1984+31: Is Nothing Private Anymore?

Thursday, November 12, 2015
8:30 a.m. - 2:00 p.m., Lecture Hall
1947 Center Street, Sixth Floor
Berkeley, California 94704

Update: The deadline for submitting posters has been extended to Friday, October 30. Please submit posters here.

It has become de rigueur for consumers to receive notifications of privacy breaches. Up until very recently, the consequences of these breaches have mostly been borne by the companies involved, while the individuals affected receive a year of free credit monitoring. This year, in light of the breaches at OPM and Ashley Madison, these consequences have radically shifted: disclosure of private data has jeopardized security clearances, destroyed relationships, and led to suicides. As we further enter the "Internet of Things" era, more and more sensitive data will become stored in the cloud from an increasingly wider variety of sources. How are the consequences of data breaches likely to change in the coming years? Is the nature of what is considered "private" eroding? What, if anything, should be done about it?

ICSI invites you to join us and our colleagues from academia and industry as we discuss privacy in the digital age. Please register on Eventbrite.

We are now soliciting posters and demos that present results or ongoing work on online privacy or the impact of information technology on privacy in general. Posters and demos must be submitted by Friday, October 30. Please submit posters here.

Schedule

08:30 - 09:00  Breakfast
09:00 - 09:10  Introduction
09:10 - 10:40  Tech Talks

10:40 - 11:00  Coffee break
11:00 - 12:30  Panel Discussion
12:30 - 14:00  Lunch and posters / demos available

15:00 - 18:30  Berkeley Center for Law and Technology's 8th Annual Privacy Lecture: Professor Alessandro Acquisti, "Is Personal Information A Public Good?" For more information, see:

https://www.law.berkeley.edu/centers/bclt/upcoming-events/november-2015-the-8th-annual-privacy-lecture/

9:10 - 10:40   Tech Talks

Description: Hear from the research community about late-breaking privacy-related studies. Each researcher has been invited to give a 10-minute overview of their recent research and will answer questions from the audience. 

Presenters: 

  • Rachel Greenstadt, Drexel University

I will discuss our research on Privacy Detective, a method to automatically detect private information on social media and assess how privacy is socially constructed. We reach 95.45% accuracy in a two-class task classifying Twitter users who do not reveal much private informationand Twitter users who share sensitive information. Additionally, we show that a user’s privacy level is correlated with her friends’ privacy scores and also with the privacy scores of people mentioned in her text but not with the number of her followers.

  • Michael Tschantz, ICSI

I will present AdFisher, an automated and statistically sound tool that explores how user behaviors, Google's ads, and Google's profile settings interact. It runs browser-based experiments and analyzes data using machine learning and significance tests. We found that setting the gender to female resulted in getting fewer instances of an ad related to high paying jobs than setting it to male, and that visiting webpages associated with substance abuse changed the ads shown but not the profile.

  • Julia Bernd, ICSI

The Teaching Privacy project leverages ICSI's research into the mechanisms of online privacy breaches and best practices for individual protection to provide evidence-based public education. In addition to a website for the general public, we are creating classroom-ready teaching materials to support educators in engaging young people in taking proactive steps to manage online privacy.

  • John Chuang, UC Berkeley

Security and Privacy of Neurosensing at Scale: Research in Brain-Computer Interface (BCI) has produced remarkable results in recent years, ranging from neuroprosthetics to synthetic telepathy. Yet, a more seismic revolution is underway, as neurosensing technologies move out of the research labs into the hands (and onto the heads) of consumers. With the coming ubiquity of neurosensors, today's applications in neurogaming, neurofeedback, and neuromarketing will make way for new classes of neurocomputing applications and services, bringing new security and privacy challenges and opportunities.

  • Dawn Song and Joe Near, UC Berkeley

We will ovewview a new framework that we have been developing for secure and privacy-preserving, collaborative data analytics that addresses security and privacy challenges in distributed data analytics. Our system is designed to be easy to use, provide strong, provable, end-to-end guarantees, and also approach the performance of today’s data analytics frameworks.

  • Carl Hewitt, Standard IoT

US industry stands to lose north of $2T: What can be done? In a competitive race down an ethical abyss, many Internet companies depend on ever increasing consumer surveillance in order to better target advertising.

  • Gerald Friedland, ICSI

"An image is worth a 1000 words." Moreover, what's a video worth? And how much more privacy can be invaded by multimedia instead of textual data? This quick talk shows some examples.

  • Chris Hoofnagle, UC Berkeley Law School

My quick talk will concern "native advertising" and endorsements. We have an in-submission paper showing that about a quarter of consumers cannot recognize an advertorial, even when it is labelled as such. In the endorsement space, we found that consumers thought than an endorser was a medical expert if she was depicted before a blue background. There are interesting legal/regulatory implications from our findings.

 

11:00 - 12:30   Panel Discussion

Description: How are privacy threats shifting and what can we do about it? The panel will discuss this and related privacy-related issues. The panel brings together expertise in privacy technology, law, and policy, from different perspectives (academia, industry, and government). The moderated discussion will feature questions from the audience.

