Güneş Acar

Assistant Professor
Radboud University

I am an assistant professor at the Digital Security group of Radboud University Nijmegen. I am also affiliated with iHub, Radboud's interdisciplinary research hub on digitalization and society.

My research focuses on security and privacy threats​ from websites​​, mobile apps​ and IoT devices​, with a special emphasis on novel ​online tracking​ mechanisms. I also study anonymous communication​ networks such as Tor, and investigate deceptive and manipulative (dark) design patterns​.

Between 2019 and 2021, I was an FWO postdoctoral research fellow at the COSIC research group of KU Leuven.

Between 2017 and 2019, I was a postdoctoral research associate at the Princeton University's Center for Information Technology Policy.

I obtained my PhD at COSIC (KU Leuven) in 2017 under the supervision of Claudia Diaz and Bart Preneel.

Selected Publications

See my dblp, ORCID, or Google Scholar pages for the full list of publications.

Academic Service

Program Committee Memberships

  • 2023: ACM CCS, PoPETs, MADWeb, ConPro, SecWeb
  • 2022​: USENIX Security, PoPETs, MADWeb, ConPro, SecWeb
  • 2021​: USENIX Security, PoPETs, MADWeb, ConPro, SecWeb, CFail
  • 2020: USENIX Security, Financial Crypto, SecWeb
  • 2019​: PoPETs, ESORICS Poster Session
  • 2018​: PoPETs
  • 2017: PoPETs, DPM, IWPE
  • 2016: IWPE, IFIP SEC

External Reviews

  • 2016: PETS
  • 2015: PETS, ESSOS
  • 2014: ACM CCS, PETS, ESORICS, SPACE
  • 2013: PETS, WPES, HotPETs
  • 2012: USENIX FOCI

Grants and Achievements

  • Top Reviewer Award, Privacy Enhancing Technologies Symposium (2022)

    Given to "reviewers [who] consistently performed constructive, but critical, i.e. helpful, reviews on time and followed up in the discussions. It covers roughly 30% of senior and regular PC".

  • Runner-up for the Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies (2021)

    Watching You Watch: The Tracking Ecosystem of Over-the-Top TV Streaming Devices (CCS'19)

  • Runner-up for the The Andreas Pfitzmann Best Student Paper Award (2021)

    The CNAME of the Game: Large-scale Analysis of DNS-based Tracking Evasion (PoPETS'21)

  • Runner-up for the CNIL-Inria Privacy Protection Prize (2020)

    No Boundaries: Data Exfiltration by Third Parties Embedded on Web Pages (PETS’20)

  • Postdoctoral Research Fellowship, FWO, Research Foundation - Flanders (2019-2022)

    Ranked 1st in the Expert Panel: Informatics and Knowledge Technology. Awarded in 2017, suspended until 2019 due to my position at Princeton University.

  • Mobile Web Inspector: A Mobile Web Measurement Tool for JavaScript Analysis (2020-)

    Project grant by armasuisse, The Swiss Federal Office for Defence Procurement. This project provides the funding for Asuman Senol who I co-supervise with Claudia Diaz (PI). I was involved in writing the grant application, preparing the job posting, interviewing the candidates, and making the hiring decision.

  • Future of Privacy Forum’s Annual Privacy Papers for Policymakers Award (2020)

    Dark Patterns at Scale: Findings from a Crawl of 11K Shopping Websites (CSCW’19)

  • Runner-up for the Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies (2018)

    How Unique is Your .onion? An Analysis of the Fingerprintability of Tor Onion Services (CCS’17)

  • Finalist for the Best Paper Award at the ACM CCS (2017)

    How Unique is Your .onion? An Analysis of the Fingerprintability of Tor Onion Services (CCS’17)

  • Runner-up for the Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies (2015)

    FPDetective: Dusting the Web for Fingerprinters (CCS’13)

  • FWO Long-term Travel Grant (August-Sep 2014)

    For the internship at the Electronic Frontier Foundation (EFF), San Francisco, CA, USA.

