PEPR '23 Conference Program

All sessions will be held in the Santa Clara Ballroom unless otherwise noted.

Attendee Files 
PEPR '23 Attendee List (PDF)

Monday, September 11

7:45 am–8:45 am

Continental Breakfast

Mezzanine East/West

8:45 am–9:00 am

Opening Remarks

Divya Sharma, Google; Blase Ur, University of Chicago

9:00 am–10:25 am

Privacy Infrastructure

Room Captain: Tariq Yusuf

Designing a Private Logging Pipeline

Monday, 9:00 am9:15 am

Mekhola Mukherjee and Thomas Vannet, Google

Available Media

Designing and deploying world-scale logging pipelines on mobile devices while respecting user privacy is a challenging problem. Privacy engineers must find ways to enable critical data collection and at the same time ensure that the data has transparency and control. We will go over core principles and technical measures privacy engineers can use to achieve these goals. We will show how these principles and techniques help with policy enforcement and transparency. In the context of logging, we will discuss client and server-side checks, both static through annotations and at runtime. We will also go through some examples of data minimization, pseudonymization, anonymization and other privacy preserving techniques. This talk is partly motivated by our experience working on logging pipelines on Android at Google.

Mekhola Mukherjee, Google

Mekhola Mukherjee and Thomas Vannet are privacy engineers working on Android at Google. There, they work on privacy infrastructure, logging and policy to support the development of the Android platform, and a number of Google applications. They are passionate about differential privacy, cryptography, and machine learning privacy.

Counting with STAR: Shipping a Privacy-Preserving Telemetry System to Millions of Users

Monday, 9:15 am9:35 am

Shivan Kaul Sahib, Brave Software

Available Media

This talk will focus on how Brave researched, developed and scaled an efficient and cheap privacy-preserving telemetry system (called STAR) which formalizes privacy guarantees related to data collection. STAR presents developers with parameters which can be tuned depending on the sensitivity of the data being collected, and unlocks a wide variety of use-cases which were previously too risky to consider. The talk starts by describing how we evaluated currently deployed options and why they were insufficient. Then, we will talk about the applied research => shipping in production pipeline and give examples of the various use-cases solved by a privacy-friendly telemetry system, and conclude with lessons learned along the way and how we would do things differently in the future.

Shivan Kaul Sahib, Brave Software

Shivan Kaul Sahib is a Senior Research & Privacy Engineer at Brave Software, where he focuses on developing privacy features in the browser and conducting privacy reviews across the company. He is active in the IETF and W3C and previously worked on DNS traffic encryption and consent tooling, among other things. He has a keen interest in public interest technology and frequently engages with civil society, currently serving on the Advisory Council for the Open Technology Fund (OTF).

WhatsApp Key Transparency

Monday, 9:35 am9:50 am

Kevin Lewi, Meta

Available Media

Earlier this year, WhatsApp announced their plans to launch key transparency for all WhatsApp users. Key transparency solutions help strengthen the guarantee that end-to-end encryption provides to private, personal messaging applications in a transparent manner available to all. In this presentation, we will cover how key transparency works, what the improved end user experience is for those wishing to verify their contacts' public keys, and various deployment challenges and considerations we encountered when building our key transparency system. We also have released an open-source library called Auditable Key Directory (AKD) which we use in our deployment, and can potentially serve as a reference point for others that wish to deploy key transparency in the future.

Kevin Lewi, Meta

Kevin Lewi is a software engineer at Meta. He has worked on the development of the OPAQUE protocol and its integration into WhatsApp's encrypted backups feature. Before joining Meta, he completed his PhD in applied cryptography at Stanford University, advised by Dan Boneh.

Algorithmic Transparency in Personalized Advertising: Learnings from Building "Why Am I Seeing This Ad?"

Monday, 9:50 am10:10 am

Xuanting Cai, Rajesh Shenoy, and Anuj Gupta, Meta Platforms

Available Media

In February 2023, Meta started rolling out the next iteration of the “Why am I seeing this ad?” product globally. This product was created nearly a decade ago to give people information about how ads are chosen to be shown across our applications. The update makes a step change in transparency by including information about how we use machine learning to show people ads. This work was initiated based on feedback received from users, external privacy experts and policy stakeholders on transparency changes they would like to see in our ads system.

There are several challenges we faced in building the system. First, the feature space used in ads models are extremely complex and the models makes nonintuitive connections between user activity and ads. These makes it difficult to explain the model's result in a human understandable way. Second, ad systems use complex objective function to chain machine learning models. Finally, for the product use case, we needed to provide an explanation while the user is browsing an ad in around 1-2s.

We will discuss how we addressed these challenges, the metrics we used to direct our work and learnings from our production launch.

Xuanting Cai, Meta Platforms

Xuanting Cai is a software engineer at Meta Platforms, Incorporated. Xuanting Cai earned his Ph.D. in Mathematics from Louisiana State University and B.S. in Mathematics and Economics from Peking University. Before joining Meta, he worked at and Google as a software engineer.

Rajesh Shenoy, Meta Platforms

Rajesh Shenoy is an Engineering Manager for the ML Explainability product team at Meta. Prior to this role, he has worked on building machine learning systems in search, advertising, conversational AI and computer vision.

Anuj Gupta, Meta Platforms

Anuj leads ML explainability products at Meta Platforms, Incorporated, and is focused on increased Ads transparency for users. Prior to joining Meta, Anuj was working with Amazon Web SErvices on launching multiple AI/ ML products and with Google on its advertising platform Google Ads. Anuj has extensively blogged and presented at multiple conferences about applications of ML/ AI in different domains.

Demystifying Access Control in the Modern Data Warehouse

Monday, 10:10 am10:25 am

Viraj Thakur, Cruise

Available Media

Access control in the modern data warehouse is dizzyingly complex. Nested groups, inherited roles, and legacy permission models are just a few of the challenges we encountered at Cruise during our efforts to demystify cloud Identity and Access Management (IAM) in BigQuery. Access to read data is provisioned across many different roles and groups, in cloud service consoles and IaaS tools, with no universal source of truth. We built an internal tool, xray, to answer two questions:

  1. Who has read access to a given BigQuery resource?
  2. How are they getting this access (from what role and group)?

We have leveraged this tool to remediate overprovisioned access and enforce our need-based access policies for sensitive data. This talk will present the need for a software solution to audit cloud IAM, discuss the technical specifications of our solution, and provide examples of how we use xray to mitigate privacy risk at Cruise.

Viraj Thakur, Cruise

Viraj Thakur is a senior software engineer on the Privacy Infrastructure team at Cruise. Viraj builds tools and services to enable privacy and data protection as Cruise scales. His past projects include Cruise's in-house data map, access control management and enforcement, and Cruise's DSAR workflow.

10:25 am–10:55 am

Break with Refreshments

Mezzanine East/West

10:55 am–12:15 pm

Differential Privacy

Room Captain: Giles Douglas, Betteromics

How to Break, Then Fix, Differential Privacy on Finite Computers

Monday, 10:55 am11:15 am

Damien Desfontaines and Samuel Haney, Tumult Labs

Available Media

Differential privacy is, in many ways, like cryptography: even though its basic building blocks are conceptually simple, their implementation can be surprisingly tricky. This talk presents the result of our applied research about floating-point vulnerabilities on differential privacy implementations. First, we explain what it means for differential privacy software to be vulnerable to attacks, and how to reason about the severity of such vulnerabilities. Second, we present precision-based attacks, a new class of vulnerabilities which affects several open-source libraries. Finally, we outline a new technique to address this vulnerability, and all other possible attack vectors based on floating-point behavior.

Damien Desfontaines, Tumult Labs

Damien works as a Scientist at Tumult Labs, a startup focusing on making it easier to share or publish insights from sensitive data, using differential privacy. He previously led the anonymization consulting team at Google, and got his PhD in Computer Science from ETH Zurich.

Samuel Haney, Tumult Labs

Sam works as a Scientist at Tumult Labs. Before that, he got his PhD in Computer Science from Duke University.

Plume: Differential Privacy at Scale

Monday, 11:15 am11:30 am

Alex Kulesza, Google

Available Media

Differential privacy has become the standard for private data analysis, and an extensive literature now offers differentially private algorithms for a wide variety of problems. However, translating these algorithms into practical systems often requires confronting details that the literature ignores or abstracts away: users may contribute multiple records, the domain of possible records may be unknown, and the eventual system must scale to large volumes of data. Failure to account for such issues can severely impair quality and usability. We present Plume, a system built to address these challenges. We describe a number of subtle implementation issues and offer practical solutions that, together, make an industrial-scale system for differentially private data analysis possible. Plume is currently deployed at Google and is routinely used to process datasets with trillions of records.

Alex Kulesza, Google

Alex Kulesza is a research scientist at Google studying the theory and practice of differential privacy.

Communicating Differential Privacy Guarantees to Data Subjects

Monday, 11:30 am11:45 am

Priyanka Nanayakkara, Northwestern University

Available Media

Differential privacy (DP) is a notion of privacy that has quickly achieved widespread adoption, for example by the U.S. Census Bureau, Google, Apple, Microsoft, and Uber. While DP has the potential to provide strong privacy protections, its actual guarantees depend on key implementation details, such as the privacy loss budget and deployment model (e.g., local vs. central). However, these details are seldom communicated to data subjects, limiting their ability to make informed data-sharing decisions. Therefore, to reduce the opaqueness of DP protections, we are developing portable explanations of DP.

In this talk, I will briefly describe existing strategies for explaining DP currently used in industry. Then, I will present explanations that convey the probabilistic nature of DP's guarantees and briefly touch on explanations that convey which information flows are restricted depending on the DP model used. The explanations presented can be readily employed to increase transparency around DP, and can inform communication around other privacy-enhancing technologies broadly.

This talk will be based on research conducted by Rachel Cummings, Gabriel Kaptchuk, Priyanka Nanayakkara, Elissa M. Redmiles, and Mary Anne Smart.

Priyanka Nanayakkara, Northwestern University

Priyanka Nanayakkara is a PhD candidate in computer science and communication at Northwestern University. She works at the intersection of privacy and visualization. Specifically, she designs and evaluates tools like interactive interfaces that make differential privacy usable for data curators, data analysts, and data subjects. During her PhD, Priyanka has also been a visiting researcher at Columbia University, a visiting graduate student at UC Berkeley's Simons Institute, and an intern at Microsoft Research.

Per-Record Privacy and Its Application to Heavy-Tailed Economic Data

Monday, 11:45 am12:00 pm

William Sexton, Tumult Labs

Available Media

The Economic Programs Directorate of the U.S. Census Bureau releases several data products detailing statistics about establishments that need to be protected using privacy methods like differential privacy (DP). However, due to the highly skewed nature of the data, standard DP algorithms permit little or no useful data to be released while ensuring the same level of privacy for all establishments. We present a new formal privacy framework, Per-Record Differential Privacy (PRDP) that provides a sliding scale privacy guarantees with small establishments receiving stronger privacy protections and large establishments receiving weaker privacy protections. We will discuss algorithms for an exemplar data product under PRDP and outline the advantages and limitations of this new approach to privacy for skewed data. This new privacy methodology was recently deployed as part of a demonstration data product for the Census Bureau's County Business Patterns data product.

William Sexton, Tumult Labs

William Sexton is a scientist at Tumults Labs, where he has contributed to the development of privacy algorithms for several projects with the U.S. Census Bureau including County Business Patterns and the Detailed and Supplemental - Demographic and Housing Characteristics data products. Prior to joining Tumult, he was a researcher and developer at the US Census Bureau where he was part of the team that designed and implemented large-scale privacy technologies for the 2020 decennial census. He received his Ph.D. in Economics from Cornell University. He received a Bachelor's degree and a Master's degree in Mathematics from Brigham Young University.

Designing the Pilot Release of Israel's National Registry of Live Births: Reconciling Privacy with Accuracy and Usability

Monday, 12:00 pm12:15 pm

Shlomi Hod, Boston University

Available Media

In July 2023, the Israeli Ministry of Health made a differentially private release of the National Registry of Live Births for the year 2014. The data holds significant value for various stakeholders for multiple purposes, including demographic analysis, scientific research and policy-making. Nonetheless, releasing such data poses a privacy challenge, because medical and governmental data contain sensitive information on birthing people and newborns.

In this talk, we present how we co-designed the data release together with the stakeholders to fulfill four main requirements: (1) affordance of tabular format via synthetic data; (2) data quality concerning statistical analysis; (3) record-level faithfulness between released data and original data; and (4) privacy as a rigorous state-of-the-art guarantee and as stakeholders' expectation.

Ultimately, we will discuss the outlook for co-design approaches for PET-based data releases.

Authors: Shlomi Hod, Ran Canetti

Shlomi Hod, Boston University

Shlomi Hod is a computer science Ph.D. student working on Responsible AI at Boston University, advised by Prof. Ran Canetti. He is interested in designing differentially private data releases, developing interpretability methods for neural networks, and bridging the gap between CS & Law. In the last four years, Shlomi has taught the course "Responsible AI, Law, Ethics and Society" in academia, government and industry. He interned at Twitter, where he leveraged human-in-the-loop techniques to improve toxicity models. In his previous life, Shlomi was a social entrepreneur, and before that, he led a data science and cybersecurity research team.

12:15 pm–1:30 pm


Terra Courtyard

1:30 pm–3:15 pm

Privacy Programs and Lessons

Room Captain: Nandita Narla, DoorDash

Bad Metrics and Very Bad Decisions

Monday, 1:30 pm1:50 pm

Lea Kissner, Lacework

Available Media

Metrics help people make decisions. Most of the time, these are better decisions. But shockingly often, especially when privacy is in play, they are terrible decisions. These bad metrics are used by product teams trying to make their product better and making unknowingly terrible privacy calls, but they're also coming from inside the house: a preponderance of privacy program management is flat-out wrong. If your metrics are telling you to do something, how do you know they're pointing you in the wrong direction?

Lea Kissner, Lacework

Lea is the CISO of Lacework. They work to build respect for users into products and systems through deeply-integrated security and privacy. They were previously the CISO and Head of Privacy Engineering at Twitter, Global Lead of Privacy Technology at Google, came in to fix security and privacy at Zoom, and CPO of Humu. They earned a Ph.D. in computer science (with a focus on cryptography) at Carnegie Mellon University and a BS in electrical engineering and computer science from UC Berkeley.

Privacy in the Public Sector: Lessons Learned and Strategies for Success

Monday, 1:50 pm2:10 pm

Alan Tang and Anshu Singh, GovTech Singapore

Available Media

As governments and businesses continue to digitalise, the need for tight integration between technology and data privacy standards is more critical than ever.

This talk will explore lessons learned and strategies for success by GovTech Singapore in building a privacy toolkit for the public sector. This toolkit (known as enCRYPT), which aims to simplify and democratize privacy-enhancing technologies for non-technical users, has been adopted by over 80 government agencies.

We will discuss challenges encountered during the development process - such as ensuring tight policy-tech integration, balancing between utility and user experience, and building a product in the context of an evolving data privacy regime. We will also touch on our initiatives in Differential Privacy from theory to practice. Attendees will come away with a better understanding of how to build privacy tools for to meet public sector use cases, and strategies to navigate the unique challenges of working in this space.

Alan Tang, GovTech Singapore

Alan is the Lead Product Manager of GovTech Singapore's Data Privacy Protection Capability Centre, which aims to harness and scale the benefits of privacy-enhancing technologies for the public sector. He led a team of technologists to conceptualise and develop enCRYPT, a central privacy toolkit that has helped over 80 government agencies to share data safely. Prior to joining GovTech, Alan was a cybersecurity professional, where he represented Singapore at the UN and was part of the national COVID-19 Cybersecurity Taskforce. He is passionate about working at the intersection of policy and technology for the public good.

