About

Kenneth A. Bamberger is a faculty member at UC Berkeley Law, involved in various clinical programs and research initiatives. His work encompasses areas such as human rights, criminal justice, environmental law, and social justice. Bamberger contributes to the law school's clinical education, engaging in projects that promote human rights, social equity, and legal advocacy. His focus includes addressing issues related to racial justice, community reentry, and public policy, with active participation in clinics that serve diverse communities and advocate for marginalized groups.

Research topics

• Computer Science
• Political Science
• Computer Security
• Law
• Internet privacy
• Sociology
• Advertising
• Epistemology
• Business
• World Wide Web

Selected publications

• Recentering Public Values In AI Governance: Examples From The Biden Administration

  SSRN Electronic Journal · 2026-01-01

  preprintOpen access1st authorCorresponding
  PublisherDOI

• Untangling Privacy and Competition

  SSRN Electronic Journal · 2025-01-01

  preprintOpen access1st authorCorresponding
  PublisherDOI

• Verification Dilemmas in Law and the Promise of Zero-Knowledge Proofs

  eYLS (Yale Law School) · 2022-01-01 · 1 citations

  articleOpen access1st authorCorresponding

  Individuals who wish to access a website or qualify for a loan are expected to expose personally identifying information, undermining their privacy and security. Firms share proprietary information in dealmaking negotiations which, if the deal fails, may be used by the negotiating partner for a competitive advantage. Regulators are expected to disclose their algorithmic tools to comply with public transparency and oversight requirements, a practice that risks rendering these tools circumventable and ineffective. Litigants might have to reveal trade secrets in court proceedings to prove a claim or defense. Such “verification dilemmas” — costly choices between opportunities that require the verification of some fact and risks of exposing sensitive information in order to perform that verification — appear across the legal landscape. Yet existing legal responses to them are imperfect. Legal responses often depend on ex post litigation procedures that can be prohibitively expensive for those most in need or are otherwise ineffective. Zero-knowledge proofs (ZKPs) — a class of cryptographic protocols that enables verification of a fact or characteristic of secret information without learning the actual secret — can help to avoid these verification dilemmas. ZKPs can provide a feasible means for a party who holds secret information to demonstrate desirable properties of this information while keeping the information otherwise hidden. Yet ZKPs have received scant notice in the legal literature. This Article fills that gap by providing the first deep dive into ZKPs’ broad relevance for law. It explains ZKPs’ conceptual power and technical operation to a legal audience. It then demonstrates how ZKPs can be applied as a governance tool to transform verification dilemmas in multiple legal contexts. Finally, the Article surfaces and provides a framework to address the policy issues implicated by introducing of ZKP governance tools into existing law and practice.

  PublisherOA PDFDOI

• Lex Algorithmica: Humans and Systems in Content Governance

  Berkeley technology law journal · 2021-01-01

  article1st authorCorresponding
  Publisher

• PRE-MODERN INSIGHTS FOR POST-MODERN PRIVACY: JEWISH LAW LESSONS FOR THE BIG DATA AGE

  Journal of Law and Religion · 2021 · 5 citations

  1st authorCorresponding
  • Political Science
  • Sociology
  • Internet privacy

  Abstract This article makes the counterintuitive argument that the millennia-old approach of Jewish law to regulating surveillance, protecting communications, and governing collection and use of information offers important frameworks for protecting privacy in an age of big data and pervasive surveillance. The modern approach to privacy has not succeeded. Notions of individual “rights to be let alone” and “informational self-determination” offer little defense against rampant data collection and aggregation. The substantive promise of a “fundamental human right” of privacy has largely been reduced to illusory procedural safeguards of “notice” and “consent”—manipulable protections by which individuals “agree” to privacy terms with little understanding of the bargain and little power to opt out. Judaism, on the other hand, views privacy as a societal obligation and employs categorical behavioral and architectural mandates that bind all of society's members. It limits waiver of these rules and rejects both technological capacity and the related notion of “expectations” as determinants of privacy's content. It assumes the absence of anonymity and does not depend on the confidentiality of information or behavior, whether knowledge is later used or shared, or whether the privacy subject can show concrete personal harm. When certain types of sensitive information are publicly known or cannot help but be visible, Jewish law still provides rules against their use. Jewish law offers a language that can guide policy debates. It suggests a move from individual control over information as the mechanism for shaping privacy's meaning and enforcement, to a regime of substantive obligations—personal and organizational—to protect privacy. It recognizes the interconnected nature of human interests and comprehends the totality of the harm that pervasive surveillance wreaks on individuals and social relations. It offers a conceptual basis for extending traditional privacy protections to online spaces and new data uses. And it provides a language of dignity that recognizes unequal bargaining power, rejects the aggregation and use of information to create confining personal narratives and judgments, and demands equal protection for all humans.

  PublisherOA PDFDOI

• Verification Dilemmas, Law, and the Promise of Zero-Knowledge Proofs

  SSRN Electronic Journal · 2021-01-01 · 24 citations

  articleOpen access1st authorCorresponding
  PublisherDOI

• JLR volume 36 issue 3 Cover and Back matter

  Journal of Law and Religion · 2021-12-01

  paratextOpen access1st authorCorresponding

  An abstract is not available for this content so a preview has been provided. As you have access to this content, a full PDF is available via the ‘Save PDF’ action button.

  PublisherOA PDFDOI

• Privacy in Society: Jewish Law Insights for the Age of Big Data

  SSRN Electronic Journal · 2020-01-01 · 3 citations

  articleOpen access1st authorCorresponding
  PublisherDOI

• Can You Pay for Privacy? Consumer Expectations and Mobile App Behavior

  Berkley Law Scholarship Repository (University of California, Berkeley) · 2020-01-01

  article1st authorCorresponding
  Publisher

• The Price is (Not) Right: Comparing Privacy in Free and Paid Apps

  Proceedings on Privacy Enhancing Technologies · 2020 · 35 citations

  • Computer Science
  • Computer Security
  • Internet privacy

  Abstract It is commonly assumed that “free” mobile apps come at the cost of consumer privacy and that paying for apps could offer consumers protection from behavioral advertising and long-term tracking. This work empirically evaluates the validity of this assumption by comparing the privacy practices of free apps and their paid premium versions, while also gauging consumer expectations surrounding free and paid apps. We use both static and dynamic analysis to examine 5,877 pairs of free Android apps and their paid counterparts for differences in data collection practices and privacy policies between pairs. To understand user expectations for paid apps, we conducted a 998-participant online survey and found that consumers expect paid apps to have better security and privacy behaviors. However, there is no clear evidence that paying for an app will actually guarantee protection from extensive data collection in practice. Given that the free version had at least one thirdparty library or dangerous permission, respectively, we discovered that 45% of the paid versions reused all of the same third-party libraries as their free versions, and 74% of the paid versions had all of the dangerous permissions held by the free app. Likewise, our dynamic analysis revealed that 32% of the paid apps exhibit all of the same data collection and transmission behaviors as their free counterparts. Finally, we found that 40% of apps did not have a privacy policy link in the Google Play Store and that only 3.7% of the pairs that did reflected differences between the free and paid versions.

  PublisherDOI

Frequent coauthors

• Deirdre K. Mulligan

  31 shared

• Serge Egelman

  University of California, Berkeley

  29 shared

• Irwin Reyes

  28 shared

• Catherine Han

  28 shared

• Amit Elazari

  26 shared

• Joel Reardon

  25 shared

• Primal Wijesekera

  25 shared

• Álvaro Feal

  Universidad del Noreste

  25 shared