ifip-summerschool2017

About

The 12th International IFIP Summer School on Privacy and Identity Management  took place on 3- 8 September 2017 in Ispra, Italy. The summer school is hosted by the Joint Research Centre (JRC) of the European Commission and its Cyber and Digital Citizen Security Unit.

Holistic approach and interdisciplinarity
The IFIP Summer Schools take a holistic approach to society and technology and support interdisciplinary exchange through keynote and plenary lectures, tutorials, workshops, and research paper presentations. In particular, participants’ contributions that combine technical, legal, regulatory, socio-economic, social or societal, political, ethical, anthropological, philosophical, or psychological perspectives are welcome. The interdisciplinary character of the work is fundamental to the School.

Workshops and scientific papers
The research paper presentations and the workshops have a particular focus on involving students, and on encouraging the publication of high-quality, thorough research papers by students/young researchers.

Best paper award and Springer
To this end, the School has a three-phase review process for submitted papers. In the first phase submitted papers are reviewed and selected for presentation at the School. After the School, these papers are revised to benefit from the discussion that occurred at the School, and are then reviewed again for inclusion in the School’s proceedings which will be published by Springer.
Every year an award is given for the Best Student Paper.
Submissions by senior researchers and participants in European, national, or regional/community research projects are also very welcome, and are generally published in a separate section of the book volume.

Invited Speakers

Name Affiliation Topic
Aggelos Kiayias University of Edinburgh, Informatics Forum Blockchain Systems and Privacy
Anja Lehmann IBM Research Zurich Cryptographic Approaches to Data Pseudonymization, Tokenization & Transparency
Kjetil Rommetveit University of Bergen, Centre for the study of the sciences and humanities Privacy by Design in Smart Energy
José M. del Álamo Universidad Politécnica de Madrid Privacy Engineering: Definitions and Challenges
Elena Ferrari Università degli Studi dell’Insubria Identification Services for Online Social Networks (same password as for pre-proceedings)
Hannes Federrath University of Hamburg Anonymity Online – Current Solutions and Challenges
Mariachiara Tallacchini Faculty of Economics and Law of the Università Cattolica del Sacro Cuore of Piacenza From Privacy to Algorithms’ Fairness: Some Hints on the Complex Journey of ICT Ethics
Bart van der Sloot Tilburg University, Tilburg Institute for Law, Technology, and Society (TILT) Identifying Drug Labs by Analysing Sewage Systems
Delphine Reinhardt University of Bonn/Fraunhofer FKIE Privacy in IoT – Current Challenges and Future Directions
Eran Toch Tel Aviv University, Department of Industrial Engineering Usable Privacy
Thomas Groß University of Newcastle upon Tyne / Centre for Cybercrime and Computer Security Exploring the Human Nature of Online Privacy
Kami Vaniea University of Edinburgh, Informatics Forum Tools for Privacy and Data Protection
Marie-Hélene Boulanger European Commission Data Protection in Europe – a New Era
Ricardo Neisse European Commission Blockchain-based Identity Management and Data Usage Control

Organisation

General Co-Chairs:
Simone Fischer-Hübner (Karlstad University), Jean Pierre Nordvik (JRC)

Programme Committee Co-Chairs:
Marit Hansen (ULD), Eleni Kosta (Tilburg University), Igor Nai Fovino (JRC) 

IFIP Summer School Steering Committee:
Jan Camenisch (IBM Research – Zürich), Marit Hansen (ULD), Ronald Leenes (Tilburg University), Simone Fischer-Hübner (Karlstad University), Diane Whitehouse (The Castlegate Consultancy), Charles Raab (University of Edinburgh), Anja Lehmann (IBM Research – Zürich), Ignacio Sanchez (JRC)

Local Event Chair:
Francesca Varano  (JRC)

Programme Committee: 