Anshu Singh, GovTech Singapore

Anshu is the Research Engineer of GovTech Singapore's Data Privacy Protection Capability Centre, focusing on the research and development of privacy-enhancing technologies to protect citizens' privacy. Prior to joining GovTech, she spent 2 years in AI research, specifically at the intersection of computer vision and privacy, at the NUS Centre for Research in Privacy Technologies (N-CRiPT). She earned her master's degree in AI from NUS.

Privacy Programs and Reviews

Room Captain: Nandita Narla, DoorDash

Privacy-Preserving Analytics on the Ground

Monday, 2:10 pm2:25 pm

Ryan Steed, Carnegie Mellon University

Available Media

In theory, techniques for privacy-preserving analytics (PPA) offer organizations an opportunity to maintain and expand access to valuable data without compromising individuals' privacy. In practice, the adoption of these techniques is not straightforward---small differences in engineering and design can have great impacts on the kind of privacy realized---and little work examines what leads organizations to pursue PPA. Applying grounded theory to interviews of 25 practitioners and decision-makers at data-focused corporations, startups, non-profits, and government agencies, we outline the drivers and processes determining whether and how organizations adopt privacy-preserving analytics. Our participants describe how their organizations pursue PPA techniques to preempt regulation and gain an edge over competitors. In particular, these practitioners describe their role in interpreting legal requirements and promises to consumers into technical designs. We explore how this contested process of interpretation---influenced by managerial interests and personal ethics---shapes privacy-preserving analytics and privacy regulation.

Authors: Ryan Steed, Alessandro Acquisti

Ryan Steed, Carnegie Mellon University

Ryan Steed is a PhD student at Carnegie Mellon's Heinz College of Information Systems and Public Policy. His research leverages empirical methods to examine privacy and equity in algorithmic systems, especially in relation to tech policy and governance. His current work examines the practical applications and impacts of algorithmic techniques for privacy-preserving analytics.

How to Utilize Your Red Team for Privacy

Monday, 2:25 pm2:45 pm

David Renardy, Meta

Available Media

Offensive security is well established within the security domain where it can help organizations better understand their security risk profile, but what about offensive privacy? Meta's Privacy Red Team presents:

  • How does a privacy-focused red team operation differ from that of a traditional security operation
  • How do you plan and run a privacy focused red team operation
  • How can the findings of a privacy red team operation strengthen your privacy posture

Can you risk not running offensive privacy operations?

David Renardy, Meta

David Renardy is a Privacy Engineer on Meta's Privacy Red Team. He is interested in the Venn diagram of privacy and security, and ways in which offensive privacy actors are evolving in a world of big data. Prior to Meta, he worked in vulnerability research, cryptography and mathematics. He received his PhD in Mathematics from the University of Michigan in 2016.

Operationalizing and Scaling Snap's Privacy Architecture

Monday, 2:45 pm3:00 pm

Akshatha Gangadharaiah and Maryam Shahid, Snap Inc.

To support the growing global Snapchat community, it was imperative for Snap to scale up their privacy program to ensure that privacy standards are consistently applied across Snap's products and services, while expanding into new geographies with continuing user growth. Snap's privacy program that started with manual checklists and inter-personal follow-ups had to mature rapidly through automation and standardization given Snap's growing community and in the face of increasing regulatory privacy requirements.

Over the years, we developed internal tooling that efficiently applies consistent privacy standards across all products at Snap. This includes a privacy review tool that provides an easy-to-use interface for product teams to engage with the privacy team on requirements, a data cataloging tool that creates and maintains a catalog of “what data is stored where” for Exabytes of data, an access control tool that gates who can access what data, to a data deletion tool that ensures data correctly expires at the end of its lifecycle. In this talk, we will discuss Snap's journey of operationalizing and scaling our privacy architecture.

Akshatha Gangadharaiah, Snap Inc.

Akshatha Gangadharaiah is the lead of Data Governance at Snap. She has been working on privacy and governance solutions at Snap for the last 4 years. She holds a Master's degree in Computer Science from University of California, San Diego.

Maryam Shahid, Snap Inc.

Maryam Shahid is a privacy engineer at Snap. She holds a Master's degree in Computer Science and Technology & Policy from MIT.

A People-First Approach to Introducing Process and Tools for Technical Privacy Review

Monday, 3:00 pm3:15 pm

Ryan Tenorio, Brex

Available Media

Technical privacy review ensures privacy needs are met throughout the product life cycle. From engineers looking for feedback to legal counsel completing DPIAs, the long list of stakeholders makes implementing a review program that is valuable to all audiences a challenge. By first understanding the needs of all stakeholders, the privacy engineer can determine what process is necessary to properly frame discussions around privacy harms and controls. By seeing how privacy review processes inform the actions of the people they serve, tools can be implemented to reduce friction, automate common needs, and scale a privacy program alongside its organization.

This lessons-learned talk will cover examples of how to take this people-first approach to technical privacy review through the use of working groups, review processes that work alongside engineers and other stakeholders, and tools that enable privacy review outcomes throughout the product life cycle.

Ryan Tenorio, Brex

Ryan Tenorio started his software engineering career working on anti-cheat solutions in the gaming industry. After receiving a master's degree in information and cybersecurity from UC Berkeley, he pivoted into a career in privacy as a privacy engineer at Meta focused on privacy incident response. He now works at Brex, covering all technical aspects of their privacy program.

3:15 pm–3:45 pm

Break with Refreshments

Mezzanine East/West

3:45 pm–4:35 pm

Data Access

Room Captain: Behrooz Shafiee, Stripe

Data Access Automation at Scale

Monday, 3:45 pm4:00 pm

Miró Khalifa, Meta

Available Media

The right for users to obtain a copy of their personal data is a fundamental privacy expectation that should be respected, even as the data is stored in various systems and databases supported by many engineering teams.

In this talk, we describe a reliable system built to enable self-service data access for users across Meta's applications. We focus on utilizing data annotations and schematization to automate data access decisions, ensuring the protection of user data access rights while optimizing the engineering time required to create new products and features.

Miró Khalifa, Meta

Miró is a software engineer in the privacy team at Meta. He previously led the Data Protection Services team at Dell and holds an MSc in Computer Engineering and Systems. At Meta, his focus is on building automation for privacy expectations, particularly in the area of Data Access. He ensures the reliability of the infrastructure and promotes widespread enforcement of privacy solutions while optimizing engineering time.

Building a Complete Export Ecosystem—From DSAR Automation to Privacy Center

Monday, 4:00 pm4:15 pm

Pankaj Mohapatra, Uber

Available Media

Data privacy rights are becoming more urgent as the expansive CPRA, requires companies to deploy effective and scalable compliance. Most companies don't want to reveal what they're building or the details of how they plan to comply with these requirements – speaking publicly is still taboo in our industry.

At Uber, we progressively increased the sophistication of our processes and platform with the growing scope of regulations and user demand for DSARs. We faced several unexpected challenges that ultimately helped us steer the entire effort in an actionable direction.

We have built an in-house DSAR Automation tool to support compliance, regulations, scale, and optimize cost. But the story does NOT end here. We have also launched many self-services, real-time web flows, and an extensive and impressive Privacy Center along with products like Explore-Your-Data and Download-Your-Data. Our goal is to develop a comprehensive export ecosystem with the aim of enhancing user trust.

Pankaj Mohapatra, Uber

Pankaj Mohapatra is a Software Engineer in the technical privacy team at Uber. Prior to Uber he worked at PayPal and did a couple of stints at Startups. After working on problems ranging from reliability, risk, ML platform, product and data platform his new interest is to solve engineering challenges around privacy at scale. Currently at Uber his concentration ranges from tackling general backend scaling issues to efficiently querying user data in a mammoth data lake as a part of export ecosystems.

Securing and Standardizing Data Rights Requests with a Data Rights Protocol

Monday, 4:15 pm4:35 pm

Ryan Rix, Consumer Reports Innovation Lab

Available Media

There is no standard and secure way to exchange data rights requests under the law and it's hard and time-consuming for consumers and companies alike. We think there should be a better way to process data rights requests that's streamlined and inexpensive.

