  It is hard for programmers to correctly enforce these privacy settings as they do their work.

“Every time a programmer adds any new feature, he or she runs the risk of adding code that violates these settings,” she said via email.  Jeeves helps ensure that when the programmer adds new functionality, for instance for photo tags, it is not possible for a program to publish tags outside those privacy settings.

Yang, who was one of our Structure Cloud Trailblazers in June, released an open-source Python version of Jeeves last month. That concept confused me a bit – a Python language version of another language?

jean yang at MITYang explained via email that Jeeves is a “research language,” meaning it’s a sort of test bed to introduce a new concept in programming language design. “The goal of our research in Jeeves is to develop a language design approach,” she said (emphasis is hers.) “We’re taking a crazy idea, showing that it can work at all, and then fleshing it out so that it can work in the real world.”

The Python implementation — there is already a Scala version — is actually a Python library that runs like Jeeves and includes a macro, @Jeeves, that programmers can use. “Our library actually rewrites this code on the fly so that it operates according to our defined Jeeves semantics, propagating policies and multiple views of sensitive values. So while it looks like Python code, it’s actually Python-Jeeves code,” she said.

Yang said Jeeves is starting to get some traction on GitHub, although most of its active users are collaborators on the project.

Applications could be wide-ranging. For example, Yang has been talking with a biochemist at Microsoft Research about applying Jeeves’ information flow policies to model protein signaling systems. “We think it would be cool to use privacy-style policies for building systems that model how information travels through a cell via chemical signals,” she told me.

For more on Jeeves, check out Yang’s presentation at Structure 2013: