Invited speakers

This of invited/keynote speakers (to be completed):

Jan Camenisch (IBM Research – Zürich, Switzerland)
Roger Clarke (Xamax Consultancy Pty Ltd., Australia) (TBC)
Jolanda Girzl (Konsument Europa, Sweden)
Marit Hansen (Privacy Commissioner of Schleswig-Holstein, ULD, Germany)
Rainer Knyrim (Preslmayr Rechtsanwälte AG, Austria)
Charles Raab (University of Edinburgh, UK)
Angela Sasse (University College London, UK)

IFIP Summer School 2015

edinburgh header

The 10th International IFIP Summer School on Privacy and Identity Management – Time for a Revolution? took place on 16-21 August 2015 in Edinburgh, Scotland, U.K. The summer school was hosted by the University of Edinburgh School of Informatics and their Security and Privacy research group, and CRISP, the Centre for Research into Information, Surveillance and Privacy. ifip-logo UoE-horizontal

informatics

 crisp-banner

in cooperation with the EU Projects A4Cloud, FutureID, PrismaCloud, PRISMS and the  Privacy-Forum.

 

Abstract Submission Deadline: 1st April 2015

About

The IFIP Summer School 2015 took place in Edinburgh, 16-21 August 2015.

The IFIP Summer Schools take a holistic approach to society and technology and support interdisciplinary exchange through keynote and plenary lectures, tutorials, workshops, and research paper presentations. In particular, participants’ contributions that combine technical, legal, regulatory, socio-economic, social or societal, political, ethical, anthropological, philosophical, or psychological perspectives are welcome. The interdisciplinary character of the work is fundamental to the school.

The research paper presentations and the workshops have a particular focus on involving students, and on encouraging the publication of high-quality, thorough research papers by students/young researchers.

To this end, the school has a two-phase review process for submitted papers. In the first phase submitted papers (short versions) are reviewed and selected for presentation at the school. After the school, these papers can be revised (so that they can benefit from the discussion that occurred at the school) and are then reviewed again for inclusion in the school’s proceedings which will be published by Springer.

Organisation

General Co-Chairs:
Simone Fischer-Hübner (Karlstad University), Charles Raab (University of Edinburgh) 

Programme Committee Co-Chairs:
David Aspinall (University of Edinburgh), Jan Camenisch (IBM Research – Zürich), Marit Hansen (ULD)

IFIP Summer School Steering Committee:
Jan Camenisch (IBM Research – Zürich), Marit Hansen (ULD), Ronald Leenes (Tilburg University), Simone Fischer-Hübner (Karlstad University), Diane Whitehouse (The Castlegate Consultancy)

Local Event Chair:
Mark Hartswood (University of Edinburgh)

Programme Committee:

Michael Birnhack Tel-Aviv University, Faculty of Law, IL
Franziska Boehm Uni Münster, D
Rainer Boehme University of Münster, D
Katrin Borcea-Pfitzmann Technische Universität Dresden, D
Colette Cuijpers TILT – Tiburg University, NL
Josep Domingo-Ferrer Universitat Rovira i Virgili, ES
Changyu Dong University of Strathclyde, UK
Carmen Fernández-Gago University of Malaga, ES
Simone Fischer-Hübner Karlstad University, S
Michael Friedewald Fraunhofer Institute for Systems and Innovation Research, D
Lothar Fritsch Norsk Regnesentral – Norwegian Computing Center, N
Anne Gerdes University of Denmark, DK
Gloria Gonzalez Fuster Vrije Universiteit Brussel (VUB), Research Group on Law Science Technology & Society (LSTS), B
Mark Hartswood University of Edinburgh, UK
Jaap-Henk Hoepman Radboud University Nijmegen
Els Kindt K.U.Leuven -ICRI, B
Eleni Kosta TILT-Tilburg University, NL
David Kreps University of Salford, UK
Anja Lehmann IBM Research – Zurich, CH
Joachim Meyer Tel Aviv University, IL
Monica Palmirani CIRSFID, IT
Siani Pearson HP Labs, UK
Nadezhda Purtova TILT – Tilburg University, NL
Charles Raab University of Edinburgh, UK
Kai Rannenberg Goethe University Frankfurt, D
Kjetil Rommetveit University of Bergen, N
Heiko Roßnagel Fraunhofer IAO, D
Stefan Schiffner ENISA
Daniel Slamanig TU Graz, AT
Sabine Trepte Hohenheim University, D
Simone Van Der Hof Leiden University, NL
Aimee van Wynsberghe University of Twente, NL
Diane Whitehouse TC9 Chair, UK
Erik Wästlund Karlstad University, S
Tal Zarsky U. of Haifa/NYU Law School, IL
John Zic CSIRO, AU