A standard protocol that formalizes the components of a data rights request would allow for more consistency and efficiency for both consumers submitting requests and companies processing them. That's why Consumer Reports is incubating a Data Rights Protocol with a consortium of companies committed to strengthening consumer data rights. In this presentation we will describe the components of the Data Rights Protocol and how a system overlapping business, legal, and technical rules can streamline Data Rights requests.

This is the work of Ginny Fahs at the Consumer Reports Innovation Lab, Dazza Greenwood with, and Ryan Rix.

Ryan Rix, Consumer Reports Innovation Lab

Ryan Rix is a software and systems engineer focused on privacy preserving software design and improving the state of the art in self-hosting small interoperable systems. After building GDPR Data Portability systems and Privacy by Design processes for Uber Technologies, Ryan has taken up independent privacy rights research leading to the design of the technical standard for the Data Rights Protocol. Ryan lives in the Pacific Northwest where he rides his bike and tweaks his Emacs configuration when not fighting for the users.

4:35 pm–4:50 pm

Short Break

Mezzanine East/West

4:50 pm–5:40 pm

MPC and Privacy for Everyone

Room Captain: Behrooz Shafiee, Stripe

Towards the Deployment of Secure Computation Tools in Genomics: A Sociotechnical Perspective

Monday, 4:50 pm5:05 pm

Natnatee "Ko" Dokmai, Yale School of Medicine

Available Media

The genomics community faces an increasing demand to leverage private data across institutional boundaries. Secure computation technologies, encompassing both trusted execution environments (TEEs) and secure multiparty computation (MPC) frameworks, promise to allow collaborative analysis while overcoming privacy concerns associated with genomic data sharing. However, discrepancies between real-world security needs and what these technologies provide present a key hurdle in deployment efforts. In this talk, I will present ideas for addressing this challenge from both technical and societal perspectives. First, I will describe our recent work on privacy-preserving genotype imputation using Intel SGX, which introduces new algorithmic strategies to provide resilience to side-channel vulnerabilities. Second, I will discuss an apparent disconnect in contextual norms and values between the conventional security models versus real-world settings in genomics. I will illustrate an alternative trust-based framework aimed at better aligning the tools with the institutional trust landscape and interests of human subjects. A sociotechnical design of privacy tools is crucial for realizing their potential in genomics.

Natnatee "Ko" Dokmai, Yale School of Medicine

Natnatee "Ko" Dokmai is a recent Ph.D. graduate in Computer Science from Indiana University, Bloomington and a Postdoctoral Fellow at the Yale School of Medicine. His research combines theoretical frameworks and methodological approaches from cryptography, computer security, bioinformatics, and science and technology studies to address the issue of building infrastructure for privacy and trust.

Protecting User Privacy in Private Set Intersection: A Journey Toward Mitigating User Tracking

Monday, 5:05 pm5:25 pm

Jian Du, TikTok

Available Media

Private Set Intersection (PSI) allows two parties, each holding an input set, to compute functions of corresponding values for shared set members, while maintaining the confidentiality of both the intersecting and non-intersecting elements. It has been used in applications such as ad providers and advertisers sharing privileged user behavior data to measure ad effectiveness, cloud storage operators detecting child exploitation material on users' encrypted cloud data, etc. A USENIX22' study found that common PSIs that disclose the intersection size can be vulnerable to attacks that exploit this disclosure, thereby revealing over 1% of one party's users to the other party in practical Ads measurement. To mitigate the risk of privacy leakage, we developed the DPCA-PSI protocol, which incorporates a novel PSI approach and a two-party differentially private (DP) mechanism, providing a secure means of computing intersection-related statistics from private datasets while preserving DP protection. DPCA-PSI is open-source and available to researchers and practitioners.

Authors: Jian Du, Haohao Qian, Bo Jiang, Yongjun Zhao, Shikun Zhang, and Qiang Yan

Jian Du, TikTok

Jian is a research scientist at TikTok, driving the research and development of privacy-enhancing technologies applied to TikTok's products.

At TikTok, Jian is leading the development of PrivacyGo, an open-source project available on GitHub (TikTok Privacy Innovation). PrivacyGo aims to synergistically fuse PETs to address real-world privacy challenges, such as combining secure multi-party computation and two-party differential privacy for enabling privacy-preserving ad measurement.

Prior to joining TikTok, Jian worked on PETs at Ant Financial and held a postdoctoral research position at Carnegie Mellon University.

Privacy for All: Achieving Inclusive Privacy in the Digital Age

Monday, 5:25 pm5:40 pm

Sri Pravallika Maddipati and Norbert Nthala, Google

Available Media

Inclusive privacy is an approach to privacy design that takes into account the needs of all users, regardless of their abilities, characteristics, needs, identities, or values. It is a shift away from the traditional approach to privacy, which focuses on protecting the privacy of the "average" user. Inclusive privacy acknowledges that different users have different privacy needs and seeks to ensure equitable protection of personal data, accounting for the diverse needs, identities and experiences.

The presentation will explore how privacy intersects with identity markers such as race, gender, sexuality, disability, and class, among others. By analyzing these intersections, we can develop a nuanced understanding of how privacy is experienced and perceived by individuals from different backgrounds. We will also examine the ways in which privacy policies and practices can either promote or hinder inclusivity. We will draw on case studies to illustrate how inclusive privacy can be operationalized in practice.

Sri Pravallika Maddipati, Google

Sri Maddipati is a Senior Privacy Engineer in Google's Privacy Trust response function handling incidents and setting up programs to mitigate incidents through incident metrics. Before joining Google, Sri was the first Privacy Engineer at Autodesk where she built the Privacy assessments and metrics program from the ground up. In her role at PwC she helped Fortune 500 companies build Security GRC programs and performed maturity assessments. She holds a Masters Degree in Cyber Security from Northeastern University, Boston.

Norbert Nthala, Google

Norbert is a Privacy engineer in Google's Privacy Trust response team. He is a self-motivated information security and privacy professional with over 6 years of broad experience in privacy, infrastructure security, networking engineering, management consulting and cyber security research. Expert at analyzing and identifying problems in complex socio-technical systems and designing appropriate security and privacy solutions to reduce risk and improve user experience and trust.

5:40 pm–7:30 pm

Conference Reception

Terra Courtyard

Tuesday, September 12

7:45 am–8:45 am

Continental Breakfast

Mezzanine East/West

8:45 am–10:10 am

Data Minimization

Room Captain: Nuria Ruiz,

Rethinking Data Minimization from a User-Centered Approach: A Paradigm Shift

Tuesday, 8:45 am9:00 am

Tanusree Sharma, University of Illinois at Urbana Champaign

Available Media

Data minimization is a legal and privacy-by-design principle mandating that online services collect only data that is necessary for pre-specified purposes. In traditional system-based approaches that attribute the sole responsibility for data minimization to service providers, it becomes vital to involve users in shaping the appropriate data compliance practices.

In this talk, I will talk about (a) current misunderstandings regarding data minimization among users, (b) surfaces how users reason about the necessity of data in relation to search result quality, and (c) impact of factors on user decision-making with regards to data minimization. The goal is to design actionable mechanisms that provide users with greater agency over their data through user-controlled data minimization.

Tanusree Sharma, University of Illinois at Urbana Champaign

Tanusree Sharma is a Ph.D. candidate in Informatics at the University of Illinois at Urbana Champaign. She works at the intersection of usable security and privacy and decentralized governance. Her research involves designing and developing frameworks and toolings to address issues around power dynamics, deliberative democracy, and transparency in emerging and complex socio-technical systems (DeFi, AI). She previously worked as a privacy engineer intern at Google and a research intern at Max Planck Institute for Security and Privacy.