Panelists:

  • Alessandro Acquisti, Carnegie Mellon University
  • Sean Butler, Meraki / Cisco
  • Serge Egelman, ICSI / UC Berkeley
  • Nathan Good, Good Research

Moderator: Deborah Todd, Reuters

Panel bios:

Alessandro Acquisti is a professor of information technology and public policy at the Heinz College, Carnegie Mellon University (CMU), the director of the Peex (Privacy Economics Experiments) lab at CMU, and the co-director of Carnegie Mellon’s CBDR (Center for Behavioral and Decision Research). Alessandro investigates the economics of privacy. His studies have spearheaded the investigation of privacy and disclosure behavior in online social networks, and the application of behavioral economics to the study of privacy and information security decision making. Alessandro has been the recipient of the PET Award for Outstanding Research in Privacy Enhancing Technologies, the IBM Best Academic Privacy Faculty Award, the Heinz College School of Information's Teaching Excellence Award, and numerous best paper awards. His studies have been published in journals, books, and proceedings across a variety of fields, including Science, Proceedings of the National Academy of Science, Management Science, Journal of Economic Literature, Marketing Science, Journal of Consumer Research, ACM Transactions, Journal of Personality and Social Psychology, and Journal of Experimental Psychology. Alessandro has testified before U.S. Senate and House committees on issues related to privacy policy and consumer behavior, and has been frequently invited to consult on privacy policy issues by various government bodies, including the White House’s Office of Science and Technology Policy and the Council of Economic Advisers, the Federal Trade Commission, the National Telecommunications and Information Administration, and the European Commission. Alessandro’s findings have been featured in national and international media outlets, including the Economist, the New York Times, the Wall Street Journal, the Washington Post, the Financial Times, Wired.com, NPR, CNN, and 60 Minutes; his TED talks on privacy and human behavior have been viewed over a million times online. His 2009 study on the predictability of Social Security numbers was featured in the “Year in Ideas” issue of the NYT Magazine (the SSNs assignment scheme was changed by the US Social Security Administration in 2011). Alessandro holds a PhD from UC Berkeley, and master's degrees from UC Berkeley, the London School of Economics, and Trinity College Dublin. He has held visiting positions at the Universities of Rome, Paris, and Freiburg (visiting professor); Harvard University (visiting scholar); University of Chicago (visiting fellow); Microsoft Research (visiting researcher); and Google (visiting scientist). He has been a member of the National Academies' Committee on public response to alerts and warnings using social media and has recently joined the Board of Regents of the National Library of Medicine (NLM).

Sean Butler is director of legal services at Cisco Systems, Inc., where he leads the legal team dedicated to the Cisco Meraki business unit. Sean joined Cisco through the $1.2 billion acquisition of Meraki, Inc., a leader in cloud-managed networking products, in December 2012 where he was the first in-house attorney. With the market for Cisco Meraki products reaching around the globe, and the cloud-based nature of the system architecture, Sean now spends a great deal of time managing the company’s response to concerns related to privacy and security and driving the business’s internal compliance initiatives. Prior to joining Meraki, Sean started his own legal practice representing entrepreneurs and startups. Sean began his legal career as a corporate and securities attorney at a prominent Silicon Valley law firm.

Serge Egelman is a senior researcher in the International Computer Science Institute (ICSI) and also holds an appointment in the Department of Electrical Engineering and Computer Sciences (EECS) at the University of California, Berkeley.  He is director of the Berkeley Laboratory for Usable and Experimental Security (BLUES). Serge's research focuses on the intersection of privacy, computer security, and human behavior, with the specific aim of better understanding how people make decisions surrounding their privacy and security, and then creating data-driven improvements to systems and interfaces. This has included human subjects research on social networking privacy, access controls, authentication mechanisms, web browser security warnings, and privacy-enhancing technologies. His work has received multiple best paper awards, including the 2012 Symposium on Usable Privacy and Security (SOUPS) Distinguished Paper Award for his work on smartphone application permissions, and the 2012 Information Systems Research Best Published Paper Award for his work on consumers' willingness to pay for online privacy. Based on this expertise, he routinely is asked to consult as an expert witness on matters relating to consumer privacy and online security. He received his PhD from Carnegie Mellon University and prior to that was an undergraduate at the University of Virginia.  He has also performed research at NIST, Brown University, Microsoft Research, and Xerox PARC.

Dr. Nathan Good is Principal of Good Research and Faculty at UC Berkeley’s Ischool’s Master of Data Science program. A fundamental goal of his work is create devices and services that are simple, secure, and respectful of people's privacy. He is a co-author of the UC Berkeley web privacy census, and contributing author to books on privacy and the user experience of security systems. He has published extensively on user experience studies, privacy, and security related topics and holds patents on software technology for multimedia systems and event analysis. Prior to Good Research, Nathan was at PARC, Yahoo , and HP research labs. At Berkeley, he worked with TRUST and was a member of the 2007 California SOS Top-to-Bottom Review of Electronic Voting Systems. His research has been reported on in the Economist, New York Times, CNN and ABC and he has testified on his research before Congress and the FTC. Nathan has a Phd in Information Science and a MS in Computer Science from the University of California at Berkeley and was a member of LifeLock's Fraud Advisory Board.

Deborah M. Todd is an Internet beat reporter with Thomson Reuters who focuses on Google, Yahoo, and related policy and technology issues. Prior to joining Reuters, Todd worked for the Pittsburgh Post-Gazette, where she covered technology and small business issues. While there she wrote stories on privacy issues, security breaches and the implications of the Internet of Things.  In addition, she closely covered the close relationship between Carnegie-Mellon University and Silicon Valley technology companies, particularly Google.  Before her position covering technology, Todd was a general assignment reporter, handling a wide range of stories on crime, local government, and education.  She joined the Post-Gazette from the New Pittsburgh Courier, where she was a staff writer. And before that she worked for the ABC-TV affiliate in Pittsburgh, WTAE, handling scripts for the morning newscasts as well as segments for “Good Morning America.” Todd graduated from the University of Pittsburgh with a bachelor’s degree in rhetoric and communications.

12:30 - 14:00   Posters / Demos available

Through Friday, October 30, we are soliciting submissions of posters and demos that present results or ongoing work on online privacy or the impact of information technology on privacy in general. Please submit posters here.