Previous Series Speakers: Fall 2021

Thursday, September 16, 12:00-1:00 pm CST, via Zoom.
Dr. Jonathan Fox, “Privacy Threat Modeling 

In this session a privacy engineering expert will share his real world experience and knowledge of how one may distinguish privacy threats from vulnerabilities, what strategies can be employed to create context diagrams for privacy threat modeling, how privacy engineers can translate threats into user stories, and then utilize user stories to apply controls to reduce or eliminate threats to privacy.

Jonathan Fox, director of privacy by design, is a member of Cisco’s chief privacy office and coauthor of The Privacy Engineer’s Manifesto: Getting from Policy to Code to QA to Value (ApressOpen, 2014). With more than 20 years of privacy experience, Fox’s principal areas of focus have been product development, government relations, mergers and acquisitions, and training. He is a CIPP/US and CIPM, and was a Certified Information Security manager (CISM). Prior to joining Cisco, Fox was senior privacy engineer at Intel. His previous roles include director of data privacy, McAfee; director of privacy, eBay; deputy chief privacy officer for Sun Microsystems; and editor-in-chief of sun.com. Fox frequently speaks at industry events and is a member of the IEEE P7002 Personal Data Privacy Working Group and Chair of the U.S. Technical Advisory Group for ISO/PC 317 Consumer protection: privacy by design for consumer goods and services.

Access a recording of the webinar here.

 

Thursday, October 21, 12:00-1:00 pm CST, via Zoom.
Bruce Schneier, “The Coming AI Hackers.” 

Hacking is inherently a creative process. It’s finding a vulnerability in a system: something the system allows, but is unintended and unanticipated by the system’s creators – something that follows the rules of the system but subverts its intent. Normally, we think of hacking as something done to computer systems, but we can extend this conceptualization to any system of rules. The tax code can be hacked; vulnerabilities are called “loopholes” and exploits are called “tax avoidance strategies.” Financial markets can be hacked. So can any system of laws, or democracy itself. This is a human endeavor, but we can imagine a world where AIs can be hackers. AIs are already finding new vulnerabilities in computer code and loopholes in contracts. We need to consider a world where hacks of our social, economic, and political systems are discovered at computer speeds, and then exploited at computer scale. Right now, our systems of “patching” these systems operate at human speeds, which won’t nearly be enough.

Bruce Schneier is an internationally renowned security technologist, called a “security guru” by The Economist. He is the New York Times best-selling author of 14 books—including Click Here to Kill Everybody—as well as hundreds of articles, essays, and academic papers. His influential newsletter “Crypto-Gram” and blog “Schneier on Security” are read by over 250,000 people. Schneier is a fellow at the Berkman-Klein Center for Internet and Society at Harvard University; a Lecturer in Public Policy at the Harvard Kennedy School; a board member of the Electronic Frontier Foundation, AccessNow, and the Tor Project; and an advisory board member of EPIC and VerifiedVoting.org. He is the Chief of Security Architecture at Inrupt, Inc.

Access a recording of the webinar here.

 

Friday, November 12, 12:00-1:00 pm CST, via Zoom.
Prof. Alessandro Acquisti,
“Behavioral advertising and consumer welfare: An empirical investigation.”

This presentation provides an overview of Professor Acquisti’s work, done jointly with researchers Eduardo Mustri and Idris Adjerid, investigating the impact of behavioral advertising on consumer welfare in a within-subjects online experiment. While the vast majority of empirical work on the impact of online advertising focuses on click and conversion rates of behaviorally targeted ads, they propose a counterfactual approach, in which online consumers are presented with alternative offers: products associated with targeted ads they were served online, competing products, and random products. Participants are asked to compare these alternatives along a variety of metrics. Thus, they assess consumer welfare implications of behavioral advertising comparatively, in an ongoing online experiment that captures differences in participants’ purchase intentions and other product characteristics which can affect consumer utility.

Alessandro Acquisti is a Professor of Information Technology and Public Policy at the Heinz College, Carnegie Mellon University. His research combines economics, decision research, and data mining to investigate the role of privacy in a digital society. His studies have spearheaded the economic analysis of privacy, the application of behavioral economics to the understanding of consumer privacy valuations and decision-making, and the investigation of privacy and personal disclosures in online social networks. He has been the recipient of the PET Award for Outstanding Research in Privacy Enhancing Technologies, the IBM Best Academic Privacy Faculty Award, and numerous Best Paper awards. His studies have been published in journals across multiple disciplines, including Science, Proceedings of the National Academy of Science, the Journal of Economic Literature, Management Science, Marketing Science, the Journal of Consumer Research, and the Journal of Experimental Psychology. His research has been featured in media outlets around the world, including The Economist, The New Yorker, The New York Times and The New York Times Magazine, The Wall Street Journal, The Washington Post, Wired, and 60 Minutes. His TED talks on privacy and human behavior have been viewed over a million times.

 

Tuesday, November 30, 12:00-1:00 pm CST, via Zoom.
Prof. Florian Schaub, “Human-centric Privacy Design and Engineering.”

Privacy is ultimately about people. User studies and experiments provide insights on users’ privacy needs, concerns, and expectations, which are essential to understand what a system’s actual privacy issues are from a user perspective. Drawing on the speaker’s research on privacy notices and controls in different contexts, from cookie consent notices to smartspeakers, this talk discusses how and why privacy controls are often misaligned with user needs, how public policy aimed at protecting privacy often falls short, and how a human-centric approach to privacy design and engineering can yield usable and useful privacy protections that more effectively meet users’ needs and might also benefit companies.

Florian Schaub (he/him) is an assistant professor in the University of Michigan School of Information, with a courtesy appointment in Computer Science and Engineering. His interdisciplinary research combines privacy, human-computer interaction, emerging technologies, and public policy. He studies people’s privacy decision making and behavior, investigates technology-related privacy implications, and develops human-centric privacy solutions that help people better manage their privacy in technology contexts. Dr. Schaub holds a PhD in Computer Science from the University of Ulm, and was a postdoctoral fellow in Carnegie Mellon University’s School of Computer Science. His research has been honored with the 2019 Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies, and with best paper awards at the ACM SIGCHI Conference on Human Factors in Computing (CHI), the USENIX Security Symposium, and the Symposium on Usable Privacy and Security (SOUPS). Dr. Schaub is a DARPA Young Faculty Award recipient. His research has directly impacted industry practice and public policy, including the rulemaking process for the California Consumer Privacy Act (CCPA). Dr. Schaub and his work are frequently featured in national and international news media.