Striking the Balance: Safeguarding Customer Privacy While Empowering Employees

Tuesday, 9:00 am9:15 am

Emily Greene, Moveworks

Available Media

Discover practical solutions for preserving customer privacy while empowering employees in the era of Large Language Models (LLMs). This talk discusses how to balance different employee use cases with privacy-protecting data handling solutions. We explore scenarios such as debugging, analytics, and machine learning, highlighting the unique challenges of LLMs to customer privacy. Drawing from real-world experiences at Moveworks, we showcase two effective solutions: automated data masking for de-identification and just-in-time, role-based access provisioning. By examining tradeoffs and sharing lessons learned, we demonstrate how LLMs can meet a business' goals while still preserving customer privacy. Join us to gain valuable insights into striking the right balance between safeguarding customer privacy and enabling employee productivity through broadly applicable privacy solutions.

Emily Greene, Moveworks

Emily Greene is a Security & Privacy Engineer at Moveworks, where she leads their data privacy and security. Emily specializes in the security and privacy of artificial intelligence (AI) systems. Her expertise extends to privacy-preserving machine learning (ML) techniques, such as evaluating ML models for privacy leaks. Emily brings valuable insights from her time at Amazon, where she spent 5 years owning application security for Alexa AI, building end-to-end security review and data protection solutions. Emily is dedicated to enabling forward-thinking organizations to prioritize customer privacy when using AI.

Health Privacy

Room Captain: Nuria Ruiz,

Reimagining User Authentication for Digital Health Services: A User-Centered Approach

Tuesday, 9:15 am9:30 am

Bo Kim, Memorial Sloan Kettering Cancer Center

Available Media

In healthcare settings, the Health Insurance Portability and Accountability Act (HIPAA) mandates strict data privacy and security protocols for protecting Patient Health Information (PHI). However, this has led to a conservative approach to user authentication that prioritizes institutional compliance over patient access to health information. The UX Design at the Memorial Sloan Kettering Cancer Center in New York collected survey responses from users of our electronic patient portal and found that login and account creation are major pain points affecting user satisfaction. This talk will explore the challenges faced by patients in accessing their health information and the need for user-centered privacy solutions in digital health services. I will discuss the impact of HIPAA on user authentication, the pain points experienced by electronic patient portal users, and potential solutions that prioritize user accessibility and usability. This talk will provoke engineers, designers, and policymakers to develop practical strategies for reimagining user authentication in healthcare settings from a user-driven approach, with a focus on protecting patients' data without compromising their access to care.

Bo Kim, Memorial Sloan Kettering Cancer Center

Bo Kim (she/her) is a User Experience Designer based in New York specializing in consumer and enterprise products in digital health. Her work at the Memorial Sloan Kettering Cancer Center has spanned from overseeing the design strategy of health consumer products to shaping the user experience of the clinical trial digitization process. Previous to her current role, she designed oncology data analytics products at Tempus, a biotech unicorn funded by Google.

Panel: The Future of the Privacy Landscape for Mobile Health Apps

Tuesday, 9:30 am10:10 am

Primal Wijesekera, ICSI & UC Berkeley; Kerry O'Brien, Federal Trade Commission; Alisa Frik, ICSI; Mohsin Khan, Oscar Health

The regulatory landscape surrounding the collection, use, and sharing of personal health information is complex and constantly evolving. Given the host of regulations that could be relevant to mobile health apps, it is not surprising that many developers and organizations are confused about or unaware of such regulations, and about how to comply. For example, when an ICSI research team systematically examined the data handling practices of over 300 Android telehealth apps from 35+ countries, we found that a significant portion are deploying event reporting. This potentially exposes highly sensitive health data to domains not equipped to handle health data. Such practices demonstrate a clear gap between the technical and regulatory realms. U.S. federal regulators, including DHHS and the FTC, have recently pushed to update regulations and improve enforcement, making these issues even more urgent.

This panel brings together stakeholders from the mobile health industry and the policy world, with researchers examining the technical and legal implications to explore challenges both developers and regulators face. The goal is to exchange ideas about how developers can address privacy/utility tradeoffs while complying with regulations, identify disconnects between stakeholders' understandings of both technology and policy and identify priorities for future research to support all stakeholders.

The research basis is a collaboration with Liam Webster (ICSI), Anniyat Karymsak (UC Berkeley), Julia Bernd (ICSI), Mitra Bokaei Hosseini (UTSA), and Mobin Javed (LUMS), along with Wijesekera, Martinez-Martin, and Frik.

Primal Wijesekera, ICSI & UC Berkeley

Primal Wijesekera is a staff research scientist in the Usable Security and Privacy Research Group at ICSI and also holds an appointment in the EECS at the University of California, Berkeley. His research focuses on exposing current privacy vulnerabilities and providing systematic solutions to meet the privacy expectations of consumers. He has extensive experience in mobile app analysis for privacy violations and implementing privacy protections for Android. He has published in top-tier security venues (IEEE S&P, USENIX Security and usable security and privacy venues (ACM CHI, SOUPS, PETS). He received his Ph.D. from the University of British Columbia, although he carried out his Ph.D. research at U.C. Berkeley. He also has a Masters from UBC in Distributed Systems and a BSc in CS from the University of Colombo, Sri Lanka. His research on privacy on mobile platforms has received the Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies, the USENIX Security Distinguished Paper Award, the AEPD Emilio Aced Personal Data Protection Research Award, and the CNIL-INRIA Privacy Award. He is a Co-PI on multiple NSF Projects.

Kerry O'Brien, Federal Trade Commission

Kerry O'Brien is the Regional Director of the Federal Trade Commission's Western Region in San Francisco. As a 33-year veteran at the FTC, Kerry has participated in a wide variety of Commission matters, many involving national and mobile advertising, deceptive privacy/data security policies, and various frauds and scams. Kerry supervises the San Francisco office's consumer protection and competition casework. She regularly speaks on a wide variety of consumer protection topics. Kerry received her bachelor's degree from Vassar College and her law degree from UC Davis School of Law, where she was a member of the Order of the Coif and Law Review.

Alisa Frik, ICSI

Alisa Frik, Ph.D., is a research scientist at the International Computer Science Institute (ICSI) and a member of the Berkeley Laboratory for Usable and Experimental Security (BLUES). She obtained a Ph.D. degree in Economics at the School of Social Sciences, University of Trento, Italy. Alisa applies her expertise in behavioral and experimental economics, decision-making, behavior change, and choice architecture to investigate privacy and security attitudes and behaviors of regular and vulnerable populations of online users. She explores how contextual and human factors, including trust, heuristics and biases, as well as behavioral interventions, affect users' behaviors and decisions. She focuses on mobile privacy and security, healthcare technologies, Internet of Things, digital advertising, and Artificial Intelligence systems.

Mohsin Khan, Oscar Health

Mohsin Khan is a seasoned data privacy expert with a deep focus on applications and data in the healthcare privacy domain. His experience spans implementing enterprise-wide privacy programs at Oscar Health Insurance to addressing critical privacy concerns in cloud computing, IoT, and mobile applications. Holding a JD and LLM, he is at the nexus of technology and privacy, ensuring the sanctity of personal information in our digital age. An active contributor to the International Association of Privacy Professionals (IAPP), he is passionate about the intersection of data, technology, and privacy.

10:10 am–10:40 am

Break with Refreshments

Mezzanine East/West

10:40 am–12:25 pm

Web Privacy

Room Captain: Shivan Kaul Sahib, Brave Software

Cookie Infrastructure at Meta

Tuesday, 10:40 am11:00 am

Katriel Cohn-Gordon, Meta

Available Media

If you run a website, you probably use cookies. To do this well, you need to make sure you know what cookies you set, enforce that you really don't set them before the user has agreed, prevent setting ones that users didn't agree to, enforce properties across all of your cookies, and minimise the developer overhead required to use them.

I'll talk about how we manage cookies at Meta, relying on a central cookie schema which is technically enforced via a simple developer-facing API. Developers statically declare the cookies that can be set on each domain, and only have access to read or write them via a central API which is aware of the user's choices. Since 3rd party cookies are set by other sites, we also make a schema for them, and use Content-Security-Policy (CSP) headers to block 3rd party embeds where a user hasn't agreed to them. The result is a system which is easy for developers to use but still lets us make strong technical guarantees about our cookie usage.

