In a world where our digital footprints grow larger by the day, the battle for privacy has never been more crucial. Enter Sarah Scheffler, an assistant professor at Carnegie Mellon University's CyLab, who's forging a path at the intersection of cryptography and policy. Her work isn't just about writing complex algorithms; it's about reshaping how we approach privacy, security, and the very fabric of our digital society.

"Most of the time, there are no easy answers," Scheffler admits, leaning back in her chair during our video call. "But that's what makes this work so fascinating."

Scheffler's research spans an array of topics from the nitty-gritty of zero-knowledge proofs to the broader implications of content moderation in encrypted environments. But at its core, her work is about bridging the gap between cutting-edge cryptography and the real-world policies that govern our digital lives.

The Encryption Dilemma: Balancing Privacy and Safety

One of Scheffler's most intriguing projects tackles a problem that's been giving tech giants and policymakers headaches: how to moderate content in end-to-end encrypted (E2EE) environments without compromising user privacy.

"It's a classic case of competing goods," Scheffler explains. "On one hand, we want to protect users' privacy through encryption. On the other, we also want to protect users from harmful content like terrorist propaganda or disinformation campaigns. It's not a simple either-or scenario."

Scheffler and her colleagues have been exploring the use of a technique called Private Hash Matching (PHM). This method allows platforms to detect known instances of harmful content without directly accessing the full content of users' messages. However, Scheffler's primary focus is on verifying the implications of PHM, as she is concerned that, without careful oversight, it could still enable mass surveillance.

"The risk of function creep is real," she warns. "Once you have a system that can detect one type of content, there's always pressure to expand its use. That's why we're focusing on developing public verification protocols for PHM systems."

These protocols would allow independent auditors to verify that the system is only being used for its intended purpose, not for broader surveillance. It's a perfect example of Scheffler's approach: using technical expertise to address policy concerns, and vice versa.

"The risk of function creep is real. Once you have a system that can detect one type of content, there's always pressure to expand its use."

The Legal Frontier of Cryptography

Scheffler's work doesn't stop at the technical level. She's also delving into the murky legal waters of compelled decryption – when the government orders individuals to decrypt their devices.

"It's a fascinating area where cryptography meets constitutional law," Scheffler says, her eyes lighting up. "We're looking at how to design cryptographic systems that are resilient to compelled disclosure while still respecting legitimate law enforcement needs."

This research has led Scheffler to challenge traditional legal interpretations. "The 'foregone conclusion' doctrine, which is often used in these cases, wasn't designed with digital information in mind," she explains. "We're trying to formalize these legal concepts using the tools of cryptography, to provide a more rigorous framework for courts to use."

It's this kind of interdisciplinary thinking that sets Scheffler's work apart. By bringing together expertise from computer science, law, and policy, she's tackling problems that can't be solved from a single perspective.

Empowering Journalism Through Privacy-Preserving Computation

Another area where Scheffler's work shines is in developing privacy-preserving tools for journalists and researchers. "There's a wealth of cryptographic techniques like multi-party computation and differential privacy that could revolutionize how sensitive data is analyzed," she says. "But these tools are often too complex for non-specialists to use."

Scheffler is working to change that through initiatives like the Digital Witness Lab. "Our goal is to make these powerful cryptographic tools accessible to journalists who need to protect their sources, or researchers working with sensitive data," she explains. "It's about translating theoretical advances into practical tools that can make a real difference."

The Future of Digital Identity

When asked about emerging areas of research she's excited about, Scheffler doesn't hesitate. "I'm really interested in exploring the intersection of identity and cryptography on the internet," she says. "How do we create more robust and nuanced ways to manage and verify identities online, while still protecting privacy?"

It's a question that cuts to the heart of many online issues, from misinformation to cybersecurity. And it's exactly the kind of complex, multifaceted problem that Scheffler thrives on.

"What I love about [S3D] is that it's a genuine home for interdisciplinary research. It's not just a subset of computer science; it's its own department, with its own culture of tackling societal challenges through technology."

A New Breed of Researcher

Scheffler's work exemplifies a new approach to computer science research – one that's deeply engaged with the societal implications of technology. It's an approach that's at the core of Carnegie Mellon's Software and Societal Systems Department (S3D), where Scheffler holds a joint appointment.

"What I love about this department is that it's a genuine home for interdisciplinary research," Scheffler says. "It's not just a subset of computer science; it's its own department, with its own culture of tackling societal challenges through technology."

This structure allows for collaboration across disciplines, fostering research that's both technically rigorous and socially relevant. It's an environment that's producing alumni like Blase Ur, now an associate professor at the University of Chicago, whose work on data-driven password meters earned him the Best Paper Award at CHI 2017 while he was a student in the Societal Computing PhD program.

For students considering a PhD in this field, Scheffler offers some advice: "Don't feel like you need to have it all figured out from the start," she says. "The most exciting research often comes from following your curiosity and being open to where it leads you."

As our conversation winds down, it's clear that Scheffler's work is just beginning. In a world where technology and society are increasingly intertwined, researchers like her – and programs like CMU's Societal Computing PhD – are more crucial than ever.

"We're at a pivotal moment in how we shape our digital future," Scheffler concludes. "And I can't think of more exciting work to be doing."

For those inspired by Scheffler's approach and eager to tackle similar challenges, Carnegie Mellon's Societal Computing PhD program offers a unique opportunity to dive deep into this emerging field. As Scheffler's work demonstrates, the future of technology lies not just in coding skills, but in the ability to bridge technical expertise with a nuanced understanding of societal impacts.

To learn more about the program and how you could contribute to shaping the future of our digital world, visit [CMU's Societal Computing PhD program website].