Volume 2022

Issue 1

• Editors’ Introduction
  Florian Kerschbaum (University of Waterloo), Michelle Mazurek (University of Maryland)
• Personal information inference from voice recordings: User awareness and privacy concerns [PDF]
  Jacob Leon Kröger (Weizenbaum Institute for the Networked Society, Technische Universität Berlin, Germany), Leon Gellrich (Universität Potsdam, Germany), Sebastian Pape (Goethe Universität, Frankfurt, Germany), Saba Rebecca Brause (Weizenbaum Institute for the Networked Society, TU Berlin, Germany), Stefan Ullrich (Weizenbaum Institute for the Networked Society, TU Berlin, Germany)
• Forward and Backward-Secure Range-Searchable Symmetric Encryption [PDF]
  Jiafan Wang (Dept. of Information Engineering, The Chinese University of Hong Kong), Sherman S. M. Chow (Department of Information Engineering, The Chinese University of Hong Kong, Hong Kong)
• (, δ)-Indistinguishable Mixing for Cryptocurrencies [PDF]
  Mingyu Liang (George Mason University), Ioanna Karantaidou (George Mason University), Foteini Baldimtsi (George Mason University), S. Dov Gordon (George Mason University), Mayank Varia (Boston University)
• MLEFlow: Learning from History to Improve Load Balancing in Tor [PDF] [Artifact]
  Hussein Darir (All authors with the University of Illinois at Urbana-Champaign), Hussein Sibai (All authors with the University of Illinois at Urbana-Champaign), Chin-Yu Cheng (All authors with the University of Illinois at Urbana-Champaign), Nikita Borisov (All authors with the University of Illinois at Urbana-Champaign), Geir Dullerud (All authors with the University of Illinois at Urbana-Champaign), Sayan Mitra (All authors with the University of Illinois at Urbana-Champaign)
• How Can and Would People Protect From Online Tracking? [PDF]
  Maryam Mehrnezhad (Newcastle University, UK), Kovila Coopamootoo (Newcastle University, UK), Ehsan Toreini (Durham University, UK)
• Towards Improving Code Stylometry Analysis in Underground Forums [PDF]
  Michal Tereszkowski-Kaminski (King’s College London), Sergio Pastrana (Universidad Carlos III de Madrid), Jorge Blasco (Royal Holloway, University of London), Guillermo Suarez-Tangil (IMDEA Networks Institute and King’s College London)
• Ulixes: Facial Recognition Privacy with Adversarial Machine Learning [PDF]
  Thomas Cilloni (University of Mississippi), Wei Wang (Xi’an Jiaotong-Liverpool University), Charles Walter (University of Mississippi), Charles Fleming (University of Mississippi)
• If This Context Then That Concern: Exploring users’ concerns with IFTTT applets [PDF]
  Mahsa Saeidi (Affil), McKenzie Calvert (Affil), Audrey W. Au (Affil), Anita Sarma (Affil), Rakesh B. Bobba (Affil)
• User Perceptions of Gmail’s Confidential Mode [PDF]
  Elham Al Qahtani (University of North Carolina at Charlotte), Yousra Javed (Illinois State University), Mohamed Shehab (University of North Carolina at Charlotte)
• Toward Uncensorable, Anonymous and Private Access Over Satoshi Blockchains [PDF]
  Ruben Recabarren (Florida International University, Miami, FL 33199), Bogdan Carbunar (Florida International University, Miami, FL 33199)
• OmniCrawl: Comprehensive Measurement of Web Tracking With Real Desktop and Mobile Browsers [PDF] [Artifact]
  Darion Cassel (Carnegie Mellon University), Su-Chin Lin (National Taiwan University), Alessio Buraggina (University of Miami), William Wang (University of Chicago), Andrew Zhang (University of Illinos Urbana-Champaign), Lujo Bauer (Carnegie Mellon University), Hsu-Chun Hsiao (National Taiwan University), Limin Jia (Carnegie Mellon University), Timothy Libert (Google)