Katriel Cohn-Gordon, Meta

Katriel Cohn-Gordon is a software engineer on Meta's Privacy Infrastructure team, where he has worked on User Data Access, data transfers, cookies infrastructure, deletion, and other Privacy topics. Before moving to Meta he wrote pen-and-paper proofs for secure messaging protocols, and still dabbles in end-to-end encryption topics such as accountability for Javascript cryptography. He lives in London with his partner and a large collection of houseplants.

Looking beyond Prompts for Permissions in Chrome

Tuesday, 11:00 am11:20 am

Serena Chen, Google

Available Media

The modern web platform offers developers capabilities that are too risky to expose by default. We've collectively punted responsibility for that decision to users, relying almost entirely on prompt UIs. But as we scale the web with new capabilities, prompt UIs reveal their limitations. If we're to take the idea of user involvement seriously, we must make their control over the platform's feature set meaningful. We must balance information disclosure with ease of use, non-interruption with control, and consider both well-intentioned and malicious actors.

In this talk, we will walk through the challenges the Web platform faces and current limitations of permission prompts. We will share lessons learned from intervening on existing prompts to reduce annoyance, changing Chrome's permission prompts and how we've been working with browser engineers to design the capability with user intention in mind. Finally, we will share some novel UI patterns to nudge developers to provide more context for meaningful decisions.

Co-author: Marian Harbach, Google

Serena Chen, Google

Serena Chen is an Interaction Designer at Google Chrome. She is an ex-physicist/mathematician, one-time teen magazine editor, and hacker at heart. She spends her time at the intersection of usability and security and cares deeply about building technology for a kinder and more just world.

Using Content Security Policy for Privacy

Tuesday, 11:20 am11:35 am

Devin Lundberg, Pinterest

Available Media

Content Security Policy is a browser security feature to control what domains are allowed to load content on a given website. It is most commonly used for mitigating security issues like cross site scripting. At Pinterest, we also leverage this feature to protect the privacy of our users. In this talk, we will show how content security policy has given us better visibility into our inventory of third party sdks on our website and better protected our users by customizing our policy per consent options and user types. We will also walk through the pitfalls we encountered while deploying these changes across our web platform.—Open Source Tests of Web Browser Privacy

Tuesday, 11:35 am11:50 am

Arthur Edelstein,

Available Media is an open-source, comparative privacy audit of popular web browsers. The project subjects web browsers to automated leak tests and publishes the results weekly on a website and on social media. The goal of PrivacyTests is to help web browser users choose a more private browser, and to encourage browser makers to fix leaks of private information. The talk will describe how the tests work, how the test results are presented and shared, and the response from the community of users and developers.

Arthur Edelstein,

Arthur Edelstein has been working on web browser privacy since 2014. In 2021 he launched the project, to audit web browser privacy, and continues to maintain it independently up to the present day. Since 2022 he has also been separately working as a software engineer at Brave on new browser privacy protections.

Evolution of Privacy Pass at Cloudflare

Tuesday, 11:50 am12:10 pm

Thibault Meunier, Cloudflare

Available Media

Deploying privacy-enhancing protocols poses a fundamental challenge in balancing user privacy and abuse prevention. This talk explores the Evolution of Privacy Pass at Cloudflare, focusing on the tensions arising from the desire to protect user privacy while allowing legitimate users through. We will present the Privacy Pass technology, an emerging-standard and widely-deployed solution that addresses these conflicting demands.

This session begins by examining protocols like MASQUE, Oblivious HTTP, and the Distributed Aggregation Protocol, and highlights how Privacy Pass addresses the inherent conflict between user privacy and continuous operation of services. Concrete examples and real-world data will be provided to illustrate the practical benefits and limitations of the protocol.

Additionally, the talk will showcase ongoing developments by the Cloudflare Research team to broaden and extend Privacy Pass, with features and support for new and diverse attestation methods that extend beyond native clients.

Thibault Meunier, Cloudflare

Thibault is a research engineer working on distributed systems. He is focused on making emerging technologies interoperable with current web standards. At Cloudflare, he works on IPFS, Ethereum, and alternatives to CAPTCHA systems.

Spot the Fed: Mastodon, the Fediverse, and Why You Can't Run Servers Like It's 1999

Tuesday, 12:10 pm12:25 pm

Tariq Yusuf, Kalles Group

Available Media

With all the discussion of the federated internet, ActivityPub, "Web3", decentralization, and others, it can be tempting to run your own service entirely. Why wouldn't you run your own mail server? Your own social media server? Federated infrastructure provides a possibility for this but the world has changed a lot than just spinning up a server on your own. In this talk we'll discuss some of the more challenging elements of rolling your own services in 2023 including legal liability, content moderation, law enforcement requests, usability, and what needs to change for decentralization to take off.

Tariq Yusuf[node:field-speakers-institution]

Tariq is a technology policy, digital privacy, and security specialist with 8+ years of experience in the technology industry. He specializes in the intersection of privacy, engineering, legal, and policy, taking a cross-functional approach to problems facing both technology and society. He recently completed his Master in Jurisprudence from the University of Washington School of Law and received his Bachelor's in Computer Science from the Paul G. Allen School of Computer Science at the University of Washington in 2011.

12:25 pm–1:30 pm


Terra Courtyard

1:30 pm–3:00 pm

LLMs and AI

Room Captain: Madison Pickering, University of Chicago

Building Generative AI Products Responsibly at Snap Inc.

Tuesday, 1:30 pm1:45 pm

Ilana Arbisser and Sofia Calatrava, Snap Inc.

Generative AI models offer new opportunities and challenges for creating AI products responsibly. Existing literature in the field that focuses on the study of harmful or biased outcomes from AI and how to build AI responsibly has focused on discriminative models, where model performance can be evaluated across different demographic groups on objective measures. Generative AI models produce novel images and free-form text which require innovative methods for ensuring responsible product development and deployment. In this talk we discuss the approach we take at Snap for analyzing and correcting outcomes to create experiences that are high quality and comfortable for our community. We'll cover best practices including developing experiments to analyze and modify products before launch and ways to monitor product outcomes after launch using Snapchat's new chatbot, My AI, as a case study.

Ilana Arbisser, Snap Inc.

Ilana Arbisser: Ilana Arbisser, PhD, Stanford University (2018), is a privacy engineer at Snap Inc. She previously worked at Meta on AI infrastructure privacy compliance and at Cruise Automation on self-driving car safety.

Sofia Calatrava, Snap Inc.

Sofia Calatrava: Sofia Calatrava, Masters of Science, Columbia University (2019, 2022), is a Privacy Engineer at Snap Inc.

How Does AI Change Privacy? Towards Helping Practitioners Scope, Motivate, and Conduct Privacy Work for AI Products and Services

Tuesday, 1:45 pm2:00 pm

Dr. Sauvik Das, Carnegie Mellon University

Available Media

Privacy is a core tenet for engineering ethical AI products, but what barriers do practitioners face in their privacy work for AI products and services? Without an answer to that question, we cannot hope to better support practitioners in engineering privacy-respecting AI. Through interviews with 35 practitioners who have developed AI products, we show how practitioners often have little awareness of the ways in which AI can create new or exacerbating existing privacy threats, face significant motivational barriers in their privacy work, and have little support for AI-specific privacy work. Many of these barriers are due to rigid privacy work practices, incentive structures, educational resources, and tools that have not been adequately updated to factor in how the capabilities and requirements of AI technologies can change scope of privacy threats. I will conclude with recommendations for how to better support practitioners in their AI privacy work.

Dr. Sauvik Das, Carnegie Mellon University

Dr. Sauvik Das is an Assistant Professor at the Human-Computer Interaction Institute at Carnegie Mellon University where he directs the SPUD (Security, Privacy, Usability and Design) Lab. His work, at the intersection of HCI, AI and cybersecurity, is oriented around answering the question: How can we design systems that empower people with improved agency over their personal data and experiences online? His work has recognized with eight paper awards, and he has been PI on over $2.5 million worth of funded grant proposals, including a NSF CAREER. Dr. Das has also worked as a research intern or consultant at several companies, including Google, Facebook, Twitter, and Microsoft. Dr. Das received his Ph.D. in Human-Computer Interaction from Carnegie Mellon University in 2017, following a B.S. in Computer Science at Georgia Tech.

