On 21 February, we’re holding a workshop on Understanding and Enhancing Online Privacy (UEOP) co-located with the Network and Distributed System Security Symposium (NDSS).
The mainstream focus in privacy research has long been on designing software from the ground up, providing firm guarantees on the provided privacy properties. Such a "bottom-up" approach is undoubtedly crucial for achieving better online privacy in the long term. Nevertheless, there is also a clear need for "top-down" research, understanding online privacy in the present online digital user habitats and proposing solutions that are easily deployable in existing infrastructures.
The motivations for such a “top-down” approach are manifold. First, users need support for understanding the privacy-relevant consequences of their behaviour in today’s online systems. Secondly, re-designing a system from scratch is often too costly, while easily deployable plugins may be effective already in the short term. Technology able to assess, predict, and mitigate online privacy threats is of course also useful for guiding “bottom-up” research aiming at privacy enforcement in the long term.
Understanding privacy in online user habitats necessarily has to cope with highly incomplete information. While top-down methods for understanding some privacy-relevant open-world phenomena in the Internet have been researched (most prominently, information spreading in the context of social networks, recommendation systems, and marketing), and many basic technologies relevant to such understanding are well-investigated (e.g., large-scale information retrieval, image analysis, software analysis, record linkage), their application to the understanding and enhancing of online privacy remains under-explored, and has partly not yet been considered at all. Pursuing such an approach poses major technical challenges, which only collaboration across several sub-areas of computer science can solve.
Scope of the Workshop
This workshop is intended to be the first of a series providing a forum for discussing issues and proposing solutions in this context, directed at researchers from privacy and adjacent research areas. Topics of interest include, but are not limited to:
- data and action linkability
- privacy metrics
- data dissemination and information spreading
- what-if-analysis and privacy threat prediction
- privacy in social networks and microblogging systems
- privacy in cloud and big data applications
- location privacy
- privacy in mobile and portable devices
- behavioral targeting
- data analytics
- user profiling and data mining
- economics of privacy and game-theoretical approaches to privacy
- human factors and usability
- privacy in electronic currencies
UEOP 2016 will begin with an Invited Talk by Emiliano De Cristofaro, on The Genomics Revolution: The Good, The Bad, and The Ugly. Then, six technical papers will be presented, on aspects relating to:
- Software landscape analysis:
Longitudinal Analysis of the Third-party Authentication Landscape (Anna Vapen, Niklas Carlsson and Nahid Shahmehri)
Experimental Analysis of Popular Anonymous, Ephemeral, and End-to-End Encrypted Apps (Lucky Onwuzurike and Emiliano De Cristofaro)
- Online privacy attacks:
Traffic Confirmation Attacks Despite Noise (Jamie Hayes)
On Epigenomic Privacy: Tracking Personal MicroRNA Expression Profiles over Time (Michael Backes, Pascal Berrang, Anne Hecksteden, Mathias Humbert, Andreas Keller and Tim Meyer)
- Understanding Online User Privacy Preferences:
Privacy Trade-Offs of Geo-Location (Laura Brandimarte and Alessandro Acquisti)
Raise the Curtains: The Effect of Transparency about Targeted Advertising on Attitudes and Behavioral Intentions (Sonam Samat and Alessandro Acquisti)
The workshop will be concluded by an open discussion inviting all participants to voice their personal stance on Quo Vadis, UEOP: What UEOP research should, or should not, be focusing on in the future.
If you’ll be at NDSS, I hope you will join us for the UEOP Workshop on Sunday. If you can’t attend in person, stay tuned to the NDSS website for the published papers and talks.