• Making the Most of Parallel Composition in Differential Privacy [PDF]
  Josh Smith (Work was done when Josh Smith was at Data61 (CSIRO), Australia), Hassan Jameel Asghar (Macquarie University and Data61 (CSIRO), Australia), Gianpaolo Gioiosa (Data61 (CSIRO), Australia), Sirine Mrabet (Data61 (CSIRO), Australia), Serge Gaspers (University of New South Wales, Australia), Paul Tyler (Data61 (CSIRO), Australia)
• Zen and the art of model adaptation: Low-utility-cost attack mitigations in collaborative machine learning [PDF]
  Dmitrii Usynin (Department of Computing, Imperial College London; Department of Diagnostic and Interventional Radiology, Technical University of Munich), Daniel Rueckert (Institute for Artificial Intelligence in Medicine, Technical University of Munich; Department of Computing, Imperial College London), Jonathan Passerat-Palmbach (Department of Computing, Imperial College London; ConsenSys Health, New York, NY, USA), Georgios Kaissis (Institute for Artificial Intelligence in Medicine, Technical University of Munich; Department of Computing, Imperial College London, Germany)
• AriaNN: Low-Interaction Privacy-Preserving Deep Learning via Function Secret Sharing [PDF]
  Théo Ryffel (INRIA, Département d’informatique de l’ENS, ENS, CNRS, PSL University, Paris, France), Pierre Tholoniat (Columbia University, New York, USA), David Pointcheval (Département d’informatique de l’ENS, ENS, CNRS, PSL University, INRIA, Paris, France), Francis Bach (INRIA, Département d’informatique de l’ENS, ENS, CNRS, PSL University, Paris, France)
• Proof-of-Vax: Studying User Preferences and Perception of Covid Vaccination Certificates [PDF]
  Marvin Kowalewski (Ruhr University Bochum), Franziska Herbert (Ruhr University Bochum), Theodor Schnitzler (Ruhr University Bochum), Markus Dürmuth (Ruhr University Bochum)
• Differentially private partition selection [PDF] [Artifact]
  Damien Desfontaines (Tumult Labs), James Voss (Google), Bryant Gipson (Google), Chinmoy Mandayam (Google)
• Circuit-PSI With Linear Complexity via Relaxed Batch OPPRF [PDF] [Artifact]
  Nishanth Chandran (Microsoft Research.), Divya Gupta (Microsoft Research.), Akash Shah (UCLA. Work done at Microsoft Research.)
• Multiparty Reach and Frequency Histogram: Private, Secure, and Practical [PDF]
  Badih Ghazi (Google Research), Ben Kreuter (Google), Ravi Kumar (Google Research), Pasin Manurangsi (Google Research), Jiayu Peng (Google), Evgeny Skvortsov (Google), Yao Wang (Google), Craig Wright (Google)
• Polymath: Low-Latency MPC via Secure Polynomial Evaluations and Its Applications [PDF] [Artifact]
  Donghang Lu (Purdue University), Albert Yu (Purdue University), Aniket Kate (Purdue University), Hemanta Maji (Purdue University)
• Privacy-preserving FairSwap: Fairness and privacy interplay [PDF] [Artifact]
  Sepideh Avizheh (University of Calgary, AB, Canada), Preston Haffey (University of Calgary, AB, Canada), Reihaneh Safavi-Naini (University of Calgary, AB, Canada)
• If You Like Me, Please Don’t “Like” Me: Inferring Vendor Bitcoin Addresses From Positive Reviews [PDF] [Artifact]
  Jochen Schäfer (University of Mannheim), Christian Müller (University of Mannheim), Frederik Armknecht (University of Mannheim)
• Disparate Vulnerability to Membership Inference Attacks [PDF] [Artifact]
  Bogdan Kulynych (EPFL), Mohammad Yaghini (University of Toronto, Vector Institute), Giovanni Cherubin (Alan Turing Institute), Michael Veale (University College London), Carmela Troncoso (EPFL)
• Privacy-Preserving High-dimensional Data Collection with Federated Generative Autoencoder [PDF]
