Program

PETS 2014 will be held at the Royal Tropical Institute – see travel page for more info.

Tuesday July 15

GenoPri: 1st PETS Workshop on Genome Privacy (Mauritszaal)

18:00-19:30 PETS Registration (Marble Hall)

18:00 Welcome Reception (Marble Hall) – joint PETS and GenoPri

Wednesday July 16

All sessions, except for the PET Award ceremony, will be held in Kleine Zaal theatre, Linnaeusstraat 2

8:30-9:30 Registration (in front of Kleine Zaal) – Registration will also be open during coffee breaks and lunch

9:30 Opening Remarks

9:40 Privacy in a Mobile World (Chair: Dali Kaafar)

10:30 Break

11:00 Crypto & Differential Privacy (Chair: Seny Kamara)

12:15 Lunch (Marble Hall)

13:45 Users and Privacy (Chair: Simone Fischer-Huebner)

14:35 Mini-break

14:45 PETS Keynote Address (Chair: Delphine Christin)

User Perceptions of Privacy

Martin Ortlieb, Senior User Experience Researcher in Privacy, Google

16:00 Break

16:30 Attacks to Privacy (Chair: Vitaly Shmatikov)

17:20 Mini-break

17:30 PET Award Reception (Marble Hall)

18:30 Closing

Thursday July 17

All sessions will be held in Kleine Zaal theatre, Linnaeusstraat 2

8:30-9:30 Registration (in front of Kleine Zaal) – Registration will also be open during coffee breaks and lunch

9:00 Misc (Chair: Sharon Goldberg)

10:15 Break

10:45 Panel: PETs Post-Snowden: Implications of the revelations of the NSA and GCHQ Surveillance Programs for the PETs community (Abstract, Handout)

Susan Landau, Wendy Seltzer, Marek Tuszynski, Nadia Heninger and George Danezis (Moderator: Seda Gürses)

12:00 Lunch

14:00 Anonymity (Chair: Paul Syverson)

14:50 Mini-break

14:55 Censorship Resistance (Chair: Rob Jansen)

15:45 Break

16:15 Rump Session (Chair: Roger Dingledine)

18:15 Closing and transfer to Gala Dinner

19:00 Gala Dinner (St. Olofschapel, entrance through NH Barbizon Palace, Prins Hendrikkade 59-72)

Friday July 18 (HotPETS)

All sessions will be held in Kleine Zaal theatre, Linnaeusstraat 2

9:00 Opening Remarks

9:10 Session 1: Anonymous Communications (Chair: Carmela Troncoso)

10:30 Coffee Break

11:00 HotPETs Keynote Address (Chair: George Danezis)

The Surveillance State

William Binney (Former NSA Official)

12:15 Lunch

13:45 Session 2: Law and Policy (Chair: Jens Grossklags)

14:45 Coffee Break

15:15 Session 3: Privacy Measurement (Chair: Aaron Johnson)

16:15 Ice Cream Break

16:45 Session 4: Miscellaneous (Chair: Konstantinos Chatzikokolakis)

17:45 Closing Remarks

Saturday July 19

Social Excursion (not included in the conference fee): Afternoon sail, 12:00 at the canal in front the Lloyd Hotel, Oostelijke Handelskade 34. Cross the street towards the water and you'll see the boat. Please register seperately at the registration desk. Costs EUR 30 (including lunch), to be paid on site in cash at the registration desk. See travel page for full info

Keynote Speakers and Panel

Martin Ortlieb (Senior User Experience Researcher in Privacy, Google): User Perceptions of Privacy

Abstract: In this presentation I will talk about some projects we've undertaken to understand and describe the factors that define privacy for users. In short, we wanted to disambiguate what privacy means for Internet users that are neither lawyers nor engineers. There is a lot of debate amongst these groups of professionals about what best meets users' preferences. In order to bring the user perspective to the privacy debate, we did research into how everyday users define, if at all, privacy. What do users care about and why, when talking about privacy and sensitive data online? In this talk I will present findings about user perceptions of privacy in Germany, the UK and the US. We were also interested to take these insights to create tools, rules and technology that help users to feel confident about how they act on the web, who they communicate with and what they do and/or share with others online. Thus I will also outline some of the outputs that have resulted from the insights from this work.

Bio: Dr Martin Ortlieb is a qualitative User Experience Researcher at Google, focusing on Privacy, sensitive data and user perceptions. He also leads the User Experience Research team on the Privacy effort. He helped with the launch of the Privacy Dashboard, Account Activity, Inactive Account Manager and other Google tools for users' privacy and security. At Google, Dr Ortlieb also worked on SafeSearch, Account Recovery, Priority Inbox, Alerts and Panoramio. Before joining Google in 2008, Martin worked on both sides of the client/consultant divide to improve services and products and their interfaces. His PhD research in Social Anthropology at the University of Manchester focused on the imagination of identity through conceptions of work.