·         Alessandro Mantelero Politecnico di Torino Politecnico di Torino
·         Anja Lehmann IBM Research – Zurich
·         Arnold Roosendaal
·         Bart Van der Sloot Tilburg University
·         Charles Raab University of Edinburgh
·         Daniel Slamanig Graz University of Technology
·         David Aspinall University of Edinburgh
·         Delphine Reinhardt University of Bonn University of Bonn
·         Diane Whitehouse IFIP working group 9.2 on social accountability and ICT
·         Eleni Kosta TILT-Tilburg University
·         Evgeni Moyakine University of Groningen
·         Felix Bieker Unabhängiges Landeszentrum für Datenschutz (ULD)
·         George  Carlisle Middlesex University
·         Gerard Draper-Gil European Commission – Joint Research Centre
·         Gloria Gonzalez-Fuster Vrije Universiteit Brussel
·         Hannes Federrath University of Hamburg
·         Harald Zwingelberg ULD
·         Ignacio Sanchez European Commission – Joint Research Centre
·         Igor Nai Fovino European Commission – Joint Research Centre
·         Jan Camenisch IBM Research – Zurich
·         Jetzabel Maritza Serna Olvera Universidad Politecnica de Cataluña
·         Jo Pierson Vrije Universiteit Brussel
·         Joachim Meyer Tel Aviv University
·         Jozef Vyskoc VaF
·         Kai Rannenberg Goethe University Frankfurt
·         Kai Kimppa University of Turku
·         Leonardo Martucci Karlstad University
·         Lothar Fritsch Karlstad University, Sweden
·         Marit Hansen Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein
·         Melek Önen EURECOM
·         Michael Friedewald Fraunhofer Institute for Systems and Innovation Research
·         Michael Birnhack Tel-Aviv University, Faculty of Law
·         Norberto Patrignani Politecnico of Torino
·         Pedro Freitas Law School of University of Minho
·         Penny Duquenoy Middlesex University
·         Ricardo Neisse European Commission Joint Research Center
·         Robin Pierce Harvard Law School, Petrie-Flom Center
·         Rosamunde van Brakel Vrije Universiteit Brussel
·         Rose-Mharie Åhlfeldt University of Skövde
·         Sabrina Kirrane Vienna University of Economics and Business
·         Simone Fischer-Hübner Karlstad University
·         Stephan Krenn AIT Austrian Institute of Technology GmbH
·         Steven J. Murdoch University College London
·         Stuart Anderson University of Edinburgh
·         Tal Zarsky University of Haifa
·         Thomas Gross University of Newcastle upon Tyne
·         Tobias Pulls Karlstad University, Department of Mathematics and Computer Science
·         Viola Schiaffonati Politecnico di Milano
·         Zekeriya Erkin Delft University of Technology

Call for Papers

The School covers all aspects of privacy and identity and seeks contributions from a broad range of disciplines (e.g. computer science, informatics, economics, ethics, law, psychology, sociology, history, political and other social sciences, surveillance studies, business and public management). Student research papers may contribute towards application scenarios, use cases, and good practice based upon empirical research and interdisciplinary investigations; explore legal, regulatory historical or other issues; or report on other kinds of empirical research, such as social practices and effects of the use of new technologies. Papers will be selected for presentation at the School by the Summer School Programme Committee, based on reviews of a short 2-4 page abstract.

Topics of interest include, but are not limited to:

Concepts

Anonymity, pseudonymity, identity, (informed) consent, digital rights, net neutrality, trust, reputation

Technologies and applications

  • Privacy aspects of big data analytics, biometrics, cloud computing, social networks, blockchain based applications, social computing, crowdsourcing and social movements
  • Health informatics (mHealth, eHealth), social care, community care, integrated care, opportunities as well as threats to individual and community privacy, personal autonomy and dignity
  • Profiling and tracking technologies, online anonymity, surveillance, video surveillance
  • Sensor networks, Internet of Things, mobile devices
  • Privacy and identity management (services, technologies, infrastructures, usability aspects, legal and socio-economic aspects), eIDs
  • Privacy and security in digital citizen communications, e-mail and instant messaging
  • Privacy protection and in particular confidentiality of communications by both traditional players/incumbents and OTTs
  • Privacy-enhancing technologies (PETs) and transparency-enhancing technologies (TETs)

