Room: Main
20:00
Opening Remarks
20:10
Unsafe at any AUC: Unlearned Lessons from
Sociotechnical Disasters for Privacy
Joshua Kroll, US Naval Postgraduate School
Room: Main
20:10-21:10
Abstract: Man-made catastrophes have been
studied for many decades because of the high impact severity of these
events: Chernobyl, Three Mile Island, Fukushima-Daiichi, Bhopal, the Vajont
Dam Collapse, Challenger, the Financial Crash of 2008. A common
misconception is that these kinds of events are rare ``freak'' accidents
and result from the inherently unforeseeable interactions in complex
systems. A closer examination of these disasters reveals that the risks and
hazards were well-known beforehand but not acted upon due to social
structural, political and economic factors. As computing and data-driven
technologies pervade more of society, and are used to manage consequential
outcomes, understanding their capabilities, limitations, and attendant
risks in context requires analysis of full sociotechnical systems.
Sociotechnical analysis of risks in highly complex systems provides clear
lessons for the design and evaluation of computing systems, transcending a
technical focus on reliable or “responsibly designed” components to
understand risks at a systemic level. We outline several ways in which the
unlearned lessons of previous catastrophes can inform engineering practice
beyond the traditional focus on narrow technical failure, considering
especially the social and organizational dynamics that shape
decision-making: improving risk perception, communication, and analysis at
the organizational level; traceability of requirements and
responsibilities; and holistic approaches to responsibility and
safety.
Bio: Joshua A. Kroll is an Assistant
Professor of Computer Science at the Naval Postgraduate School. He studies
the relationship between governance, public policy, and computer systems
using an interdisciplinary approach. His research focuses on the gap
between abstract, values-oriented goals and concrete technical
implementation in areas such as information privacy, cybersecurity, and
trustworthy and responsible AI. His research group studies how to situate
technical decision-making and risk management in a human, organizational,
and policy context to bridge from high-level goals to specific,
implementable requirements. Joshua's publications have appeared in venues
as diverse as law reviews, the IEEE Security & Privacy Symposium, and the
Philosophical Transactions of the Royal Society. His paper "Accountable
Algorithms" in the University of Pennsylvania Law Review received the
Future of Privacy Forum's Privacy Papers for Policymakers Award in 2017.
Joshua helped to create and remains an active participant in and organizer
of the ACM Conference on Fairness, Accountability, and Transparency. Prior
to NPS, Joshua was a postdoctoral researcher at the UC Berkeley School of
Information, a systems engineer at the Internet performance and security
company Cloudflare, and held the NSF Graduate Research Fellowship during
his PhD in Computer Science at Princeton University’s Center for
Information Technology Policy.
21:10
Break (Humanities Foyer)
21:40
Session A
Room: Main
21:40–23:00
Online advice following disruptive events: A case study on TikTok and reproductive privacy
Harshini Sri Ramulu (Paderborn University), Rachel
Gonzalez Rodriguez (The George Washington University), Yasemin Acar
(Paderborn University), Lucy Simko (The George Washington University)
Okay, so you’ve got a PET? That don’t impress me much
Calum Inverarity (Open Data Institute), Ruba Abu-Salma (King's College London; Open Data Institute), Claudine Tinsman (Open Data Institute), Neil Majithia (Open Data Institute)
Raising Awareness of the Privacy and Safety Challenges Faced by Smart Home Product Teams in Non-WEIRD Countries
Shijing He (King’s College London) Yaxiong Lei (University of St Andrews), Chi Zhang (University of St Andrews), Ruba Abu-Salma (King’s College London), Jose Such (King’s College London)
23:00
Lunch (Humanities Foyer)
0:30 (July 20)
Session B
Room: Main
0:30–2:00
The fine art of opening shady documents
Alex Pyrgiotis (Freedom of the Press Foundation)
Automating the discovery and reverse-engineering of proprietary cryptography in popular Chinese applications
Mona Wang (Princeton University), Jeffrey Knockel (Citizen Lab at University of Toronto), Jonathan Mayer (Princeton University), Prateek Mittal (Princeton University)
Looking back at the impacts of Tor's end-of-life policy
Jules Dejaeghere (University of Namur), Lionel Goffaux (University of Namur), Hosam Elkoulak (University of Namur) and Florentin Rochet (University of Namur)
2:00 (July 20)
Ice Cream! (Humanities Foyer)
2:30 (July 20)
Session C
Room: Main
2:30-3:30
Automated Enforcement, Monitoring, and Satisfaction of Notices, Consents, and Controls
Branden Archer (Google), Pauline Anthonysamy
(Google)
The Need for a (Research) Sandstorm through the Privacy Sandbox
Yohan Beugin (University of Wisconsin-Madison), Patrick McDaniel (University of Wisconsin-Madison)
3:30 (July 20)
Closing Remarks and Award