Proceedings

June 6th

09:00-09:05 Welcome, introductions and opening remarks
09:05-10:15 Session 1: Privacy in mobile and emerging technologies. Chair: Jose M. del Alamo
-XRSI framework, Industry Talk by Kavya Pearlman (XR Safe Initiative). This talk is directed to researchers and academics to understand the novel risks immersive technologies like extended reality (XR) bring along and how to help industries address them proactively.
-An (Un)Necessary Evil - Users' (Un)Certainty about Smartphone App Permissions and Implications for Privacy Engineering by Kerstin Bongard-Blanchy, Jean-Louis Sterckx, Arianna Rossi, Verena Distler, Salvador Rivas and Vincent Koenig. This study investigates people's certainty about app permission requests via an online survey with 400 representative participants of the UK population. The results demonstrate that users are uncertain about the necessity of granting app permissions for about half of the tested permission requests. This implies substantial privacy risks, which are discussed in the paper, resulting in a call for user protecting interventions by privacy engineers.
-Helping Mobile App Developers Create Accurate Privacy Labels. by Jack Gardner, Akshath Jain, Yuanyuan Feng, Kayla Reiman, Zhi Lin and Norman Sadeh. In this work we discuss the design and evaluation of a tool to help iOS developers generate privacy labels. The tool combines static code analysis to identify likely data collection and use practices with interactive functionality designed to prompt developers to elucidate analysis results and carefully reflect on their applications’ data practices. We conducted semi-structured interviews with iOS developers as they used an initial version of the tool. We discuss how these results motivated us to develop an enhanced software tool, Privacy Label Wiz, that more closely resembles interactions developers reported to be most useful in our semi-structured interviews. We present findings from our interviews and the enhanced tool motivated by our study. We also outline future directions for software tools to better assist developers communicating their mobile app’s data practices to different audiences.
10:15-10:45 Coffee Break
10:45-12:30 Session 2: Data protection meets technology. Chair: Isabel Wagner
-Data protection engineering, Industry Talk by Prokopios Drogkaris (ENISA).
-Data Protection and Consenting Communication Mechanisms: Current Proposals and Challenges. by Soheil Human, Harshvardhan J. Pandit, Cristiana Santos, Martin Degeling, Victor Morel, Arianna Rossi, Wilhelmina Maria Botes, Vitor Jesus and Irene Kamara. Data Protection and Consenting Communication Mechanisms (DPCCMs) enable users to express their data preferences and to manage their consent to personal data processing. Thus, they have the potential of becoming one of the most important means of protecting individual’s privacy and agency. Based on an in-depth analysis of different DPC- CMs proposals, we propose an interdisciplinary set of factors that can be used for a comparison of such mechanisms. Moreover, we use the results from a qualitative expert study to identify some of the main interdisciplinary challenges that DPCCMs should consider. Both factors and challenges are used to compare two current open specifications, i.e. the Advanced Data Protection Control (ADPC) and the Global Privacy Control (GPC) and identify the challenges that needs to be tackled in this interdisciplinary and timely research and development area.
-Reliability of IP Geolocation Services for Assessing the Compliance of International Data Transfers. by Miguel Cozar, David Rodriguez, Jose M. Del Alamo and Danny Guaman. This paper analyzes ten different IP geolocation services to understand their reliability against known ground truth and applies them to further assess whether 777 Android apps indeed carry out international personal data transfers. Our results show great discrepancy depending on the service used, thus demonstrating the uncertainty data controllers and supervisory authorities face to assess these data flows.
12:30-14:00 Lunch
14:00-16:00 Session 3: Privacy by design in practice. Chair: Kim Wuyts
-Privacy by design in practice, Industry Talk by Stefano Bennati and Vaibhav Antil (HERE). In this talk, we will go through the process of identifying & triaging new code changes that require a privacy review, both at the design stage of a new feature & at the development stage in the CI/CD pipeline. We'll explore both the process and the code scanning technology deployed to meet the goal, along with the learnings from monitoring thousands of code changes.
-CampusTracer: A Privacy-Aware Contact Tracing Protocol for Campus Environments. by Ken Ahrens, Jonas Palm and Meiko Jensen. In this paper, we present CampusTracer, a novel contact tracing system specialized for university campus environments. Based on an in-depth analysis of existing contact tracing approaches and university-specific requirements, we elaborate a Privacy-by-Design solution to contact tracing that caters for most real-world requirements while preserving the privacy of its users in a best-possible way.
-Anonymity test attacks and vulnerability indicators for the “Patient characteristics” disclosure in medical articles. by Kenta Kitamura, Mhd Irvan and Rie Shigetomi Yamaguchi. In this paper, we propose three new attack methods similar to the homogeneity attack that violate the anonymity of patient characteristics. We also propose three new indicators similar to l-diversity to evaluate anonymity against such attacks. Experimental results show that our new attacks can point out that actual patient characteristics leaks patient information that should be kept confidential. And the results also show that the new proposed indicators can measure the vulnerability to such attacks.
16:00-16:30 Coffee Break
16:30-17:30 Session 4: Privacy engineering foundations. Chair: Isabel Barberá
-Privacy Engineering IAPP, Invited Talk by Katharina Koerner.
-A New Generic Representation for Modeling Privacy. by Myriam Clouet, Julien Signoles, Thibaud Antignac, Mathilde Arnaud and Gabriel Pedroza. This work proposes a generic representation for modeling privacy relying on a new classification scheme and a new ontology. These aim to be generic enough for modeling key privacy concepts and their relationships, as well as helping express and verify related properties at different levels of abstractions. Our representation of privacy can also be specialized into various existing ones, according to different criteria, whilst allowing us to instantiate it for mapping its generic elements to existing examples or concrete use cases.
17:30 Closing remarks