IWPE 2016 : 2nd IEEE International Workshop on Privacy Engineering
Call For Papers
Privacy engineering research has never been a more timely endeavor. Ongoing news reports regarding global surveillance programs, massive personal data breaches in corporate databases, and notorious examples of personal tragedies due to privacy violations have intensified societal demands for privacy-friendly systems. In response, current legislative and standardization processes worldwide are seeking to strengthen individuals’ privacy by introducing legal and organizational frameworks that personal data collectors and processors must follow. As a result, engineers are increasingly expected to build and maintain systems that preserve privacy and comply with data protection standards in different ICT domains (such as health, energy, transportation, social computing, law enforcement, and public services) and on different infrastructures and architectures (such as cloud, grid, or mobile computing).
Although there is a consensus on the benefits of an engineering approach to privacy, few concrete proposals exist for models, methodologies, techniques and tools to support engineers and organizations in this endeavor. Work that focuses on helping organizations and software developers to identify and adopt appropriate privacy engineering methods, techniques and tools in their daily practices is also missing. Furthermore, it is difficult to systematically evaluate whether the systems developed using privacy engineering methodologies comply with legal frameworks, provide necessary technical assurances, and fulfill users’ privacy requirements.
Clearly, more research is needed in developing methods that can help translate legal and normative concepts, as well as user expectations, into systems requirements. There is also a growing need for techniques and tools to support organizations and engineers in developing and maintaining (socio-)technical systems that meet these requirements. In an effort to close the gaps in research, the topics of IWPE'16 include all aspects of privacy engineering, ranging from its theoretical foundations, engineering approaches and support infrastructures to its practical application in projects of different scales.
Specifically, we are seeking the following kinds of papers:
(1) technical solution papers that illustrate a novel formalism, method or other research finding with preliminary evaluation;
(2) experience and practice papers that describe a case study, challenge or lessons learned in a specific domain;
(3) early evaluations of tools and techniques that support engineering tasks in privacy requirements, design, implementation, testing, etc.;
(4) interdisciplinary studies or critical reviews of existing privacy engineering concepts, methods and frameworks;
(5) vision papers that take a clear position informed by evidence based on a thorough literature review.
IWPE’16 welcomes papers that focus on novel solutions based on recent developments in privacy engineering. Topics of interest include, but are not limited to:
-Integrating law and policy compliance into the development process
-Privacy impact assessment during software development
-Privacy risk management models
-Privacy breach recovery methods
-Technical standards, heuristics and best practices for privacy engineering
-Privacy engineering in technical standards
-Privacy requirements elicitation and analysis methods
-User privacy and data protection requirements
-Management of privacy requirements with other system requirements
-Privacy requirements implementation
-Privacy engineering strategies and design patterns
-Privacy engineering and databases
-Privacy engineering in the context of interaction design and usability
-Privacy testing and evaluation methods
-Validation and verification of privacy requirements
-Engineering of Privacy Enhancing Technologies (PETs)
-Integration of PETs into systems
-Models and approaches for the verification of privacy properties
-Tools and formal languages supporting privacy engineering
-Teaching and training privacy engineering
-Adaptations of privacy engineering into specific software development processes
-Pilots and real-world applications
-Evaluation of privacy engineering methods, technologies and tools
-Privacy engineering and accountability
-Organizational, legal, political and economic aspects of privacy engineering
This topic list is not meant to be exhaustive, as IWPE'16 is interested in all aspects of privacy engineering. However, to screen out off-topic papers early in the review process, we request authors to submit an abstract prior to their paper submission. Abstracts of papers without a clear application to privacy engineering will be considered outside the scope of this workshop and may be rejected.