CITP interim director has built a record of research with societal impact

By

Karen Rouse

on

As the new interim director of Princeton’s Center for Information Technology Policy, Prateek Mittal said he is encouraged by the core advantage that sets the nearly 15-year-old center apart: a proven record of producing excellent work at the intersection of academic research, societal impact and community-engagement.

“The fact that we do a combination of societal impact with academic research and with community building is our core differentiating factor,” said Mittal, an associate professor in the Department of Electrical and Computer Engineering, who began his one-year term as CITP’s interim director on July 1.

“There are quite a few think tanks out there that have a lot of societal impact, but they lack the academic excellence that we have,” said Mittal. “On the other hand, there are a lot of universities that also excel on the academic front, but they lack our focus on societal engagement.”

That track record, along with CITP’s partnerships with the School of Engineering and Applied Sciences (SEAS) and School of Public and International Affairs (SPIA) — the two schools that fund CITP —  “gives us a more interdisciplinary focus compared to other institutions.”

Now, Mittal plans to leverage those strengths as he seeks to expand the Center’s work in two areas: building relationships with others on the Princeton University campus, and engaging with external stakeholders, such as policy makers in Washington, D.C. and the digital tech industry.

“One of the missions I have is to foster deeper connections between CITP and the rest of campus, such that CITP can serve as a catalyst for work that is CITP-like anywhere on campus and enhance its impact,” said Mittal, who joined Princeton in 2013 and has six times been awarded the Princeton Engineering Commendation List for Outstanding Teaching.

Mittal defines “CITP-like work” as that which improves the way technology works for people in society.

“When we do research, we don’t think of publishing a paper as the final step in the process; we think of a research paper as a starting point for creating real impact and there is a lot of invisible work that has to happen to bridge the gap between the research paper and actual impact.”

He says that invisible work can include actions like releasing large-scale software and associated data sets that help other researchers solve problems, or briefing policymakers or stakeholders, such as the Federal Trade Commission or legislators in Washington, D. C.

One high-profile example, Mittal noted, is the work of CITP researchers Kevin Lee and Ben Kaiser in 2021 that uncovered weaknesses in the methods cell phone carriers use to verify subscriber accounts. Those weaknesses leave subscribers vulnerable to mobile phone sim card thefts where hackers can take control over their phones. Officials with the Federal Communications Commission referenced the Princeton CITP study in its proposal to create policies to prevent such fraud.

“The Federal Communications Commission heavily cited and relied on the research as it does rulemaking,” Mittal said.

CITP Leadership

Mittal is the fourth director of CITP, an interdisciplinary center based at Sherrerd Hall where researchers study digital technologies like machine learning and artificial intelligence, security and privacy, and platforms and digital infrastructure. CITP founder Edward Felton launched the Center in 2008 and was its first director. Former computer science professor, Nick Feamster, was the second director, and sociology professor Matthew Salganik, held the post from 2019 through June 30, before handing the reins over to Mittal. Computer science professor Arvind Narayanan, who is currently on a sabbatical, was appointed earlier this year to become CITP director in 2023, at the expiration of Mittal’s term.

Salganik said Mittal comes at a time when the general public is more aware of issues like misinformation and disinformation on the internet, or issues facing Facebook or Google, than a decade ago.

“The problems at the intersection of digital tech and policy – these problems have gotten bigger and more complicated and the kind of core values CITP has, those have stood the test of time,” said Salganik. “In the past, people at CITP would have to explain, ‘Why would Princeton have a center focusing on the center of digital technology and society?’ And now, I think it’s very different in that the public and the policy makers see the need for this kind of work.”

Mittal’s Background

Mittal grew up in New Delhi and studied computer science and engineering at the Indian Institute of Technology-Guwahati. In 2006, he went to the University of Illinois at Urbana-Champaign to complete his graduate work and later did postdoctoral work at the University of California-Berkeley. He joined the Princeton faculty in 2013.

Mittal said he was initially drawn to the area of privacy and security because he saw a strong overlap between privacy and human rights issues.

“I see privacy technology as being an important enabler for freedom of speech, freedom of expression, freedom of communications,” he explained. “Being able to say something without attaching your identity to it is an important enabler for a democratic society. The ability to communicate information to others without being censored is also an enabler. The ability to expose wrongdoing, in terms of whistleblowing without facing retaliation, is also a very important human right.”

It also invites the type of research that is CITP-like: Mittal said privacy and security is a critical area of research because digital technology is so pervasive in society, there is a high potential for societal harm.

“The searches that you’re making on Google, the location data our cell phone providers are collecting about us … the information that is made available through our credit card data. That’s our entire life,” Mittal said. “If we don’t think about the privacy protection of this data, that can open us up to not just the compromise of privacy, that information can be used maliciously.”

Jennifer Rexford, the chair of the computer science department and a member of CITP’s executive committee, has worked with Mittal on multiple projects.

“Prateek addresses pressing privacy and security problems in a fundamental way, to make the technologies we use every day worthy of the trust society places in them,” Rexford said. She also called Mittal “a joy as a collaborator, given his natural inquisitiveness, his strategic way of identifying important research problems, and his relentless focus on making a difference for Internet users.”

In 2018, Mittal was part of a team of Princeton researchers, which included Rexford, working to prevent attacks on domain certificates — the digital stamp that validates for internet users that a site is who it says it is. The attacks allowed adversaries to surreptitiously steal the domain identities and redirect users to fake websites masquerading as the real ones. The team went on to design a defense strategy, which involved leveraging multiple vantage points to block the attacks, and was recognized at the 2018 USENIX security conference.

But Mittal said that wasn’t the end game. The research team went on to have the type of societal impact CITP aims for; they partnered with the non-profit organization Let’s Encrypt to address the flaw. As a result, Let’s Encrypt went on to issue domain certificates that were protected against attacks. Their work is described in the paper, Experiences Deploying Multi-Vantage-Point Domain Validation at Let’s Encrypt. Just last month, the project was a runner up for the Caspar Bowden PET Award for Outstanding Research in Privacy Enhancing Technologies.

“We issued with our new technology more than one billion certificates in less than one year,” Mittal said. And in the spirit of CITP, he said, “that is research that had an impact.”

Related Faculty

Prateek Mittal

Related Departments

Professor writes on white board while talking with grad student.

Electrical and Computer Engineering

Improving human health, energy systems, computing and communications, and security