Constitution Center
400 7th St SW
Washington
DC
20024
Event Description
Building on the success of its two previous PrivacyCon events, the Federal Trade Commission announced a call for presentations for its third PrivacyCon, which took place on February 28, 2018.
The 2018 PrivacyCon expanded collaboration among leading privacy and security researchers, academics, industry representatives, consumer advocates, and the government. As part of this initiative, the FTC sought general research that explores the privacy and security implications of emerging technologies, such as the Internet of Things, artificial intelligence and virtual reality. The 2018 event focused on the economics of privacy including how to quantify the harms that result from companies’ failure to secure consumer information, and how to balance the costs and benefits of privacy-protective technologies and practices.
The PrivacyCon call for presentations sought research and input on a wide range of issues and questions to build on previously presented research and promote discussion, including:
- What are the greatest threats to consumer privacy today? What are the costs of mitigating these threats? How are the threats evolving? How does the evolving nature of the threats impact consumer welfare and the costs of mitigation?
- How can companies weigh the costs and benefits of security-by-design techniques and privacy-protective technologies and behaviors? How can companies weigh the costs and benefits of individual tools or practices?
- How can companies assess consumers’ privacy preferences?
- Are there market failures (e.g. information asymmetries, externalities) in the area of privacy and data security? If so, what tools and strategies can businesses or consumers use to overcome or mitigate those failures? How can policymakers address those failures?
The deadline for submissions for PrivacyCon was November 17, 2017.
PrivacyCon was free and open to the public, and was held at the FTC’s Constitution Center Office, located at 400 7th St., SW, Washington, DC. PrivacyCon was also webcast live. Archived videos of the presentations are available below, in the Event Details section under Video, and also on the FTC Facebook page.
Also, in an effort to encourage the next generation of privacy and data security researchers, the FTC hosted a PrivacyCon Student Poster Session, which coincided with PrivacyCon and was hosted in the conference rooms of the FTC’s Constitution Center Office, adjacent to the auditorium where PrivacyCon was presented. PrivacyCon presenters and attendees were encouraged to view the posters and interact with students, including during the lunch break.
-
8:15 am
Registration
9:15 am
Welcome and Opening Remarks
Maureen K. Ohlhausen
Acting Chairman, Federal Trade Commission9:30 am
Session 1: Collection, Exfiltration, and Leakage of Private Information
- Steven Englehardt, Princeton University, I never signed up for this! Privacy implications of email tracking
- Co-authors: Jeffrey Han (Princeton University), Arvind Narayanan (Princeton University)
- Michael Weissbacher, Northeastern University, Ex-Ray: Detection of History-Leaking Browser Extensions
- Co-authors: Enrico Mariconti (University College London), Guillermo Suarez-Tangil (University College London), Gianluca Stringhini (University College London), William Robertson (Northeastern University), Engin Kirda (Northeastern University)
- Milijana Surbatovich, Carnegie Mellon University, Some Recipes Can Do More than Spoil Your Appetite: Analyzing the Security and Privacy Risks of IFTTT Recipes
- Co-authors: Jassim Aljuraidan (Carnegie Mellon University), Lujo Bauer (Carnegie Mellon University), Anupam Das (Carnegie Mellon University), Limin Jia (Carnegie Mellon University)
- Gunes Acar, Princeton University, No boundaries: Exfiltration of personal data by session-replay scripts
- Co-authors: Arvind Narayanan (Princeton University) Steven Englehardt (Princeton University)
- Alan Mislove, Northeastern University, Auditing Data Brokers' Advertising Interfaces: Privacy Risks with Facebook's PII-based Targeting
- Co-authors: Giridhari Venkatadri (Northeastern University), Yabing Liu (Northeastern University), Athanasios Andreou (EURECOM), Oana Goga (Univ. Grenoble Alpes, CNRS, Inria, Grenoble INP, LIG), Patrick Loiseau (Univ. Grenoble Alpes, CNRS, Inria, Grenoble INP, LIG, MPI-SWS), Krishna P. Gummadi (MPI-SWS)
Moderator: Dan Salsburg
Chief Counsel and Acting Chief of OTech, Federal Trade Commission, Office of Technology, Research, and Investigation10:50 am
Break
11:20 pm
Session 2: Consumer Preferences, Expectations, and Behaviors
- Jingjing Ren, Northeastern University, Bug Fixes, Improvements, ... and Privacy Leaks: A Longitudinal Study of PII Leaks Across Android App Versions
- Co-authors: Martina Lindorfer (UC Santa Barbara), Daniel J. Dubois (Northeastern University), Ashwin Rao (University of Helsinki), David Choffnes (Northeastern University), Narseo Vallina-Rodriguez (IMDEA Networks Institute and ICSI)
- Kristopher Micinski, Haverford College, User Interactions and Permission Use on Android
- Co-authors: Daniel Votipka (University of Maryland, College Park), Rock Stevens (University of Maryland, College Park), Michelle L. Mazurek (University of Maryland, College Park), Jeffrey S. Foster (University of Maryland, College Park)
- Emily McReynolds, University of Washington, Tech Policy Lab, Toys that Listen: A study of Parents, Children, and Internet-Connected Toys
- Co-authors: Maya Cakmak (University of Washington, Computer Science & Engineering), Franziska Roesner (University of Washington, Computer Science & Engineering)
- Pardis Emami-Naeini, Carnegie Mellon University, Privacy Expectations and Preferences in an IoT World
- Co-authors: Sruti Bhagavatula (Carnegie Mellon University), Hana Habib (Carnegie Mellon University), Martin Degeling (Carnegie Mellon University), Lujo Bauer (Carnegie Mellon University), Lorrie Faith Cranor (Carnegie Mellon University), Norman Sadeh (Carnegie Mellon University)
- Yang Wang, Syracuse University, Privacy Violations in Crowd Work
- Co-authors: Huichuan Xia (Syracuse University), Yun Huang (Syracuse University), Anuj Shah (Carnegie Mellon University)
Moderator: Kristen Anderson
Attorney, Federal Trade Commission, Division of Privacy and Identity Protection12:40 pm
Lunch and Poster Session
1:40 pm
Session 3: Economics, Markets, and Experiments
- Ying Lei Toh, Toulouse School of Economics, Incentivizing Firms to Protect Consumer Data: Can Reputation Play a (Bigger) Role?