Call for Papers

Adobe_Acrobat_8_PDF

Important dates and other information

Event
Deadline
Extended abstracts or short papers (2-4 pages)
1 April 2015
Notification of acceptance for presentation at the school
1 May 2015
Draft papers for pre-proceedings (page limit is 16 pages)
15 July 2015
Presentation at Summer School, feedback from participants
16-21 August 2015
Final paper for Springer proceedings
28 November 2015
Notification of acceptance of the final paper
29 January 2016
Camera ready copy for proceedings
26 February 2016

Introduction

Over the last decade privacy has been recognised as being increasingly eroded, and many efforts have been made to protect it: New and better privacy laws and regulations have been made and are still being proposed, such as the European General Data Protection Regulation. Industry initiatives such as “Do Not Track” have been launched. The research community on privacy and data protection has grown in size and covers a wider range of disciplines (such as technical, legal, and social disciplines). An increasing number of privacy-enhancing technologies (PETs) – among others for user-controlled identity management and eIDs – are available and have gained in maturity, and the public at large is responding to privacy-related challenges.

Despite these positive developments, privacy is less protected than before: Rapid technology development and increasing interest in identities and other personal data from commercial or government beneficiaries provide strong incentives for increasing data collection to the detriment of data privacy. There seems to be no, or much less, financial advantage than previously in protecting privacy. At the same time, laws and regulation seem not to have the effect wanted for various reasons: They have not been implemented, take time to be made operational, are not protecting privacy effectively, or are simply circumvented. Many of them aim at checkbox compliance rather than promoting actual protection of human rights. Finally, the technology and processes behind the scene have become so complex that not even experts – let alone end-users – can tell whether or not privacy is being protected, and hence they have little or no basis on which to take protective measures. On this basis, user-controlled identity management that has been seen as a panacea for empowering users in their informational self- determination cannot really work.

The 2013 Snowden affair made it very clear that the current electronic infrastructures are very vulnerable, and known protection mechanisms such as encryption are rarely used. Identity information of all Internet or phone users is being collected and analysed by powerful intelligence services in the pursuit of national security. Clearly this lack of protection is problematic not only for maintaining privacy and managing one’s identities, but for the organisation and structure of societies and economies in general. One would hope that this message would be sufficiently clear so that actions are taken to secure infrastructures. Instead, the “crypto debate” is arising again, based on the issue of whether users should be allowed to use proper encryption or not.

This raises questions about what is needed to increase the protection of privacy. Do we need a technological, social, or political revolution? Or are we seeing a number of evolutionary advances of various sorts? Are the available legal, technical, organisational, economic, social, ethical, or psychological instruments for privacy and identity management suitable to improve the protection of privacy? Do we need a revolution in our thinking, a broad movement based on personal initiative – not only for citizens to voice their opinions, but also to implement and maintain solutions as alternatives to those technical infrastructures that have been compromised? How to emphasise the powerful role that technology offers to members of the public (in terms of awareness, citizen-interaction, community engagement)? What does this also mean in terms of technology development, social movements, and ethically informed design?There are many opportunities that may help to achieve better and safer infrastructures for people to communicate freely and without being observed either by commercial or by governmental bodies (user empowerment); to improve the balance between individuals and institutions (especially concerning the privacy protection goals transparency and participation); and to set up democratic processes in which effective oversight over the consequences of new technologies can be exercised.These questions, as well as current research on privacy and identity management in general, will be addressed by the 2015 IFIP Summer School on Privacy and Identity Management.
The Summer School organisation will be a joint effort among IFIP (International Federation for Information Processing, Working Groups 9.2, 9.5, 9.6/11.7, 11.4, 11.6, and Special Interest Group 9.2.2), CRISP (Centre for Research into Information, Surveillance and Privacy), the University of Edinburgh School of Informatics, and several European and national projects. The 2015 IFIP Summer School will bring together junior and senior researchers and practitioners from multiple disciplines to discuss important questions concerning privacy and identity management and related issues in a global environment subject to considerable change.We are especially inviting contributions from students who are at the stage of preparing either a master’s or a PhD thesis. The school is interactive in character, and is composed of plenary lectures and workshops with master/PhD student presentations. The principle is to encourage young academic and industry entrants to the privacy and identity management world to share their own ideas, build up a collegial relationship with others, gain experience in making presentations, and potentially publish a paper through the resulting book proceedings.
Students that actively participate, in particular those who present a paper, can receive a course certificate which awards 3 ECTS at the PhD level. Student attendees who do not present a paper will receive a course certificate which awards 1.5 ECTS at the PhD level. The certificate can certify the topic of the contributed paper so as to demonstrate its relation (or non-relation) to the student’s master’s or PhD thesis.
Basic elements of the Summer School
The Summer School takes a holistic approach to society and technology and supports interdisciplinary exchange through keynote and plenary lectures, tutorials, workshops, and research paper presentations. In particular, participants’ contributions that combine technical, legal, regulatory, socio-economic, social or societal, political, ethical, anthropological, philosophical, or psychological perspectives are welcome. The interdisciplinary character of the work is fundamental to the school. The research paper presentations and the workshops have a particular focus on involving students, and on encouraging the publication of high- quality, thorough research papers by students/young researchers. To this end, the school has a two-phase review process for submitted papers. In the first phase submitted papers (short versions) are reviewed and selected for presentation at the school. After the school, these papers can be revised (so that they can benefit from the discussion that occurred at the school) and are then reviewed again for inclusion in the school’s proceedings which will be published by Springer. Of course, submissions by senior researchers and European, national, or regional/community research projects are also very welcome.
 Contributions
The school seeks contributions in the form of research papers, tutorials, and workshop proposals from all disciplines (e.g., computer science, informatics, economics, ethics, law, psychology, sociology, political and other social sciences, surveillance studies, business and public management).Topics of interest include, but are not limited to:

  • big data analysis, biometrics, cloud computing, virtuality, data and visual analytics,
  • concepts of anonymity, pseudonymity, identity in different disciplines or cultures,
  • cybercrime and cybersecurity,
  • data breaches, data retention and law enforcement,
  • digital rights and net neutrality,
  • digital participation, participatory design, ethically-informed design, co-creation and co-collaboration, ecosystems, and social actors’ engagement in design,
  • health informatics, informed consent, and data-sharing,
  • impact of legislative or regulatory initiatives on privacy,
  • impact of technology on social exclusion/digital divide/social and cultural aspects,
  • privacy and identity management (services, technologies, infrastructures, usability aspects, legal and socio-economic aspects),
  • privacy-by-design, privacy-by-default, and privacy impact assessment
  • privacy-enhancing technologies (PETs), privacy standardisation, and privacy issues relating to eIDs,
  • profiling and tracking technologies,
  • public attitudes to (national) security and privacy,
  • roadmap towards increased privacy protection, use of PETs and privacy by design as a standard procedure,
  • semantics, web security, and privacy,
  • social accountability, social, legal and ethical aspects of technology and the Internet specifically,
  • social care, community care, integrated care and opportunities for as well as threats to individual and community privacy,
  • social networks, social computing, crowdsourcing and social movements,
  • surveillance, video surveillance, sensor networks, and the Internet of Things,
  • transparency-enhancing technologies (TETs),
  • trust management and reputation systems,
  • ubiquitous and usable privacy and identity management.

Research papers are expected to contribute towards application scenarios, use cases, and good practices; research with an empirical focus; and interdisciplinary work. They will be selected by the Summer School Programme Committee based on the review of an extended abstract.

Submissions should contain a concise problem statement, an outline, and clear messages (they should not be about work “to be done”). Accepted short versions of papers will be made available to all participants in the Summer School Pre-Proceedings. After the Summer School, authors will have the opportunity to submit their final full papers (in Springer LNCS format) of 8-16 pages in length (which will address those questions and aspects raised during the Summer School) for publication in the Summer School Proceedings to be published by the official IFIP publisher (Springer). The papers to be included in the Final Proceedings will again be reviewed and selected by the Summer School Programme Committee. Students are expected to try to publish their work through this volume.Tutorials are expected to last one or two hours. Proposals should contain a short summary and state the level and background required for attendees to follow the tutorial.Workshops are expected to last one or two hours and must produce short papers recapitulating the outcome for inclusion in the proceedings. Proposals should contain a short statement summarising the topic(s) to be discussed and the expected contributions of the audience.
Best Student Paper Award
At the IFIP Summer School, a Best Paper Student Award will be awarded. Papers written solely or primarily by students and presented by a student at the Summer School are eligible for the award. If the paper is co-authored with senior researchers, the authors have to state that the main work and contributions can be clearly attributed to the student author(s). The award will be selected based on the quality of the paper and of the oral presentation.
Submissions
All submissions must be made in PDF format using the Easychair system.