William Binney (Former NSA Official): The Surveillance State

Abstract: I will discuss the evolution of electronic surveillance to include efforts by the US administration to first keep their surveillance secret and then over time attempt to manipulate the congress to pass laws to make what they were doing legal. And, I will give an outline of data acquisition, processing and analysis plus suggest some things to do to help secure communications, and, discuss the difficulty of whistle blowing in the surveillance environment.

Bio: Between 2001 and mid 2007, Mr. Binney was a consultant on analysis and analytic techniques to various agencies of the US government intelligence community - NSA, CIA, NRO and Customs and Border Protection in the Department of Homeland Security. From 1970 to 2001, Mr. Binney was a civilian employee of NSA. At NSA, Mr. Binney held numerous positions: Technical Director of the World Geopolitical and Military Analysis, Operations Directorate Analysis Skill field leader, member of the NSA Senior Technical Review Panel, Chair of the Technical Advisory Panel to the Foreign Relations Council, co-founder of the Sigint Automation Research Center, an agency representative to the National Technology Alliance Executive Board, and Technical Director of the Office of Russia as well as a leading analyst for warning for over 20 years.



Over the years, Mr. Binney applied mathematical discipline to collection, analysis and reporting. In the process, he was able to structure analysis and transform it into a definable discipline, making it possible to code and automatically execute functions without human intervention from the point of collection to the end product. The successful automation of analysis formed the foundation for prototype developments in the SIGINT Automation Research Center; demonstrated how to handle massive amounts of data effectively and relate results to military and other customers; and, formed the basis for organizing an international coalition of countries to develop and share technology advances.

Panel: PETs Post-Snowden: Implications of the revelations of the NSA and GCHQ Surveillance Programs for the PETs community (Moderator: Seda Gürses)

Abstract: Despite the entertainment value of program names like "egotistical giraffe", "onion breath" and "moth monster", the revelations about the NSA and GCHQ surveillance programs are more than troubling. Specifically, BullRun (attacks on crypto) and the egotistical series (attacks on Tor) pose challenges to the PETs community and the solutions they work on. This panel focuses on some of these challenges, discuss their implications for PETs researchers and practitioners, and explore ways forward.

According to some, the revelations show that law and policy have failed to protect citizens around the globe from surveillance. It falls also upon the shoulders of the PETs community to build solutions that are resilient to "mass surveillance" practices. But while Edward Snowden announced that "crypto still works", intelligence agencies will continue to find ways to work around it. So others have argued that technology is far from a complete answer and that working with policy and law is more necessary than ever. If so, the challenges here range from finding ways to convince policy makers that weakening the Internet for surveillance is not acceptable to actually regulating "good" security and "bad" surveillance practices.

Both positions are troubled by motions to prevent companies from applying secure designs that may be seen as obstructing law enforcement agencies from conducting investigations. Further, governments around the globe are likely to consider implementing "back doors" as well as utilizing zero-day exploits as a way to guarantee law enforcement access. These aggressive policies raise questions about where PETs can and should live; and, how to guarantee that their design remains robust, e.g., by keeping the implementation open to scrutiny?

Simultaneously with the revelations, cybersecurity for critical infrastructures has gathered force. Governments around the globe now bring intelligence agencies, standards bodies, contractors as well as academic researchers around tables in order to align technical security issues with national security interests. Cybersecurity funding abounds, affecting research trajectories as well as what gets done. How are PETs researchers and practitioners to manage these increasingly politicized demands along national lines?

Finally, people in their everyday lives navigate the implications of the revelations about the surveillance programs as much as engineers and researchers. Prominent security engineers have favored prioritizing developing measures against mass surveillance rather than for targeted surveillance. How end users may be impacted through this prioritization of mass over targeted is unclear. And indeed, the distinction itself may not be as clear cut as some of its proponents suggest. In other words, the issues raised here beg the question as to how we can ensure that user interests are a continuous part of the PETs community's priorities?

At our panel we look forward to welcoming:

Susan Landau, Professor of Cybersecurity Policy at Worcester Polytechnic Institute

Wendy Seltzer, Policy Counsel, W3C, and Founder, ChillingEffects.org, Berkman Center

Stephanie Hankey, Tactical Tech Collective

Nadia Heninger, Assistant Professor of Computer and Information Science, University of Pennsylvania

George Danezis, Reader in Security and Privacy Engineering, University College London

Seda Gürses, Research Fellow, New York University (moderator)

Handout notes are also available available.