Design

  • Digital participation, participatory design, ethically-informed design, co-creation and co-collaboration, ecosystems, social actors’ engagement in design
  • Privacy-by-design, privacy-by-default, value-sensitive design, privacy impact assessment
  • Usable privacy

Enforcement and regulation

  • Social accountability
  • Privacy standards and seals
  • Security of network and information systems
  • Cybercrime and cybersecurity
  • Data breaches, data retention and law enforcement
  • Regulatory regimes and instruments

Effects

  • Effects of legislative or regulatory initiatives on privacy or identity
  • Effects of technology on discrimination, social profiling, social exclusion, digital divides, communities, societies and cultures

Attitudes

  • Public attitudes to international, national, local or organisational security, privacy, and identity
  • Corporate and organisational views on privacy and data protection measures
  • Challenges facing large corporations, small- and medium-sized enterprises, micro-enterprises and entrepreneurs, and a wide range of categories of professions and occupations
  • How people or organisations use new technologies and help to shape them.

Submitting papers
The abstract submissions should contain a concise problem statement, an outline, and clear messages (they should not be about work ‘to be done’). On acceptance of the abstract, authors should submit their full papers of up to 16 pages in length in Springer LNCS format. These versions of the papers will be made available to all participants in the Summer School pre-proceedings.

After the Summer School, authors will have the opportunity to revise and re-submit their full papers (again in Springer LNCS format, with a maximum of 16 pages). These versions should address the questions and discussions raised on the paper during the Summer School as well as in the detailed reviews provided by the Programme Committee members. These revised papers will be considered for publication in the Summer School proceedings published by Springer, the official IFIP publisher. The papers to be included in the final proceedings will again be reviewed and finally selected by the Summer School Programme Committee. Students are expected to try to publish their work in this volume.

Call for Tutorials and Workshops
The School also seeks contributions in the form of tutorials and workshop proposals from all disciplines (e.g. computer science, informatics, economics, ethics, law, psychology, sociology, history, political and other social sciences, surveillance studies, business and public management). The timelines for submission of these tutorials and workshops are the same as those of the student papers. Topics of interest include, but are not limited to: concepts, technologies and applications, design, enforcement mechanisms, effects, attitudes, and user practices.

Tutorials are expected to last one or two hours. Proposals should contain a short summary and state the level and background required for attendees to follow the tutorial.

Workshops are expected to last one or two hours and must generate short papers that recapitulate the outcome and the kinds of discussions raised in the School, for inclusion in the post-proceedings. Proposals should contain a short statement summarising the topic(s) to be discussed and the expected contributions from the audience members e.g. responding to a questionnaire or conducting a small experiment. Proposers should indicate whether any special equipment is needed for the workshop, such as audiovisual systems or computational equipment and support.

How to submit
Extended abstracts (2-4 pages) must be made in PDF format, in the Springer LNCS template (https://www.springer.com/computer/lncs?SGWID=0-164-6-793341-0), and using the Easychair System: https://easychair.org/conferences/?conf=ifipsc2017.

Programme

The Programme is now online: IFIP Summer School Programme (pdf version)