 

Programme

 


Sunday, 16 August, 2015

19:00-22:00: Reception and Welcome by Professor Sir Timothy O’Shea, Principal of the University of Edinburgh (Informatics Forum).

The registration desk will be open 18:30-20:30.


Monday, 17 August, 2015

8:30 Registration desk is open

9:00: Welcome

9:10: Invited Speaker: Melek Önen, EURECOM:
“Privacy and Verifiability for Data Storage in Cloud Computing”
Room G.07 – Session Chair: Simone Fischer-Hübner

10:10: Coffee

10:30: Parallel sessions:
a) Session 1 (Room G.07)
Workshop A4Cloud Tools: Accountability in the Cloud”
* Carmen Fernandez-Gago, University of Malaga
* Siani Pearson/Michela D’Errico, HP Labs
* Melek Önen, EURECOM
* Tobias Pulls, Karlstad University

b) Session 2 (Room 4.31/4.33) – Session Chair: Mark Hartswood
Measuring Privacy and Understanding Risks
* Sushant Agarwal and Sarah Spiekermann: Developing a Structured Metric to Measure Privacy Risk in Privacy Impact Assessments
* Wolfgang Coy: “This is obvious, isn’t it?” – Discourses as Good Practice in Informatics and Computer Science Education

12:30-13:30: Lunch

13:30: Parallel sessions:
a) Session 3 (Room G.07)
PRISMACLOUD Workshop: Interactive Workshop: How can we trust Crypto to protect privacy in the Cloud
* Alaa Alaqra/Simone Fischer-Hübner, Karlstad University
* Thomas Groß, Newcastle University
* Thomas Lorünser, Austrian Institute of Technology
* Daniel Slamanig, Graz University of Technology

b) Session 4 (Room 4.31/4.33) – Session Chair: Charles Raab
Future of Privacy and Data Protection Regulation
* Hannah Obersteller: Yankee Go Home 2.0 – Can Europe Shut Down Facebook?
* Bruno Bioni: Prize Norms and Functional Perspective of Law: A New Normative Production to Foster a Holistic Privacy Regulation
* Murat Karaboga: Introducing the advocacy coalition framework as a Policy-Analysis Approach to grasp the complex reality of European Data Protection Politics: the example of the proposed General Data Protection Regulation

15:30: Coffee

16:00-17:00: Invited Speaker: Timothy Edgar, Brown University:
“The US Privacy Perspective”
Room G.07 – Session Chair: Charles Raab

17:00-17:45: Wrapping up; in Memoriam Caspar Bowden and Klaus Brunnstein


Tuesday, 18 August, 2015

9:00-10:00: Invited Speaker: Gabriela Barrantes, Universidad de Costa Rica:
“Communicating privacy issues to the general population – hands-on education campaigns”
Room G.07 – Session Chair: Diane Whitehouse

10:00: Coffee

10:30: Parallel sessions:
a) Session 5 (Room G.07) – Session Chair: Meiko Jensen
Cloud Computing
* Xenofon Kontargyris: The ‘right to be forgotten’ in an IT environment dominated by cloud technologies – How realistic is CJEU’s approach on the protection of privacy in an online world increasingly based on cloud applications?
* Saul Formoso and Massimo Felici: Security and Privacy Assurance in Cloud Ecosystems
* Michela D’Errico and Siani Pearson: Enhanced Assurance about Cloud Service Provision Promises

b) Session 6 (Room 4.31/4.33)
Kami Vaniea: Hands-on tutorial “Online data collection (without you knowing it)”
* Participants are encouraged to bring their laptops.
* This tutorial will look at how data is collected online and used by various groups such as Data Aggregators. We will be using tools such as LightBeam and Panopticlick to visualize data flows. We will also be discussing technological, policy, and educational approaches to managing online data collection.”

12:30-13:30: Lunch

13:30: Parallel sessions:
a) Session 7 (Room G.07)
PRISMACLOUD Workshop: Signatures for Trust and Accountability in the Cloud: A Technical and User Perspective”
* Alaa Alaqra/Simone Fischer-Hübner, Karlstad University
* Thomas Groß, Newcastle University
* Thomas Lorünser, Austrian Institute of Technology
* Daniel Slamanig, Graz University of Technology

b) Session 8 (Room 4.31/4.33) – Session Chair: Jaap-Henk Hoepman
Engineering Privacy
* Ali Padyab: A review of Privacy Enhancing Tools
* Olha Drozd: Privacy Pattern Catalog: A Tool for Integrating Privacy Principles of ISO/IEC 29100 into Software Development Process
* Tom Seymoens, Laurence Claeys, and Jo Pierson: Case Study of Privacy Engineering: The USEMP Project

