Contact discovery allows new users of a messaging service to find existing contacts that already use that service. Existing users are similarly informed of new users that join. Current contact discovery protocols allow the server to reconstruct the social graph (i.e. the graph describing who is a contact of who), which is a serious privacy issue, unless they use trusted hardware to prevent this. But even in the latter case, privacy is still at stake: anyone already on the service that has your number on their contact list gets notified that you joined. Even if you don’t know that person, or if it is an ex or former colleague that you long parted with and whose contact details you deleted long ago.
Jaap-Henk Hoepman is guest professor at the PRISEC - Privacy And Security group of Karlstad University, Sweden.
He is also an associate professor of privacy enhancing protocols and privacy by design in the Digital Security group at the Institute for Computing and Information Sciences of the Radboud University Nijmegen, principal scientist of the Privacy & Identity Lab, and member of iHub, Radboud University’s interdisciplinary research hub on Digitalization and Society.
Moreover he is an associate professor in the IT Law section of the Transboundary Legal Studies department of the Faculty of Law of the University of Groningen.
His main research interest are privacy by design, privacy friendly protocols and identity management.
He also writes a lot about the societal impact of new technologies.