The pre-proceedings can be downloaded here: Pre-proceedings

Sunday, 3 September 2017
  Informal Get-together for those who have arrived
Monday, 4 September 2017
07:45 Bus transfer to JRC (location: outside the hotel)
08:30 Registration and Coffee Break
09:00 Introduction (Amphitheater): Dir. Dan Chirondojan    
09:10 Invited Speaker
(Amphitheater)
Chair: Simone Fischer-Hübner
Marie-Hélene Boulanger, European Commission Data Protection in Europe – a New Era    
10:15 Coffee break
10:30 Sessions 1+2 S1 (Room 3):
Workshop Privacy-Forum
S2 (Room 2):
“eIDs and Identity Management”
Chair: Kai Rannenberg
    Felix Bieker, Michael Friedewald and Marit Hansen Interactive Workshop on Data Protection Impact Assessment: A Hands-On Tour of the GDPR’s Most Practical Tool (Case 1: Smart Surveillance + Case 2: Emotional Decoding) Michael Hölzl, Michael Roland and Rene Mayrhofer An Extensible and Privacy-preserving Mobile eID System for Real-world Identification and Offline Verification
Sean Simpson, Thomas Groß and Charles Morisset Generating Attack Trees Automatically from an (FIM) Authentication Scenario
Ricardo Neisse Blockchain-based Identity Management and Data Usage Control
12:30 Lunch
13:30 Sessions 3+4 S3 (Room 3):
Tutorial
S4 (Room 2):
“Data Protection and Users”
Chair: Ina Schiering
    Projects PRISMACLOUD and CREDENTIAL Tutorial Sophia Kununka A Comparative Study of Android and iOS Mobile Applications’ Data Handling Practices versus Compliance to Privacy Policy
David Harborth and Sebastian Pape Age Matters – Privacy Concerns of Pokémon Go Players in Germany
Sara Albakry, Kami Vaniea and Maria Wolters Designing an Online Experiment to Understand Users’ URL Reading Ability and Safety Opinion
15:30 Coffee break
16:00 Invited Speaker
(Amphitheater)
Chair: Marit Hansen
Aggelos Kiayias, University of Edinburgh & IOHK Blockchain Systems and Privacy    
17:00 Invited Speaker
(Amphitheater)
Chair: Marit Hansen
Anja Lehmann, IBM Research – Zurich Cryptographic Approaches to Data Pseudonymization, Tokenization & Transparency    
18:00 Wrapping up -18:20 (Amphitheater)
18:20 Reception and Welcome (-19:20)
  Bus transfer
Tuesday, 5 September 2017
08:15 Bus transfer
09:00 Invited Speaker
(Amphitheater)
Chair: Diane Whitehouse
Eran Toch, Tel Aviv University Usable Privacy    
10:00 Coffee break
10:30 Sessions 5+6 S5 (Room 2):
“Data Protection and Usability”
Chair: Kami Vaniea
S6 (Room 3):
Workshop on Social Accountability
    Leonardo Martucci Usable Access Control Rule Sets Diane Whitehouse and Norberto Patrignani Workshop on Social Accountability and Computing (IFIP WG 9.2)
Patrick Murmann and Simone Fischer-Hübner End user perception and expectations of ex post-Transparency Enhancing Tools
Yefim Shulman Towards a Broadening of Privacy Decision Making Models: The Use of Cognitive Architectures
12:30 Lunch
13:30 Sessions 7+8 S7 (Room 3):
Workshop on Evidence-Based Methods
S8 (Room 2):
“Cybersecurity”
Chair: Igor Nai-Fovino
    Kovila P.L. Coopamootoo and Thomas Groß Workshop on Evidence-Based Methods for Privacy and Identity Management Lina Jasmontaite Cybersecurity regulation in the EU Member States: Defining competencies and responsibilities
Aderonke Sakpere (online) On Anonymizing Streaming Crime Data: A Solution Approach for the Developing World
Sascha van Schendel The Sky is not the Limit: Exploring the Boundaries of Big Data-based Presumptions in Criminal Justice
15:30 Coffee break
16:00 Invited Speaker
(Amphitheater)
Chair: Charles Raab
Kjetil Rommetveit, University of Bergen, Centre for the study of the sciences and humanities Privacy by Design in Smart Energy    
17:00 Invited Speaker
(Amphitheater)
Chair: Charles Raab
Delphine Reinhardt, University of Bonn / Fraunhofer FKIE Privacy in IoT – Current Challenges and Future Directions    
18:00 Wrapping up -18:30 (Room TBA)
18:30 Bus transfer
Wednesday, 6 September 2017
08:15 Bus transfer
09:00 Invited Speaker
(Amphitheater)