15:30: Coffee

16:00-17:00: Invited Speaker: Lilian Edwards, University of Strathclyde, Glasgow:
“Policing and Social Media Surveillance : Should We Have any Privacy in Public?”
Room G.07 – Session Chair: Mark Hartswood

17:00-17:30: Wrapping up (Room G.07)

18:00-19:30: Matthew Collings and Jules Rawlinson: A Requiem for Edward Snowden
Room G.07 – Session Chair: Charles Raab

Presentation relating to their audio-visual performance that addresses security, loss of faith and personal sacrifice in a world where we are totally reliant on electronic communication and daily routines in which our privacy is routinely compromised. They will discuss how the themes have been interpreted, interwoven and portrayed as an audio-visual narrative that incorporates electronic sound, acoustic instrumentation and live visuals.


Wednesday, 19 August, 2015

9:00-10:00: Invited Speaker: Anja Lehmann, IBM Research – Zurich:
“Cryptography for People”
Room G.07 – Session Chair: Jaap-Henk Hoepman

10:00: Coffee

10:30: Parallel sessions:
a) Session 9 (Room G.07):
Workshop on Assessing PET Maturity
* Jaap-Henk Hoepman, Radboud University Nijmegen
* Meiko Jensen/Marit Hansen, ULD
* Stefan Schiffner, ENISA

b) Session 10 (Room 4.31/4.33) – Session Chair: David Aspinall
Applications
* Pawel Kamocki, Jim O’Regan, and Marc Stauc: All your data are belong to us. European Perspective on Privacy Issues in ‘Free’ Online Machine Translation Services
* Ruba Abu-Salma: Secure and Private Chat for Everyone
* Saffija Kasem-Madani and Michael Meier: Definition of Availability Policies for Data Pseudonymization Using XACML

12:30-13:30: Lunch

13:30: Parallel sessions:
a) Session 11 (Room G.07) – Session Chair: Gerrit Hornung
Surveillance
* Andreas Haggman: The Problem with Curtains
* Anouk Mols: “Not interesting enough to be followed by the NSA”. A frame analysis of privacy attitudes in Dutch public debates
* J.M. Porup: An Open-Air Prison: A Psychological Case Study of a Journalist Under Surveillance
* Felix Bieker: The Investigatory Powers Tribunal – Effective Judicial Oversight for a Rampant Intelligence Service?

b) Session 12 (Room 4.31/4.33) – Session Chair: Leonardo Martucci
Identity Management
* Salameh Abu Rmeileh and Esther Paloma: Rethinking Attribute Assurance (Extended Abstract)
* Jessica Schroers and Pagona Tsormpatzoudi: Liability of the Relying Party in e-government in case of identity theft
* Brinda Hampiholi and Bart Jacobs: Trusted self-enrolment for attribute-based credentials on mobile phones
* Sean Simpson and Thomas Groß: A Survey of Security Analysis in Identity Federated Management

16:10: Coffee

16:30-17:30: Invited Speaker: Gerrit Hornung, Passau University:
“The European General Data Protection Framework – evolution, revolution, or disillusion?”
Room G.07 – Session Chair: Marit Hansen

17:30-18:00: Wrapping up (Room G.07)


Thursday, 20 August, 2015

9:00: Invited Speaker: Michael Friedewald, Fraunhofer ISI and FP7 PRISMS Co-ordinator:
“PRISMS: Mirroring privacy and security – where the two meet and fall apart”
Room G.07 – Session Chair: Diane Whitehouse

10:00: Coffee

10:30: Parallel sessions:
a) Session 13 (Room G.07)
Workshop of the Privacy-Forum: “Smart Technologies – Workshop on challenges and trends for privacy in a hyper-connected world”
* Andreas Baur, Tübingen University
* Michael Friedewald/Murat Karaboga, Fraunhofer ISI
* Christian Geminn, Kassel University
* Hannah Obersteller/Felix Bieker/Marit Hansen, ULD

b) Session 14 (Room 4.31/4.33) – Session Chair: Stefan Schiffner
Specific PETs
* Jenni Reuben, Leonardo Martucci, and Simone Fischer-Hübner: A Survey on Log Audits for Detecting Privacy Violations
* Aderonke Sakpere and Anne Kayem: Privacy Enhancing Mechanisms for Efficient Streaming Data Anonymization in Resource Constrained Settings
* Daniel Bosk and Sonja Buchegger: Privacy-Preserving Access Control in Decentralized Online Social Networks using Anonymous Broadcast Encryption