  Xue Jiang (Technische Universität München, Huawei Technologies Düsseldorf GmbH), Xuebing Zhou (Huawei Technologies Düsseldorf GmbH), Jens Grossklags (Technische Universität München)
• Masking Feedforward Neural Networks Against Power Analysis Attacks [PDF] [Artifact]
  Konstantinos Athanasiou (Northeastern University, Boston, MA), Thomas Wahl (Northeastern University, Boston, MA), A. Adam Ding (Northeastern University, Boston, MA), Yunsi Fei (Northeastern University, Boston, MA)
• From “Onion Not Found” to Guard Discovery [PDF] [Artifact]
  Lennart Oldenburg (imec-COSIC KU Leuven), Gunes Acar (Radboud University), Claudia Diaz (imec-COSIC KU Leuven)
• Polaris: Transparent Succinct Zero-Knowledge Arguments for R1CS with Efficient Verifier [PDF]
  Shihui Fu (University of Waterloo), Guang Gong (University of Waterloo)
• DataProVe: Fully Automated Conformance Verification Between Data Protection Policies and System Architectures [PDF] [Artifact]
  Vinh Thong Ta (Edge Hill University, Ormskirk, UK), Max Hashem Eiza (Liverpool John Moores University, Liverpool, UK)
• SoK: Cryptographic Confidentiality of Data on Mobile Devices [PDF]
  Maximilian Zinkus (Johns Hopkins University), Tushar M. Jois (Johns Hopkins University, {jois), Matthew Green (Johns Hopkins University, {jois)
• Setting the Bar Low: Are Websites Complying With the Minimum Requirements of the CCPA? [PDF] [Artifact]
  Maggie Van Nortwick (Northeastern University), Christo Wilson (Northeastern University)
• The Effectiveness of Adaptation Methods in Improving User Engagement and Privacy Protection on Social Network Sites [PDF]
  Moses Namara (Clemson University), Henry Sloan (Binghamton University), Bart P. Knijnenburg (Clemson University)

Issue 2

• Editors’ Introduction
  Florian Kerschbaum (University of Waterloo), Michelle Mazurek (University of Maryland)
• Are iPhones Really Better for Privacy? A Comparative Study of iOS and Android Apps [PDF] [Artifact]
  Konrad Kollnig (Department of Computer Science, University of Oxford), Anastasia Shuba (Independent Researcher), Reuben Binns (Department of Computer Science, University of Oxford), Max Van Kleek (Department of Computer Science, University of Oxford), Nigel Shadbolt (Department of Computer Science, University of Oxford)
• Building a Privacy-Preserving Smart Camera System [PDF] [Artifact]
  Yohan Beugin (The Pennsylvania State University), Quinn Burke (The Pennsylvania State University), Blaine Hoak (The Pennsylvania State University), Ryan Sheatsley (The Pennsylvania State University), Eric Pauley (The Pennsylvania State University), Gang Tan (The Pennsylvania State University), Syed Rafiul Hussain (The Pennsylvania State University), Patrick McDaniel (The Pennsylvania State University)
• CoverDrop: Blowing the Whistle Through A News App [PDF]
  Mansoor Ahmed-Rengers (OpenOrigins Limited and University of Cambridge), Diana A. Vasile (Department of Computer Science and Technology, University of Cambridge), Daniel Hugenroth (Department of Computer Science and Technology, University of Cambridge), Alastair R. Beresford (Department of Computer Science and Technology, University of Cambridge), Ross Anderson (Department of Computer Science and Technology, University of Cambridge)
• Employees’ privacy perceptions: exploring the dimensionality and antecedents of personal data sensitivity and willingness to disclose [PDF]
  Jan Tolsdorf (Bonn-Rhein-Sieg University of Applied Sciences), Delphine Reinhardt (University of Göttingen), Luigi Lo Iacono (Bonn-Rhein-Sieg University of Applied Sciences)
• Revisiting Identification Issues in GDPR ‘Right Of Access’ Policies: A Technical and Longitudinal Analysis [PDF]