Chair: Igor Nai-Fovino
Elena Ferrari, Università degli Studi dell’Insubria Identification Services for Online Social Networks (same password as for pre-proceedings)    
10:00 Coffee break
10:30 Invited Speaker
(Amphitheater)
Chair: Marit Hansen
José M. del Álamo, Universidad Politécnica de Madrid Privacy Engineering: Definitions and Challenges    
11:30 Sessions 9+10 S9 (Room 3):
“Measuring Privacy Perceptions”
Chair: Delphine Reinhardt
S10 (Room 2):
“Privacy Dashboard”
Chair: Marit Hansen
    Agnieszka Kitkowska Is It Harmful? Measuring People’s Perceptions of Online Privacy Issues Philip Raschke, Axel Küpper, Olha Drozd and Sabrina Kirrane Design of a Usable and GDPR-compliant Privacy Dashboard
12:15 Lunch
13:30 Invited Speaker
(Amphitheater)
Chair: Marit Hansen
Hannes Federrath, University of Hamburg Anonymity Online – Current Solutions and Challenges    
14:30 Social Event
22:00 Bus Transfer to Hotel
Thursday, 7 September 2017
08:15 Bus transfer
09:00 Invited Speaker
(Amphitheater)
Chair: Simone Fischer-Hübner
Kami Vaniea, University of Edinburgh Tools for Privacy and Data Protection    
10:00 Coffee break
10:30 Sessions 11+12 S11 (Room 2):
“Data Protection and Applications for Assistance”
Chair: Michael Friedewald
S12 (Room 3):
“IoT and Privacy”
Chair: Charles Raab
    Tanja Heuer, Ina Schiering and Reinhard Gerndt Privacy in Socially Assistive Robotics – A Meta Study Poornigha Santhana Kumar and Manfred Tscheligi NFC payments – Gaps between user perception and reality
Alexander Gabel, Ina Schiering, Sandra Verena Müller and Funda Ertas mHealth Applications for Goal Management Training – Privacy Engineering in Neuropsychological Studies Alexander Railean and Delphine Reinhardt Livelong Privacy in the IoT? Measuring Privacy Attitudes Throughout the Life-cycle of IoT Devices
Benjamin Bremert Legal aspects of text mining publicly available data Silvia De Conca From the glass house to the hive: the private sphere in the era of intelligent home assistant robots
12:30 Lunch
13:30 Sessions 13+14 S13 (Room 3):
Workshop on Data Protection by Default
S14 (Room 2):
Rump Session I
Chair: Simone Fischer-Hübner
    Marit Hansen, Felix Bieker, Benjamin Bremert
Putting the powerful concept of Data Protection by Default into practice
  Rump Session with contributions from Summer School participants (to be organised during the Summer School)
14:45 Invited Speaker
(Amphitheater)
Chair: Felix Bieker
Bart van der Sloot, Tilburg University, TILT Identifying Drug Labs by Analysing Sewage Systems    
15:45 Coffee break
16:15 Invited Speaker
(Amphitheater)
Chair: Felix Bieker
Thomas Groß, University of Newcastle upon Tyne Exploring the Human Nature of Online Privacy    
17:15 Wrapping up -17:45 (Room TBA)
18:00 Bus transfer
Friday, 8 September 2017
08:15 Bus transfer
09:00 Invited Speaker
(Amphitheater)
Chair: Igor Nai-Fovino
Mariachiara Tallacchini and Chiara Sabelli, Faculty of Economics and Law of the Università Cattolica del Sacro Cuore of Piacenza From Privacy to Algorithms’ Fairness: Some Hints on the Complex Journey of ICT Ethics    
10:00 Sessions 15+16 S15 (Room 2):
“Basic Paradigms and Crossroad Decisions”
Chair: Thomas Groß
S16 (Room 3):
Rump Session II
Chair: Simone Fischer-Hübner
    Benjamin Bergemann The consent paradox in data protection: How to account for the prominent role of the informed consent   Rump Session with contributions from Summer School participants (to be organised during the Summer School)
    Matthias Hudobnik Is network communitarianism a better regulatory model than cyberpaternalism?
11:15 Panel
(Amphitheater)
Moderator: Ina Schiering; Panelists: Laurent Beslay (JRC), Felix Bieker, Delphine Reinhardt, Kami Vaniea Panel “Do we need smarter research on privacy and data protection?”    
12:15 Best Student Paper Award (Amphitheater)
12:30 Wrapping up / conclusion (Amphitheater)
12:45 End of the Summer School; lunch for people who don’t have to leave already