  • Privacy Enhancing Technologies Symposium​ Stipend (2013, 2014, 2016)
  • UNICEF-Turkey Student Grant​ for the IAMCR Conference (2011)

Talks

Training on Web Technologies, Online Tracking and Dark Patterns

  • Finnish Competition and Consumer Authority, Helsinki, 6 May 2022

Distinguished Lectures on Security & Privacy

  • University of Regensburg, Regensburg, 11-12 November 2021

No Boundaries: Data Exfiltration by Third Parties Embedded on Web Pages

  • Brave Research Reading Group, online, 11 February 2021
  • MIT CSAIL Security Seminar, online, 17 December 2020
  • The US Senate (private briefing to senate staffers; hosted by Rafi Martina) - Washington, D.C., 28 February 2018
  • PrivacyCon 2018, Federal Trade Commission (FTC) - Washington, D.C., 28 February 2018
  • Electronic Frontier Foundation (EFF) - San Francisco, CA, 2 February 2018
  • International Computer Science Institute (ICSI) - Berkeley, CA, 1 February 2018

Dark Patterns at Scale: Findings from a Crawl of 11K Shopping Websites

  • e-Enforcement Academy, European Commission: (training given to over 40 members of European consumer protection authorities). Online, 22 September 2021
  • Symposium Consumer and Data Privacy: The Digital Revolution of Legal, Social and Economic Interaction - Maastricht, 24 January 2020
  • Mozilla Security Research Summit - Vienna, 8 November 2019
  • Maastricht Law & Tech Lab launching event - Maastricht, 17 October 2019

How Unique is Your .onion? An Analysis of the Fingerprintability of Tor Onion Services

Battery Status Not Included: Assessing Privacy in Web Standards

  • IETF Privacy Enhancements and Assessments Research Group (PEARG) - 7 November 2018

Online Tracking Technologies and Web Privacy

  • European Data Protection Supervisor (EDPS) Working Meeting, Leuven, 20 June 2017

Advanced Online Tracking: A look into the Past and the Future

  • University College of London, Academic Centre of Excellence for Cyber Security Research - London, 24 November 2016

Web Privacy & Tracking

User Control over Web Tracking

  • II. Internet Privacy Engineering Network (IPEN) Workshop - Leuven, 5 June 2015

Facebook's Tracking Capabilities Through Social Plug-ins

  • Belgian Privacy Commission - Brussels, 9 March 2015

The Web Never Forgets: Persistent Tracking Mechanisms in the Wild

  • IMDEA Software - Madrid, 30 October 2015
  • Dutch Data Protection Agency - The Hague, NL, 16 October 2014
  • UC Berkeley, TRUST Security Seminar - Berkeley, CA, 11 September 2014

FPDetective: Dusting the Web for Fingerprinters

  • French Data Protection Agency (CNIL) - Paris, 7 April 2014
  • Federal Trade Commission (FTC), Bureau of Consumer Protection, New York City, NY, 21 February 2014

Obfuscation for and against Device Fingerprinting

  • Symposium on Obfuscation at NYU, New York City, NY, 15 February 2014

Software

GitHub: @gunesacar

Lead developer:

  • tor-browser-selenium Tor Browser automation with Selenium 59 forks, 66 dependent repositories (as of 12/2020) including the SecureDrop whistleblower platform by the Freedom of the Press Foundation. Used in numerous studies involving Tor Browser automation.
  • fpdetective: A crawler based on a modified Chromium to detect font-based fingerprinting (CCS’13)
  • modCrawler: A crawler based on a modified Firefox to detect canvas fingerprinting (CCS’14)
  • privacy-policy-historical: The web frontend and GitHub backend for the Princeton-Leuven Longitudinal Corpus of Privacy Policies (WWW'21)
  • OpenWPM-mobile: A mobile web privacy measurement framework based on OpenWPM (CCS’18)

Contributed to:

Press

Press coverage

Media collaborations

Contact

  • Email: g.acar@cs.ru.nl
  • Address: Mercator 1 Toernooiveld 212 6525 EC NIJMEGEN The Netherlands
  • Office: 03.01
  • Tel: +31 24 36 52 077
Built with purecss, favicon-generator, google-webfonts-helper.