12:30-13:30: Lunch

13:30: Parallel sessions:
a) Session 15 (Room G.07) – Session Chair: Melek Önen
Accountability
* Lina Jasmontaite and Valerie Verdoodt: The proposed EU accountability measures: empowering citizens or overburdening businesses?
* David Derler, Christian Hanser, and Daniel Slamanig: Towards Authenticity and Privacy Preserving Accountable Workflows
* Isaac Agudo, Ali El Kaafarani, David Nunez, and Siani Pearson: A Technique for Enhanced Provision of Appropriate Access to Evidence across Service Provision Chains

b) Session 16 (Room 4.31) – Session Chair: Diane Whitehouse
Sensitive Applications
* Leonardo Iwaya, Fausto Giunchiglia, Leonardo Martucci, Alethia Hume, Simone Fischer-Hübner, Ronald Chenu-Abente, and Hans Hedbom: Ontology Obfuscation for Privacy: A Case Study on Healthcare
* Marjolijn Heering: The Quantified Human: on the digitalization of measuring illness and the body
* Dusan Pavlovic: Identification of online gamblers in EU: a two-edged sword

c) Session 17 (Room 4.33) – Session Chair: Marit Hansen
Rump session
with contributions from Summer School participants (to be organised during the Summer School)

15:30: Coffee

16:00-17:00: Invited Speaker: Angela Sasse, University College London:
“There is no ‘privacy paradox’ – just technology that does not support users’ privacy preferences”
Room G.07 – Session Chair: David Aspinall

17:00-17:30: Wrapping up (Room G.07)

20:00-22:00: Workshop Dinner (Social Event), Venue: Howies, Waterloo Place, Edinburgh


Friday, 21 August, 2015

08:45: Best Student Paper Award (Room G.07)

08:55-09:40: Invited Speaker: Mark Hartswood, University of Edinburgh:
“Collaboration between humans and machines: Promises and Perils”
Room G.07 – Session Chair: Simone Fischer-Hübner

09:40-10:45: Panel “Privacy and ethics: The SmartSociety initiative and its challenges (Room G.07)
Panelists:

* Stuart Anderson
* Marit Hansen
* Mark Hartswood
* Michael Rovatsos
* Diane Whitehouse

10:45-11:00: Wrapping up  / conclusion (Room G.07)

11:00: End of the Summer School; lunch for people who don’t have to leave already



IFIP Summer School Programme – coloured version:

