PrivacyCon 2019

Thursday, June 27, 2019 | 9:00AM

Constitution Center
400 7th St SW Washington DC 20024

Tags:

Event Description

The FTC hosted its fourth annual PrivacyCon on June 27, 2019. For PrivacyCon 2019, the FTC was seeking research presentations on a wide range of consumer privacy and security issues, with a particular focus on the economics driving those issues. The call for presentations sought empirical research responding to several questions, including:

What new privacy and security issues arise from emerging technologies such as the Internet of Things, artificial intelligence, and virtual reality?
What are the greatest threats to consumer privacy today?
How can one quantify the costs and benefits to consumers of keeping data about them private?
What are the incentives for manufacturers and software developers to implement privacy and security by design in their goods or services and keep security up to date?
Is there evidence that the market is able to provide efficient levels of privacy and data security?

Information on how to submit a presentation can be found in the call for presentations. The deadline for submissions was March 15, 2019.

PrivacyCon was free and open to the public, and will be held at the FTC’s Constitution Center Office, located at 400 7th St., SW, Washington, DC. PrivacyCon was also webcast live.

Disability accommodation

We welcome people with disabilities. The FTC will accommodate as many attendees as possible; however, admittance will be limited to seating availability. Reasonable accommodations for people with disabilities are available upon request. Requests for accommodations should be submitted to Elizabeth Kraszewski via email at ekraszewski@ftc.gov or by phone at (202) 326-3087. Such requests should include a detailed description of the accommodation needed. In addition, please allow at least five business days advance notice for accommodation requests; last minute requests will be accepted but may not be possible to accommodate.

