CFP: Third International Workshop on Privacy Engineering (IWPE'17)

Hi Web standards privacy folks,

This workshop on Privacy Engineering is co-hosted with IEEE Security & Privacy, in San Jose, California on 25 May 2017. The topics are often very relevant to the kind of practical privacy questions we consider in Web standards and implementations. (I've published a paper on W3C/IETF privacy reviews at a previous iteration and am serving on the program committee.) Both academic studies and professional position papers are welcomed.

Cheers,
Nick

+++++++++++++++++++++++++++++++++++++++++
CFP: Third International Workshop on Privacy Engineering (IWPE'17)
http://ieee-security.org/TC/SPW2017/IWPE/ <http://ieee-security.org/TC/SPW2017/IWPE/>
co-located to IEEE Symposium on Security and Privacy - http://www.ieee-security.org/TC/SP2017 <http://www.ieee-security.org/TC/SP2017>

25 May 2017 - The Fairmont, San Jose, CA

************************************************************
IMPORTANT DATES
Deadline of abstract submission:   3 February, 2017
Deadline of paper submission:      10 February, 2017
Notification of acceptance:        23 February, 2017
Accepted Paper camera ready:       8 March, 2017

************************************************************
We are pleased to invite you to participate in the premier annual event of the International Workshop on Privacy Engineering (IWPE'17).

Ongoing news reports regarding global surveillance programs, massive personal data breaches in corporate databases, and notorious examples of personal tragedies due to privacy violations have intensified societal demands for privacy-friendly systems. In response, current legislative and standardization processes worldwide aim to strengthen individual’s privacy by introducing legal, organizational and technical frameworks that personal data collectors and processors must follow.

However, in practice, these initiatives alone are not enough to guarantee that organizations and software developers will be able to identify and adopt appropriate privacy engineering techniques in their daily practices. Even if so, it is difficult to systematically evaluate whether the systems they develop using such techniques comply with legal frameworks, provide necessary technical assurances, and fulfill users’ privacy requirements. It is evident that research is needed in developing techniques and tools that can aid the translation of legal and normative concepts, as well as user expectations into systems requirements. Furthermore, methods that can support organizations and engineers in developing (socio-)technical systems that address these requirements is of increasing value to respond to the existing societal challenges associated with privacy.

In this context, privacy engineering research is emerging as an important topic. Engineers are increasingly expected to build and maintain privacy-preserving and data-protection compliant systems in different ICT domains such as health, energy, transportation, social computing, law enforcement, public services; based on different infrastructures such as cloud, grid, or mobile computing and architectures. While there is a consensus on the benefits of an engineering approach to privacy, concrete proposals for models, methods, techniques and tools that support engineers and organizations in this endeavor are few and in need of immediate attention.

To cover this gap, the topics of the International Workshop on Privacy Engineering (IWPE'17) focus on all the aspects surrounding privacy engineering, ranging from its theoretical foundations, engineering approaches, and support infrastructures, to its practical application in projects of different scale. Specifically, we are seeking the following kinds of papers: (1) technical papers that illustrate the engineering or application of a novel formalism, method or other research finding (e.g., a privacy enhancing protocol) with preliminary evaluation; (2) experience and practice papers that describe a case study, challenge or lessons learned from in a specific domain; (3) early evaluations of tools and other infrastructure that support engineering tasks in privacy requirements, design, implementation, testing, etc.; (4) interdisciplinary studies or critical reviews of existing privacy engineering concepts, methods, tools and frameworks; or (5) vision papers that take a clear p!
osition informed by evidence based on a thorough literature review.

IWPE’17 welcomes papers that focus on novel solutions on the recent developments in the general area of privacy engineering. Topics of interests include, but are not limited to:
-Integrating law and policy compliance into the development process
-Privacy impact assessment during software development
-Privacy risk management models
-Privacy breach recovery Methods
-Technical standards, heuristics and best practices for privacy engineering
-Privacy engineering in technical standards
-Privacy requirements elicitation and analysis methods
-User privacy and data protection requirements
-Management of privacy requirements with other system requirements
-Privacy requirements elicitation and analysis techniques
-Privacy engineering strategies and design patterns
-Privacy-preserving architectures
-Privacy engineering and databases, services, and the cloud
-Privacy engineering in networks
-Engineering techniques for fairness, transparency, and privacy in databases
-Privacy engineering in the context of interaction design and usability
-Privacy testing and evaluation methods
-Validation and verification of privacy requirements
-Privacy Engineering and design
-Engineering Privacy Enhancing Technologies (PETs)
-Integration of PETs into systems
-Models and approaches for the verification of privacy properties
-Tools and formal languages supporting privacy engineering
-Teaching and training privacy engineering
-Adaptations of privacy engineering into specific software development processes
-Pilots and real-world applications
-Evaluation of privacy engineering methods, technologies and tools
-Privacy engineering and accountability
-Privacy engineering and business processes
-Privacy engineering and manageability of data in (large) enterprises
-Organizational, legal, political and economic aspects of privacy engineering
This topic list is not meant to be exhaustive; since IWPE'17 is interested in all aspects of privacy engineering. However, to screen out off-topic papers early in the review process, we request authors to submit an abstract prior to their paper submission. Abstracts of papers without a clear application to privacy engineering will be considered outside the scope of this workshop and may be rejected.

************************************************************
PAPER FORMAT & SUBMISSION
We solicit unpublished short position papers (up to 4 pages) and long papers reporting technical, research or industry experience (up to 8 pages) on all dimensions of the privacy engineering domain. Each paper, written in English, must follow IEEE Proceedings format.
Authors must submit an extended abstract prior to the paper submission. This abstract is aimed at 1) helping organizers understand whether the paper is on-topic early in the review process; and, 2) allowing reviewers to choose their preferred manuscripts in advance of the paper submission.
Submission of a paper should be regarded as an undertaking that, should the paper be accepted, at least one of the authors will attend the workshop to present the paper. All papers must be submitted via EasyChair at https://www.easychair.org/conferences/?conf=iwpe17 <https://www.easychair.org/conferences/?conf=iwpe17>

************************************************************
If you have any questions regarding IWPE'17, please contact iwpe17@easychair.org <mailto:iwpe17@easychair.org>

IWPE’17 Organizing Committee
 Jose M. del Alamo
 Anupam Datta
 Seda Gürses
 Deirdre K. Mulligan
 Saikat Guha
 Jaap-Henk Hoepman
 Arunesh Sinha

+++++++++++++++++++++++++++++++++++++++++