  Mariano Di Martino (Hasselt University - tUL, Expertise Center of Digital Media (EDM)), Isaac Meers (Hasselt University - tUL, Expertise Center of Digital Media), Peter Quax (Hasselt University - tUL, Expertise Center of Digital Media, Flanders Make), Ken Andries (Hasselt University - Law Faculty, Attorney at the Brussels Bar), Wim Lamotte (Hasselt University - tUL, Expertise Center of Digital Media)
• Understanding Privacy-Related Advice on Stack Overflow [PDF]
  Mohammad Tahaei (University of Bristol), Tianshi Li (Carnegie Mellon University), Kami Vaniea (University of Edinburgh)
• SoK: Plausibly Deniable Storage [PDF]
  Chen Chen (Stony Brook University), Xiao Liang (Stony Brook University), Bogdan Carbunar (FIU), Radu Sion (Stony Brook University)
• Increasing Adoption of Tor Browser Using Informational and Planning Nudges [PDF] [Artifact]
  Peter Story (Department of Computer Science, Clark University), Daniel Smullen (School of Computer Science, Carnegie Mellon University), Rex Chen (School of Computer Science, Carnegie Mellon University), Yaxing Yao (Department of Information Systems, University of Maryland, Baltimore County), Alessandro Acquisti (Heinz College of Information Systems and Public Policy, Carnegie Mellon University), Lorrie Faith Cranor (School of Computer Science, Carnegie Mellon University), Norman Sadeh (School of Computer Science, Carnegie Mellon University), Florian Schaub (School of Information, University of Michigan)
• Differentially Private Simple Linear Regression [PDF]
  Daniel Alabi (Harvard John A. Paulson School of Engineering and Applied Sciences), Audra McMillan (Khoury College of Computer Sciences, Northeastern University and Department of Computer Science, Boston University), Jayshree Sarathy (Harvard John A. Paulson School of Engineering and Applied Sciences), Adam Smith (Department of Computer Science, Boston University), Salil Vadhan (Harvard John A. Paulson School of Engineering and Applied Sciences)
• Privacy-preserving training of tree ensembles over continuous data [PDF]
  Samuel Adams (University of Washington Tacoma), Chaitali Choudhary (University of Washington Tacoma), Martine De Cock (University of Washington Tacoma), Rafael Dowsley (Monash University), David Melanson (University of Washington Tacoma), Anderson Nascimento (University of Washington Tacoma), Davis Railsback (University of Washington Tacoma), Jianwei Shen (University of Arizona)
• User-Level Label Leakage from Gradients in Federated Learning [PDF]
  Aidmar Wainakh (Telecooperation Lab, Technical University of Darmstadt), Fabrizio Ventola (Artificial Intelligence and Machine Learning Lab, Technical University of Darmstadt), Till Müßig (Technical University of Darmstadt), Jens Keim (Technical University of Darmstadt), Carlos Garcia Cordero (Telecooperation Lab, Technical University of Darmstadt), Ephraim Zimmer (Telecooperation Lab, Technical University of Darmstadt), Tim Grube (Telecooperation Lab, Technical University of Darmstadt), Kristian Kersting (Artificial Intelligence and Machine Learning Lab, Technical University of Darmstadt), Max Mühlhäuser (Telecooperation Lab, Technical University of Darmstadt)
• Understanding Utility and Privacy of Demographic Data in Education Technology by Causal Analysis and Adversarial-Censoring [PDF]
  Rakibul Hasan (Arizona State University), Mario Fritz (CISPA Helmholtz Center for Information Security)
• Comprehensive Analysis of Privacy Leakage in Vertical Federated Learning During Prediction [PDF]
  Xue Jiang (Technical University of Munich; Huawei Technologies Düsseldorf GmbH), Xuebing Zhou (Huawei Technologies Düsseldorf GmbH), Jens Grossklags (Technical University of Munich)