Agenda

8:15 am	Registration
9:15 am	Welcome and Opening Remarks Joseph J. Simons Chairman, Federal Trade Commission
9:30 am	Session 1: Privacy Policies, Disclosures, and Permissions Yan Shvartzshnaider, New York University and Princeton University, Privacy Policies Through the Lens of Contextual Integrity Co-authors: Noah Apthorpe (Princeton University), Nick Feamster (Princeton University), Helen Nissenbaum (Cornell Tech) Kassem Fawaz, University of Wisconsin-Madison, Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning Co-authors: Hamza Harkous (École Polytechnique Fédérale de Lausanne), Rémi Lebret (École Polytechnique Fédérale de Lausanne), Florian Schaub (University of Michigan), Kang G. Shin (University of Michigan), Karl Aberer (École Polytechnique Fédérale de Lausanne) Justin Brookman, Consumer Reports, Data Collection Practices of Large Online Platforms Christine Utz, Ruhr University Bochum, We Value Your Privacy . . . Now Take Some Cookies: Measuring the GDPR’s Impact on Web Privacy Co-authors: Martin Degeling (Ruhr University Bochum), Christopher Lentzsch (Ruhr University Bochum), Henry Hosseini (Ruhr University Bochum), Florian Schaub (University of Michigan), and Thorsten Holz (Ruhr University Bochum) Jonathan Schubauer, Indiana University, Apps, Code, Culture, and Privacy Reform: Examining Influences on Android Permissions Co-authors: David Argast (Indiana University), L. Jean Camp (Indiana University), and Sameer Patil (Indiana University) Moderators: Mark Eichorn Assistant Director, Federal Trade Commission, Division of Privacy and Identity Protection Jamie Hine Attorney, Federal Trade Commission, Division of Privacy and Identity Protection
10:50 am	Break
11:20 am	Session 2: Consumer Preferences, Expectations, and Behaviors Katie McInnis, Consumer Reports, Evaluation of Historical Data Regarding Consumers’ Understanding, Behavior, and Attitudes on Digital Privacy and Online Tracking Mahmood Sharif, Carnegie Mellon University, Comparing Hypothetical and Realistic Privacy Valuations Co-authors: Joshua Tan (Carnegie Mellon University), Sruti Bhagavatula (Carnegie Mellon University), Matthias Beckerle (Carnegie Mellon University), Michelle L. Mazurek (University of Maryland), Lujo Bauer (Carnegie Mellon University) Noah Apthorpe, Princeton University, Evaluating the Contextual Integrity of Privacy Regulation: Parents’ IoT Privacy Norms Versus COPPA Co-authors: Sarah Varghese (Princeton University), Nick Feamster (Princeton University) Kristen Walker, California State University Northridge, The Role of Cognitive Defense Strategies, Age, and Motivation in Children’s Privacy Protection Co-authors: J. Craig Andrews (Marquette University), Jeremy Kees (Villanova University) Yaxing Yao, Syracuse University, “What if?” Predicting Individual Users’ Smart Home Privacy Preferences and Their Changes Co-authors: Natã M. Barbosa (Syracuse University), Joon S. Park (Syracuse University), Yang Wang (Syracuse University). Moderators: Andrea Arias Attorney, Federal Trade Commission, Division of Privacy and Identity Protection Yan Lau Economist, Federal Trade Commission, Bureau of Economics
12:40 pm	Lunch
1:40 pm	Session 3: Tracking and Online Advertising Anupam Das, North Carolina State University, The Web’s Sixth Sense: A Study of Scripts Assessing Smartphone Sensors Co-authors: Gunes Acar (Princeton University), Nikita Borisov (University of Illinois at Urbana-Champaign), Amogh Pradeep (Northeastern University) Alessandro Acquisti, Carnegie Mellon University, Tracking Technologies and Publishers Revenues: An Empirical Analysis Co-authors: Veronica Marotta (University of Minnesota), Vibhanshu Abhishek (University of California Irvine) Catherine Han, U.C. Berkeley, Do You Get What You Pay For? Comparing the Privacy Behaviors of Free vs. Paid Apps Co-authors: Irwin Reyes (International Computer Science Institute (“ICSI”)), Amit Elazari Bar On (U.C. Berkeley), Joel Reardon (University of Calgary), Álvaro Feal (IMDEA Networks Institute/Universidad Carloss III de Madrid), Kenneth A. Bamberger (U.C. Berkeley), Serge Egelman (U.C. Berkeley/ICSI), Narseo Vallina-Rodriguez (ICSI/IMDEA Networks Institute) Garrett Johnson, Boston University, Regulating Privacy Online: The Early Impact of the GDPR on European Web Traffic & E-Commerce Outcomes Co-authors: Samuel Goldberg (Northwestern University), Scott Shriver (University of Colorado Boulder) Cristobal Cheyre, Carnegie Mellon University, The Impact of GDPR on the Ad-Supported Content Providers Co-authors: Vincent Lefrere (University of Paris Sud), W. Logan Warberg (Carnegie Mellon University), Veronica Marotta (University of Minnesota), Alessandro Acquisti (Carnegie Mellon University) Moderators: Jamie Hine Attorney, Federal Trade Commission, Division of Privacy and Identity Protection James Thomas Economist, Federal Trade Commission, Bureau of Economics
3:00 pm	Break
3:30 pm	Session 4: Vulnerabilities, Leaks, and Breach Notifications Sasha Romanosky, RAND Corporation, Improving Vulnerability Remediation Through Better Exploit Prediction Co-Authors: Jay Jacobs (Cyentia), Idris Adjerid (Virginia Tech), Wade Baker (Virginia Tech) Elleen Pan, Northeastern University, Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications Co-authors: Jingjing Ren (Northeastern University), Martina Lindorfer (TU Wien), Christo Wilson (Northeastern University), David Chofnes (Northeastern University) Serge Egelman, U.C. Berkeley/ICSI, 50 Ways to Leak Your Data: An Exploration of Apps’ Circumvention of the Android Permissions System Co-authors: Joel Reardon (University of Calgary), Álvaro Feal (IMDEA Networks), Primal Wijesekera (U.C. Berkeley/ICSI), Amit Elazari Bar On (U.C. Berkeley), Narso Vallina Rodriguez (IMDEA Networks/ICSI) Yixin Zou, University of Michigan, Lengthy, Vague, and Inactionable: Issues with Data Breach Notifications and Implications for Public Policy Co-authors: Shawn Danino (University of Michigan), Kaiwen Sun (University of Michigan), Abraham H. Mhaidli (University of Michigan), Austin McCall (University of Michigan), Florian Schaub (University of Michigan) Moderators: Andrea Arias Attorney, Federal Trade Commission, Division of Privacy and Identity Protection Lerone Banks Technologist, Federal Trade Commission, Division of Privacy and Identity Protection

Agenda (206.59 KB)

File

Speaker Bios (193.03 KB)

Event Materials

File

Han - Do You Get What You Pay For? Comparing the Privacy Behaviors of Free vs. Paid Apps (696.56 KB)

File

Utz - We Value Your Privacy . . . Now Take Some Cookies: Measuring the GDPR’s Impact on Web Privacy (1008.4 KB)

File

Pan - Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications (628.81 KB)

File

Brookman - Data Collection Practices of Large Online Platforms (87.75 KB)

File

Fawaz - Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning (838.55 KB)

File

McInnis - Evaluation of Historical Data Regarding Consumers’ Understanding, Behavior, and Attitudes on Digital Privacy and Online Tracking (87.42 KB)

File

Walker - The Role of Cognitive Defense Strategies, Age, and Motivation in Children’s Privacy Protection (51.5 KB)

File

Sharif - Comparing Hypothetical and Realistic Privacy Valuations (1.85 MB)