Panel: Privacy Challenges and Opportunities in LLM-Based Chatbot Applications

Tuesday, 2:00 pm2:40 pm

Sameera Ghayyur, Snap Inc.; Jay Averitt, Microsoft; Eric Lin, DynamoFL; Eric Wallace, UC Berkeley; Apoorvaa Deshpande, Snap Inc.; Hunter Luthi, Google Bard

We are seeing a great interest in AI chatbots thanks to recent advances in Large Language Model (LLM) technology. We now have several publicly available chatbots, including ChatGPT by OpenAI, Google Bard, My AI by Snap, Microsoft's AI-powered Bing, etc., and in this panel we plan to discuss the privacy challenges and opportunities in these chatbots. We will discuss what is new about this chat data, tradeoffs in data collection, personalization implications, as well as considerations while using third party LLMs.

Sameera Ghayyur, Snap Inc.

Sameera Ghayyur is currently a privacy engineer at Snap Inc, where she is the primary privacy reviewer on My AI chatbot product offering, among many other features in Snapchat. In the past, she has also worked in the privacy teams at Meta and Honeywell. She received her Ph.D. in computer science from the University of California, Irvine, and her research is focused on accuracy-aware privacy-preserving algorithms. She also has experience working as a software engineer and a lecturer.

Jay Averitt, Microsoft

Jay Averitt is currently a Senior Privacy Product Manager at Microsoft, where he manages Technical Privacy Reviews involving M365 CoPilot, GPT, and other LLM products. He was previously a Privacy Engineer at Twitter, where he managed technical privacy reviews across the platform. He has 10+ years of experience in privacy as both a privacy technologist and a privacy attorney. He graduated with a BS in Management Information Systems from Auburn University and a JD from the University of Alabama School of Law.

Eric Lin, DynamoFL

Eric Lin is the Head of ML Ops at DynamoFL, where he leads a team of ML researchers and engineers empowering enterprise companies to deploy private and trustworthy generative AI models. His team focuses on democratizing the latest research techniques in privacy and safety to a broader audience. Eric previously researched privacy-preserving, trustworthy, and on-device ML optimizations during his BA and MS at Harvard. He has also shipped AI-powered products to over 1 billion users as a PM at Microsoft and Apple.

Eric Wallace, UC Berkeley

Eric Wallace is a PhD student at UC Berkeley advised by Dawn Song and Dan Klein. His research interests are in making large language models more robust, trustworthy, secure, and private. Eric's work is supported by the Apple Fellowship in AI/ML, and in the past he has been at Google, FAIR, AI2, and the University of Maryland. His expertise also includes memorization & privacy, in particular how LMs and diffusion models can memorize their training data raising concerns regarding privacy, copyright agreements, GDPR statutes, and more.

Apoorvaa Deshpande, Snap Inc.

Apoorvaa Deshpande is a privacy engineer at Snap Inc for 3+ years where she primarily works on privacy engineering reviews for the monetization products (including monetization of LLMs) as well as building privacy enhancing technologies. Prior to that, Apoorvaa completed her PhD in computer science (specifically, cryptography) from Brown University. She graduated with M.Sc. Mathematics + B.E Computer Science from BITS Pilani University, India.

Hunter Luthi, Google Bard

Hunter is the Privacy Lead and Privacy Engineering Manager for Google Search, Assistant, and Bard. Hunter and his team are responsible for reviewing and consulting on product design, including championing privacy by design philosophies with Google teams. Prior to Google, Hunter was the Program Manager for Privacy Solutions at TrustArc. He has a JD from Santa Clara University and received a Privacy Certificate with Honors, and a BS in Informatics from Indiana University Southeast.

Smart Home Privacy

Room Captain: Madison Pickering, University of Chicago

Designing for Privacy Needs of Bystanders in Smart Homes: A Systematic Review of Recommendations

Tuesday, 2:40 pm3:00 pm

Julia Bernd, International Computer Science Institute

Available Media

Researchers have proposed numerous design recommendations to make smart home devices more privacy-friendly for bystanders, and studies have highlighted the privacy/utility tensions these proposals introduce for smart home device owners, secondary users, and bystanders. In this talk, we will summarize recent research on bystander (or non-primary user) privacy concerns; present a systematic overview of design proposals and recommendations from the last several years of research on smart home bystander privacy; and initiate a discussion of the potential for industry uptake. The aim of this talk is to draw the attention of industry practitioners to the rich body of research on this topic, and to begin bridging the gap between academic literature and industry in addressing the privacy needs of bystanders. This talk is based on a systemization of knowledge conducted in collaboration with Eimaan Saqib (LUMS), Junghyun Choy (ICSI/CMU), Shijing He (KCL), Ruba Abu-Salma (KCL), José Such (KCL), and Mobin Javed (LUMS/ICSI).

Julia Bernd, International Computer Science Institute

Julia Bernd is a research scientist at the International Computer Science Institute and a member of the Berkeley Laboratory for Usable and Experimental Security (BLUES). She is a linguist and social scientist by background (MA, Linguistics, Stanford University); she has applied this training in academic research, public health projects, and curriculum development. Current research interests include user and bystander expectations about smart homes, privacy culture in software development, and the intersections of privacy and social power dynamics.

3:00 pm–3:30 pm

Break with Refreshments

Mezzanine East/West

3:30 pm–5:00 pm

Frameworks, Requirements, and Threat Models

Room Captain: Nathaniel Fruchter, Google

Putting Privacy on the Map

Tuesday, 3:30 pm3:45 pm

Jayati Dev, Comcast Cable

Available Media

A pillar of Privacy by Design is proactive design that anticipates threats. Typically, developers become aware of privacy threats to their applications through threat modeling. This often happens at the later stages of product development. It is also very resource intensive and requires significant expertise. Consequently, by the time threat modelers find threats, mitigations are pushed to post-production and in most cases development teams must make changes causing significant frictions in the product delivery process. In this talk, we present a systematic privacy threat modeling framework called Models of Applied Privacy (MAP) that helps developers discover and report threats early. MAP utilizes established frameworks to outline relevant threat actors, associated threats, and the resulting harm. We discuss the practical implementation of MAP as a persona picker product owners can use for identifying privacy requirements, conveying them to developers, and planning remediation. Further, we show that MAP can classify real-world privacy incidents.

Contributors: Bahman Rashidi, Vaibhav Garg, Nishanth Ganeshsankar, Dinesh Prakash

Jayati Dev, Comcast Cable

Jayati Dev is a Privacy Engineer in the SPIDER security research team at Comcast. She works on developing frameworks, tools, and processes for threat management. She holds a PhD in Security Informatics from Indiana University Bloomington where she worked in human-centered privacy design for conversational platforms.

The Missing Link in Privacy Risk Assessments

Tuesday, 3:45 pm4:00 pm

Jared Maslin, University of California, Berkeley, and Good Research, LLC

Available Media

Industry frameworks have made significant progress in breaking down the mass of regulatory influences and defining a path forward for businesses seeking to do the right thing in data privacy. However, one critical gap remains unaddressed, which can easily short-circuit the entire privacy lifecycle: risk assessments. No two organizations interpret privacy compliance in exactly the same way. Seeking some semblance of guidance, many turn to industry frameworks like NIST Privacy, ISO Standards, or even SOC 2 privacy criteria, only to find that none fully encompass all of the attributes that make a given business unique. The result is a risk assessment with little prescription, and where there is guidance, a tendency to force a square peg through a round hole – they don't fit. This is a problem that I've been working to address across industry lines, and what I've developed is a contextual, risk-based approach to internal privacy risk identification, prioritization, and remediation. The approach includes specific exploration of user journeys and data lifecycles (including process and infrastructure) across a full spectrum of potential data subjects on a global scale. During this talk, I'll introduce a persona-based approach developed to enable organizations to assess their own unique risk appetite, defining a fit-for-purpose, prioritized risk assessment that can be implemented in a sustainable manner and can successfully adapt to constant changes in global privacy regulation.