Sunday, 16 August, 2015
Registration desk open from 18:30-20:30
19:00 Reception and Welcome by Professor Sir Timothy O’Shea, Principal of the University of Edinburgh (-22:00)
Monday, 17 August, 2015
Registration desk open from 08:30
09:00 Introduction (Room G.07)
09:10 Invited Speaker
(Room G.07)Chair: Simone Fischer-Hübner
Melek Önen, EURECOM Privacy and Verifiability for Data Storage in Cloud Computing
10:10 Coffee break
10:30 Sessions 1+2 S1 (Room G.07):
Workshop A4Cloud
S2 (Room 4.31/4.33):
Measuring Privacy and Understanding Risks
Chair: Mark Hartswood
Carmen Fernandez-Gago, University of Malaga //
Siani Pearson/Michela D’Errico, HP Labs //
Melek Önen, EURECOM //
Tobias Pulls, Karlstad University
Workshop “A4Cloud Tools: Accountability in the Cloud” Sushant Agarwal and Sarah Spiekermann Developing a Structured Metric to Measure Privacy Risk in Privacy Impact Assessments
Wolfgang Coy “This is obvious, isn’t it?” – Discourses as Good Practice in Informatics and Computer Science Education
12:30 Lunch
13:30 Sessions 3+4 S3 (Room G.07):
Workshop PRISMACLOUD I
S4 (Room 4.31/4.33):
Future of Privacy and Data Protection Regulation
Chair: Charles Raab
Alaa Alaqra/Simone Fischer-Hübner, Karlstad University //
Thomas Groß, Newcastle University //
Thomas Lorünser, Austrian Institute of Technology //
Daniel Slamanig, Graz University of Technology
PRISMACLOUD Workshop: “Interactive Workshop: How can we trust Crypto to protect privacy in the Cloud” Hannah Obersteller Yankee Go Home 2.0 – Can Europe Shut Down Facebook?
Bruno Bioni Prize Norms and Functional Perspective of Law: A New Normative Production to Foster a Holistic Privacy Regulation
Murat Karaboga Introducing the advocacy coalition framework as a Policy-Analysis Approach to grasp the complex reality of European Data Protection Politics: the example of the proposed General Data Protection Regulation
15:30 Coffee break
16:00 Invited Speaker
(Room G.07)Chair: Charles Raab
Timothy Edgar, Brown University The US Privacy Perspective
17:00 Wrapping up; in Memoriam Caspar Bowden and Klaus Brunnstein -17:45 (Room G.07)
Tuesday, 18 August, 2015
09:00 Invited Speaker
(Room G.07)Chair: Diane Whitehouse
Gabriela Barrantes, Universidad de Costa Rica Communicating privacy issues to the general population – hands-on education campaigns  
10:00 Coffee break
10:30 Sessions 5+6 S5 (Room G.07):
Cloud Computing
Chair: Meiko Jensen
S6 (Room 4.31/4.33):
Hands-on Tutorial
Xenofon Kontargyris The ‘right to be forgotten’ in an IT environment dominated by cloud technologies – How realistic is CJEU’s approach on the protection of privacy in an online world increasingly based on cloud applications? Kami Vaniea Hands-on tutorial “Online data collection (without you knowing it)”* Participants are encouraged to bring their laptops.
* This tutorial will look at how data is collected online and used by various groups such as Data Aggregators. We will be using tools such as LightBeam and Panopticlick to visualize data flows. We will also be discussing technological, policy, and educational approaches to managing online data collection.
Saul Formoso and Massimo Felici Security and Privacy Assurance in Cloud Ecosystems
Michela D’Errico and Siani Pearson Enhanced Assurance about Cloud Service Provision Promises
12:30 Lunch
13:30 Sessions 7+8 S7 (Room G.07):
Workshop PRISMACLOUD II
S8 (Room 4.31/4.33):
Engineering Privacy
Chair: Jaap-Henk Hoepman
Alaa Alaqra/Simone Fischer-Hübner, Karlstad University //
Thomas Groß, Newcastle University //
Thomas Lorünser, Austrian Institute of Technology //
Daniel Slamanig, Graz University of Technology
PRISMACLOUD Workshop: “Signatures for Trust and Accountability in the Cloud: A Technical and User Perspective” Ali Padyab A review of Privacy Enhancing Tools
Olha Drozd Privacy Pattern Catalog: A Tool for Integrating Privacy Principles of ISO/IEC 29100 into Software Development Process
Tom Seymoens, Laurence Claeys, and Jo Pierson Case Study of Privacy Engineering: The USEMP Project
15:30 Coffee break
16:00 Invited Speaker
(Room G.07)Chair: Mark Hartswood
Lilian Edwards, University of Strathclyde, Glasgow Policing and Social Media Surveillance: Should We Have any Privacy in Public?
17:00 Wrapping up -17:30 (Room G.07)
18:00-19:30 Invited Speaker
(Room G.07)Chair: Charles Raab
Matthew Collings and Jules Rawlinson Requiem for Edward Snowden – extracts and Q&A On the session:
Presentation relating to their audio-visual performance that addresses security, loss of faith and personal sacrifice in a world where we are totally reliant on electronic communication and daily routines in which our privacy is routinely compromised. They will discuss how the themes have been interpreted, interwoven and portrayed as an audio-visual narrative that incorporates electronic sound, acoustic instrumentation and live visuals.
Wednesday, 19 August, 2015
09:00 Invited Speaker