• Checking Websites’ GDPR Consent Compliance for Marketing Emails [PDF]
  Karel Kubíček (ETH Zurich), Jakob Merane (ETH Zurich), Carlos Cotrini (ETH Zurich), Alexander Stremitzer (ETH Zurich), Stefan Bechtold (ETH Zurich), David Basin (ETH Zurich)
• Efficient Set Membership Proofs using MPC-in-the-Head [PDF]
  Aarushi Goel (Johns Hopkins University), Matthew Green (Johns Hopkins University), Mathias Hall-Andersen (Aarhus University), Gabriel Kaptchuk (Boston Univeristy)
• Privacy-Preserving Positioning in Wi-Fi Fine Timing Measurement [PDF]
  Domien Schepers (Northeastern University), Aanjhan Ranganathan (Northeastern University)
• RegulaTor: A Straightforward Website Fingerprinting Defense [PDF]
  James K Holland (University of Minnesota), Nicholas Hopper (University of Minnesota)
• Knowledge Cross-Distillation for Membership Privacy [PDF]
  Rishav Chourasia (National University of Singapore), Batnyam Enkhtaivan (NEC Corporation), Kunihiro Ito (NEC Corporation), Junki Mori (NEC Corporation), Isamu Teranishi (NEC Corporation), Hikaru Tsuchida (NEC Corporation)
• Updatable Private Set Intersection [PDF]
  Saikrishna Badrinarayanan (Visa Research), Peihan Miao (University of Illinois Chicago), Tiancheng Xie (University of California, Berkeley)
• d3p - A Python Package for Differentially-Private Probabilistic Programming [PDF] [Artifact]
  Lukas Prediger (Aalto University, Finland.), Niki Loppi (NVIDIA AI Technology Center, Finland), Samuel Kaski (Aalto University, Finland & University of Manchester, UK), Antti Honkela (University of Helsinki, Finland 1 Available at: https://github.com/DPBayes/d3p)
• Who Knows I Like Jelly Beans? An Investigation Into Search Privacy [PDF]
  Daniel Kats (NortonLifeLock Research Group), David Luz Silva (NortonLifeLock Research Group), Johann Roturier (NortonLifeLock Research Group)
• PUBA: Privacy-Preserving User-Data Bookkeeping and Analytics [PDF]
  Valerie Fetzer (Karlsruhe Institute of Technology, KASTEL), Marcel Keller (CSIRO’s Data61), Sven Maier (Karlsruhe Institute of Technology, KASTEL), Markus Raiber (Karlsruhe Institute of Technology, KASTEL), Andy Rupp (University of Luxembourg and KASTEL SRL), Rebecca Schwerdt (Karlsruhe Institute of Technology, KASTEL)
• How to prove any NP statement jointly? Efficient Distributed-prover Zero-Knowledge Protocols [PDF]
  Pankaj Dayama (IBM Research), Arpita Patra (Indian Institute of Science Bangalore), Protik Paul (Indian Institute of Science Bangalore), Nitin Singh (IBM Research), Dhinakaran Vinayagamurthy (IBM Research)
• FP-Radar: Longitudinal Measurement and Early Detection of Browser Fingerprinting [PDF]
  Pouneh Nikkhah Bahrami (University of California, Davis), Umar Iqbal (University of Washington), Zubair Shafiq (University of California, Davis)
• Analyzing the Feasibility and Generalizability of Fingerprinting Internet of Things Devices [PDF] [Artifact]
  Dilawer Ahmed (North Carolina State University), Anupam Das (North Carolina State University), Fareed Zaffar (Lahore University of Management Sciences (LUMS))
• Visualizing Privacy-Utility Trade-Offs in Differentially Private Data Releases [PDF] [Artifact]
  Priyanka Nanayakkara (Northwestern University), Johes Bater (Duke University), Xi He (University of Waterloo), Jessica Hullman (Northwestern University), Jennie Rogers (Northwestern University)

Issue 3

• Editors’ Introduction
  Florian Kerschbaum (University of Waterloo), Michelle Mazurek (University of Maryland)
• A Multi-Region Investigation of the Perceptions and Use of Smart Home Devices [PDF] [Artifact]