Jared Maslin, University of California, Berkeley, and Good Research, LLC

Jared Maslin is a Lecturer at the University of California, Berkeley's School of Information where he focuses on Ethics, Privacy, and Data Protection in Data Science. He also serves as the Chief Operating Officer and Director of Privacy Consulting with Good Research, LLC where he partners with industry clients in designing, implementing, and monitoring solutions to emerging privacy preservation and compliance challenges. Jared works at the intersection of strategic business objectives, consumer expectations, and regulatory influences on a global scale with an end goal of creating solutions and supporting processes that are scalable and sustainable to meet the needs of everyone impacted, now and in the distant future.

Beware, Data Processing! Proposing Categories for Risk Communication Related to the Processing of Personal Data

Tuesday, 4:00 pm4:15 pm

Lukas Seiling, Weizenbaum Institute

Available Media

Few people understand what they get themselves, and their personal data, into when they consent to data processing. Privacy policies are rarely read and people lack appropriate mental models of how their data is processed, which interferes with accurate risk perception and decision-making. This talk proposes information categories for risk communication based on an interdisciplinary research effort, based on expert and user studies, identifying risk-relevant and important aspects of data processing, specific consequences, relations between them, and strategies for risk mitigation. Combining the results with case studies and preliminary proposals for visualizations will demonstrate how controllers, regulatory bodies, and data subjects can profit from a better understanding and communication of risk formation in personal data processing. The talk presents joint work from the speaker as well as Rita Gsenger, Filmona Mulugeta, Marte Henningsen, Lena Mischau, and Marie Schirmbeck.

Lukas Seiling, Weizenbaum Institute

Lukas Seiling completed his bachelor's degree in psychology at the University of Mannheim. He continued his studies through the master's programs Cognitive Systems at the University of Potsdam and Human Factors at the Technical University of Berlin. Since March 2020 he has been working for the Weizenbaum Institute, where from 2020 to 2022 he co-led the Privacy Icons Project of the research group “Frameworks for Data Markets“.

De-identified, Anonymized, or Aggregated? A Look around the Globe

Tuesday, 4:15 pm4:30 pm

Katharina Koerner, Tech Diplomacy Network

Available Media

This talk examines the complex landscape of privacy and data protection regulations concerning anonymous or de-identified data. While such data is often considered outside the scope of privacy regulations, the need for common definitions and clear guidelines for the appropriate risk assessment remain a challenge in practice. The talk provides a comparative analysis of data protection regulations, highlighting crucial questions that require resolution. One particular concern is the exclusion of aggregated consumer information from new U.S. state privacy laws, despite its susceptibility to reidentification. The key message emphasizes the shared uncertainty surrounding the circumstances under which data can be deemed anonymous or deidentified, as well as the necessity for a common understanding of the state of the art of effective privacy technologies and methodologies in the field. The speaker hopes to encourage regulators to familiarize themselves with advanced anonymization techniques, such as differential privacy, and provide clear and consistent guidance to practitioners. Given the significance of these questions, it is imperative to address them with legal clarity and ensure adequate privacy safeguards.

Katharina Koerner, Tech Diplomacy Network

Katharina Koerner is an experienced senior manager with a strong interest in new technologies, privacy, and information security. Prior to joining the Tech Diplomacy Network as a responsible AI and privacy expert in 2023, she was part of the IAPP research team, where she specialized in the intersection of privacy and technology. In particular, she focused on areas such as privacy engineering, privacy by design, privacy-enhancing technologies (PETs), and privacy frameworks. Previously, Katharina served as the CEO of a culture and language institute with multiple campuses in Europe. Katharina holds a PhD in EU Law from the University of Innsbruck, Austria, and a JD from the University of Graz, Austria.

Confirmation Bias in the Privacy Profession: Common Misreading of the NIST Privacy Framework

Tuesday, 4:30 pm4:45 pm

Nandita Rao Narla, DoorDash; R. Jason Cronk, Institute of Operational Privacy Design

Available Media

Confirmation bias is a cognitive bias whereby people consume information in a way that reinforces their previously held beliefs. Many users and implementers of the NIST Privacy Framework do just that, diverting their attention away from many of the important and central concepts in the framework. Similar to the Cybersecurity Framework, the Privacy Framework embodies a risk based approach, but many privacy professionals are more familiar with principle based privacy with a primary goal of legal and regulatory compliance. Focusing on these mental models can lead to challenges and conflicting interpretations of NIST Privacy Framework concepts and terminology, much of which is unique to the framework and not found elsewhere in the professional literature. This presentation will highlight some of the common misconceptions and antipatterns related to the usage of NIST privacy framework drawn from real life case studies and implementation experience across industries.

Nandita Rao Narla, DoorDash

Nandita Rao Narla is the Head of Technical Privacy and Governance at DoorDash, where she leads the privacy engineering, assurance and operations teams. Previously, she was part of the founding team of a data visibility and data risk intelligence startup and as an advisor helped Fortune 500 companies build and mature Privacy, Cybersecurity, and Information Governance programs. Nandita currently serves on the advisory boards for Extended Reality Safety Initiative (XRSI), Techno Security & Digital Forensics Conference, and IAPP - Privacy Engineering. Nandita holds an MS in Information Security from Carnegie Mellon University, a BTech in Computer Science from JNT University, and privacy and security certifications such as FIP, CIPP/US, CIPT, CIPM, CDPSE, CISM, CRISC, and CISA.

R. Jason Cronk, Institute of Operational Privacy Design

With over two decades of experience in principle and trust consulting, R. Jason Cronk is a seasoned privacy engineer, developer, lawyer, author of the IAPP textbook “Strategic Privacy by Design,” Section Leader of the IAPP's Privacy Engineering Section, and founder and president of the Institute of Operational Privacy Design, a non-profit organization of privacy professionals which seeks to define and drive the adoption of common and comprehensive standards to protect individuals' privacy. His knowledge and involvement reaches across the spectrum as an active member of the academic, engineering, legal and professional privacy communities and a pioneering voice in the development of privacy by design. Whether it is writing books, developing models and frameworks, or training companies and individuals alike, he is tirelessly advocating for privacy across the world.

Privacy Requirements and Realities of Digital Public Goods

Tuesday, 4:45 pm5:00 pm

Geetika Gopi, Carnegie Mellon University School of Computer Science, CMU CyLab Security & Privacy Institute

Available Media

Digital Public Goods (DPGs) are a recent concept describing open-source digital artifacts (e.g., software, datasets) that aim to address the UN Sustainable Development Goals. DPGs are increasingly being used to deliver essential government services around the world (e.g., ID management, healthcare registration). The privacy risks of DPGs are currently managed in part by the DPG standard, which is a prerequisite checklist for being classified a DPG; the standard includes requirements about protecting user privacy. This talk will examine the effectiveness of the current DPG standard for ensuring adequate privacy protections. We explain the DPG standard's current rubric, followed by a systematic assessment of responses from major DPGs regarding their protections of users' privacy. We will also present in-depth case studies from major DPGs to identify critical privacy threats. Our findings reveal serious limitations in the current evaluation approach. We will conclude by presenting preliminary recommendations and improvements to the DPG standard.

Geetika Gopi, Carnegie Mellon University School of Computer Science, CMU CyLab Security & Privacy Institute

Geetika Gopi is a graduate student at Carnegie Mellon University's School of Computer Science, where she's pursuing a Master's degree in Privacy Engineering. She's also a Research Assistant at CyLab, a leading research center at CMU that focuses on cutting-edge research on security and privacy. With a background in Cyber Security and previous experience as a Security Consultant at Ernst and Young, Geetika is committed to exploring new approaches and techniques for building secure and private-by-design systems.

5:00 pm–5:10 pm

Closing Remarks

Divya Sharma, Google; Blase Ur, University of Chicago