File

Apthorpe - Evaluating the Contextual Integrity of Privacy Regulation: Parents’ IoT Privacy Norms Versus COPPA (3.5 MB)

File

Romanosky - Improving Vulnerability Remediation Through Better Exploit Prediction (533.87 KB)

File

Egelman - 50 Ways to Leak Your Data: An Exploration of Apps’ Circumvention of the Android Permissions System (277.14 KB)

File

Shvartzshnaider - Privacy Policies Through the Lens of Contextual Integrity (1000.45 KB)

File

Yao - “What if?” Predicting Individual Users’ Smart Home Privacy Preferences and Their Changes (846.15 KB)

File

Zou - Lengthy, Vague, and Inactionable: Issues with Data Breach Notifications and Implications for Public Policy (4.65 MB)

File

Session 1 - Privacy Policies, Disclosures, and Permissions (33.1 KB)

File

Shvartzshnaider - Privacy Policies Through the Lens of Contextual Integrity (646.79 KB)

File

Johnson - Regulating Privacy Online: The Early Impact of the GDPR on European Web Traffic & e-commerce Outcomes (969.84 KB)

File

Fawaz - Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning (6.86 MB)

File

Brookman - Data Collection Practices of Large Online Platforms (316.94 KB)

File

Utz - We Value Your Privacy ... Now Take Some Cookies: Measuring the GDPR‘s Impact on Web Privacy (787.88 KB)

File

Schubauer - Apps, Code, Culture, and Privacy Reform: Examining Influences on Android Permissions (319.67 KB)

File

Session 2 - Consumer Preferences, Expectations, and Behaviors (33.13 KB)

File

McInnis - Evaluation of Historical Data Regarding Consumers’ Understanding, Behavior, and Attitudes on Digital Privacy and Online Tracking (453.95 KB)

File

Sharif - Comparing Hypothetical and Realistic Privacy Valuations (392.23 KB)

File

Apthorpe - Evaluating the Contextual Integrity of Privacy Regulations: Parents’ IoT Privacy Norms Versus COPPA (8.07 MB)

File

Walker - The Role of Cognitive Defense Strategies, Age, and Motivation in Children’s Privacy Protection (651.37 KB)

File

Yao - "What if?" Predicting Individual Users’ Smart Home Privacy Preferences and Their Changes (489.09 KB)

File

Session 3 - Tracking and Online Advertising (33.76 KB)

File

Das - The Web’s Sixth Sense: A Study of Scripts Accessing Smartphone Sensors (1.05 MB)

File

Acquisti - Online Tracking and Publishers Revenues: An Empirical Analysis (374.06 KB)

File

Han - Do You Get What You Pay For? Comparing the Privacy Behaviors of Free vs. Paid Apps (642.38 KB)

File

Johnson - The online impact of privacy regulation: An early look at Europe’s GDPR (601.43 KB)

File

Cheyre - The Impact of GDPR on Ad-Supported Content Providers (259.89 KB)

File

Session 4 - Vulnerabilities, Leaks, and Breach Notifications (32.91 KB)

File

Romanosky - Improving Vulnerability Remediation Through Better Exploit Prediction (292.64 KB)

File

Pan - Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications (634.55 KB)

File

Egelman - 50 Ways to Leak Your Data:An Exploration of Apps’ Circumvention of the Android Permissions System (668.84 KB)

File

Zou - Lengthy, Vague, and Inactionable: Issues with Data Breach Notifications and Implications for Public Policy (1.56 MB)

Transcript - Files

File

Full Transcript of PrivacyCon 2019, Session 1 (261.83 KB)

File

Full Transcript of PrivacyCon 2019, Session 2 (252.9 KB)

Videos

PrivacyCon 2019 - Part 1

PrivacyCon 2019 - Part 2

Location

Constitution Center

Search or browse the Legal Library

Take action

Competition Matters Blog

Search or browse the Legal Library

Take action

Feature

Vision and Priorities

Technology Blog

Advice and Guidance

Take action

Servicemembers: Your tool for financial readiness

Get consumer protection basics, plain and simple

Learn how the FTC protects free enterprise and consumers

Looking for competition guidance?

Latest News

Upcoming Event

Follow us on social media

Feature

Latest Data Visualization

Featured

Meet the Chair

PrivacyCon 2019

Event Description

Disability accommodation

Registration

Welcome and Opening Remarks

Session 1: Privacy Policies, Disclosures, and Permissions

Break

Session 2: Consumer Preferences, Expectations, and Behaviors

Lunch

Session 3: Tracking and Online Advertising

Break

Session 4: Vulnerabilities, Leaks, and Breach Notifications

Event Materials

Transcript - Files

Videos

Location

Search or browse
the Legal Library

Search or browse
the Legal Library

Servicemembers:
Your tool for financial readiness