- Sasha Romanosky, RAND Corporation, Content Analysis of Cyber Insurance Policies: How do carriers price cyber risk?
- Co-authors: Lillian Ablon (RAND Corporation), Andreas Kuehn (RAND Corporation), Therese Jones (RAND Corporation)
- Jaspreet Bhatia, Carnegie Mellon University, Empirical Measurement of Perceived Privacy Risk
- Co-author: Travis D. Breaux (Carnegie Mellon University)
- Caleb Fuller, Grove City College, Is the Market for Digital Privacy a Failure?
- Christian Catalini, Massachusetts Institute of Technology, The Digital Privacy Paradox: Small Money, Small Costs, Small Talk
- Co-authors: Susan Athey (Stanford University), Catherine Tucker (Massachusetts Institute of Technology)
Moderator: Yan Lau
Economist, Federal Trade Commission, Bureau of Economics3:00 pm
Break
3:30 pm
Session 4: Tools and Ratings for Privacy Management
- Periwinkle Doerfler, New York University, The Spyware Used in Intimate Partner Surveillance
- Co-Authors: Rahul Chatterjee (Cornell Tech), Hadas Orgad (Technion), Sam Havron (Cornell University), Jackeline Palmer (Hunter College), Diana Freed (Cornell Tech), Karen Levy (Cornell University), Nicola Dell (Cornell Tech), Damon McCoy (New York University), Thomas Ristenpart (Cornell Tech)
- Saksham Chitkara, Carnegie Mellon University, Does this App Really Need My Location? Context-Aware Privacy Management for Smartphones
- Co-authors: Nishad Gothoskar (Carnegie Mellon University), Suhas Haris (Carnegie Mellon University), Jason I. Hong (Carnegie Mellon University), Yuvraj Agarwal (Carnegie Mellon University)
- Ian Douglas, Office of the Privacy Commissioner of Canada, Getting a Pulse on Internet of Things Privacy: Privacy Ratings for Internet-Enabled Health and Medical Devices
- Katie McInnis, Consumers Union, Evaluation of the Privacy and Security Aspects of Connected Televisions
- Norman Sadeh, Carnegie Mellon University, Assisting Users in a World Full of Cameras: A Privacy-aware Infrastructure for Computer Vision Applications
- Co-authors: Anupam Das (Carnegie Mellon University), Martin Degeling (Carnegie Mellon University), Xiaoyou Wang (Carnegie Mellon University), Junjue Wang (Carnegie Mellon University), Mahadev Satyanarayanan (Carnegie Mellon University)
Moderator: Mark Eichorn
Assistant Director, Federal Trade Commission, Division of Privacy and Identity Protection4:50 pm
Closing Remarks
Neil Chilson
Acting Chief Technologist, Federal Trade CommissionFileAgenda (249.29 KB) - Steven Englehardt, Princeton University, I never signed up for this! Privacy implications of email tracking
- FileSpeakers Bios (214.05 KB)
-
Event Materials
FileFileFileWang - Privacy Violations in Crowd Work (592.48 KB)FileFileFileFileFileFileFileFileprivacycon_worldofcameras_das2.pdf (2.11 MB)Fileprivacyconbugfixesprivacyleakssubmission.pdf (657.46 KB)Fileconsumer_reportrerecich.pdf (217.98 KB)Fileprivacycon_apps_location_chitkara.pdf (2.73 MB)Fileprivacycon_mechanical_turk.pdf (1.5 MB)Fileprivacycon_iftttrecipes_surbatovich.pdf (6.45 MB)Fileprivacycon_emailprivacy_englehardt.pdf (871.42 KB)Filep155407privacyconbhatia.pdf (1.03 MB)Filep155407privacyconmislove.pdf (1.91 MB)Fileprivacycondigitalprivacy_fuller.pdf (292.34 KB)
-
Location