(Room G.07)Chair: Jaap-Henk Hoepman
Anja Lehmann, IBM Research – Zurich Cryptography for People
10:00 Coffee break
10:30 Sessions 9+10 S9 (Room G.07):
Workshop PET Maturity
S10 (Room 4.31/4.33):
Applications
Chair: David Aspinall
Jaap-Henk Hoepman, Radboud University //
Marit Hansen/Meiko Jensen, ULD //
Stefan Schiffner, ENISA
Workshop on Assessing PET Maturity Pawel Kamocki, Jim O’Regan, and Marc Stauc All your data are belong to us. European Perspective on Privacy Issues in ‘Free’ Online Machine Translation Services
Ruba Abu-Salma Secure and Private Chat for Everyone
Saffija Kasem-Madani and Michael Meier Definition of Availability Policies for Data Pseudonymization Using XACML
12:30 Lunch
13:30 Sessions 11+12 S11 (Room G.07):
Surveillance
Chair: Gerrit Hornung
S12 (Room 4.31/4.33):
Identity Management
Chair: Leonardo Martucci
Andreas Haggman The Problem with Curtains Salameh Abu Rmeileh and Esther Paloma Rethinking Attribute Assurance
Anouk Mols “Not interesting enough to be followed by the NSA”. A frame analysis of privacy attitudes in Dutch public debates Jessica Schroers and Pagona Tsormpatzoudi Liability of the Relying Party in e-government in case of identity theft
J.M. Porup An Open-Air Prison: A Psychological Case Study of a Journalist Under Surveillance Brinda Hampiholi and Bart Jacobs Trusted self-enrolment for attribute-based credentials on mobile phones
Felix Bieker The Investigatory Powers Tribunal – Effective Judicial Oversight for a Rampant Intelligence Service? Sean Simpson and Thomas Groß A Survey of Security Analysis in Identity Federated Management
16:10 Coffee break
16:30 Invited Speaker
(Room G.07)Chair: Marit Hansen
Gerrit Hornung, Passau University The European General Data Protection Framework – evolution, revolution, or disillusion?
17:30 Wrapping up -18:00 (Room G.07)
Thursday, 20 August, 2015
09:00 Invited Speaker
(Room G.07)Chair: Diane Whitehouse
Michael Friedewald, Fraunhofer ISI and FP7 PRISMS Co-ordinator PRISMS: Mirroring privacy and security – where the two meet and fall apart  
10:00 Coffee break
10:30 Sessions 13+14 S13 (Room G.07):
Workshop Privacy-Forum
S14 (Room 4.31/4.33):
Specific PETs
Chair: Stefan Schiffner
Andreas Baur, Tübingen University //
Felix Bieker/Marit Hansen/Hannah Obersteller, ULD //
Michael Friedewald/Murat Karaboga, Fraunhofer ISI //
Christian Geminn, Kassel University
Workshop of the Privacy-Forum: “Smart Technologies – Workshop on challenges and trends for privacy in a hyper-connected world” Jenni Reuben, Leonardo Martucci, and Simone Fischer-Hübner A Survey on Log Audits for Detecting Privacy Violations
Aderonke Sakpere and Anne Kayem Privacy Enhancing Mechanisms for Efficient Streaming Data Anonymization in Resource Constrained Settings
Daniel Bosk and Sonja Buchegger Privacy-Preserving Access Control in Decentralized Online Social Networks using Anonymous Broadcast Encryption
12:30 Lunch
13:30 Sessions 15+16+17 S15 (Room G.07):
Accountability
Chair: Melek Önen
S16 (Room 4.31):
Sensitive Applications
Chair: Diane Whitehouse
S17 (Room 4.33):
Rump Session
Chair: Marit Hansen
Lina Jasmontaite and Valerie Verdoodt The proposed EU accountability measures: empowering citizens or overburdening businesses? Leonardo Iwaya, Fausto Giunchiglia, Leonardo Martucci, Alethia Hume, Simone Fischer-Hübner, Ronald Chenu-Abente, and Hans Hedbom Ontology Obfuscation for Privacy: A Case Study on Healthcare Rump Session with contributions from Summer School participants (to be organised during the Summer School)
David Derler, Christian Hanser, and Daniel Slamanig Towards Authenticity and Privacy Preserving Accountable Workflows Marjolijn Heering The Quantified Human: on the digitalization of measuring illness and the body
Isaac Agudo, Ali El Kaafarani, David Nunez, and Siani Pearson A Technique for Enhanced Provision of Appropriate Access to Evidence across Service Provision Chains Dusan Pavlovic Identification of online gamblers in EU: a two-edged sword
15:30 Coffee break
16:00 Invited Speaker
(Room G.07)Chair: David Aspinall
Angela Sasse, University College London There is no ‘privacy paradox’ – just technology that does not support users’ privacy preferences
17:00 Wrapping up -17:30 (Room G.07)
20:00 Social Event: Workshop Dinner, Venue: Howies, Waterloo Place, Edinburgh (-22:00)
Friday, 21 August, 2015
08:45 Best Student Paper Award (Room G.07)
08:55 Invited Speaker
(Room G.07)Chair: Simone Fischer-Hübner
Mark Hartswood, University of Edinburgh Collaboration between humans and machines: Promises and Perils
09:40 Panel
(Room G.07)
Panelists:
Stuart Anderson, Marit Hansen, Mark Hartswood, Michael Rovatsos, and Diane Whitehouse
Privacy and ethics: The SmartSociety initiative and its challenges
10:45 Wrapping up / conclusion (Room G.07)
11:00 End of the Summer School; lunch for people who don’t have to leave already

 

 

Download the Summer School 2015 Pre-Proceedings (zip) or as a single PDF