  Patrick Bombik (Technical University of Munich), Tom Wenzel (Technical University of Munich), Jens Grossklags (Technical University of Munich), Sameer Patil (School of Computing, University of Utah)
• Charting App Developers’ Journey Through Privacy Regulation Features in Ad Networks [PDF]
  Mohammad Tahaei (University of Bristol), Kopo M. Ramokapane (University of Bristol), Tianshi Li (Carnegie Mellon University), Jason I. Hong (Carnegie Mellon University), Awais Rashid (University of Bristol)
• “All apps do this”: Comparing Privacy Concerns Towards Privacy Tools and Non-Privacy Tools for Social Media Content [PDF]
  Vanessa Bracamonte (KDDI Research, Inc.), Sebastian Pape (Goethe University Frankfurt), Sascha Loebner (Goethe University Frankfurt)
• My Cookie is a phoenix: detection, measurement, and lawfulness of cookie respawning with browser fingerprinting [PDF]
  Imane Fouad (Univ. Lille, CNRS, Inria), Cristiana Santos (Utrecht University), Arnaud Legout (Inria), Nataliia Bielova (LINC team, CNIL, France)
• Exploring the Privacy Concerns of Bystanders in Smart Homes from the Perspectives of Both Owners and Bystanders [PDF]
  Ahmed Alshehri (Colorado School of Mines), Joseph Spielman (Colorado School of Mines), Amiya Prasad (Colorado School of Mines), Chuan Yue (Colorado School of Mines)
• Adversarial Images Against Super-Resolution Convolutional Neural Networks for Free [PDF]
  Arezoo Rajabi (University of Washington), Mahdieh Abbasi (Universite Laval), Rakesh B. Bobba (Oregon State University), Kimia Tajik (Case Western Reserve University)
• Integrating Privacy into the Electric Vehicle Charging Architecture [PDF] [Artifact]
  Dustin Kern (Darmstadt University of Applied Sciences), Timm Lauser (Darmstadt University of Applied Sciences), Christoph Krauß (Darmstadt University of Applied Sciences)
• “It Feels Like Whack-a-mole”: User Experiences of Data Removal from People Search Websites [PDF]
  Kejsi Take (New York University), Kevin Gallagher (DCentral/INESC-ID, Instituto Superior Técnico, Universidade de Lisboa), Andrea Forte (Drexel University), Damon McCoy (New York University), Rachel Greenstadt (New York University)
• Learning to Behave: Improving Covert Channel Security with Behavior-Based Designs [PDF]
  Ryan Wails (Georgetown, U.S. Naval Research Laboratory), Andrew Stange (Carnegie Mellon), Eliana Troper (Georgetown Univ.), Aylin Caliskan (University of Washington), Roger Dingledine (The Tor Project), Rob Jansen (U.S. Naval Research Laboratory), Micah Sherr (Georgetown Univ.)
• I know what you did on Venmo: Discovering privacy leaks in mobile social payments [PDF] [Artifact]
  Rajat Tandon (University of Southern California Information Sciences Institute), Pithayuth Charnsethikul (University of Southern California Information Sciences Institute), Ishank Arora (University of Texas, Austin), Dhiraj Murthy (University of Texas, Austin), Jelena Mirkovic (University of Southern California Information Sciences Institute)
• Privacy accounting εconomics: Improving differential privacy composition via a posteriori bounds [PDF] [Artifact]
  Valentin Hartmann (EPFL), Vincent Bindschaedler (University of Florida), Alexander Bentkamp (State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences & Vrije Universiteit Amsterdam), Robert West (EPFL)
• Moby: A Blackout-Resistant Anonymity Network for Mobile Devices [PDF]
  Amogh Pradeep (Northeastern University & EPFL), Hira Javaid (Northeastern University), Ryan Williams (Northeastern University), Antoine Rault (EPFL), David Choffnes (Northeastern University), Stevens Le Blond (EPFL), Bryan Ford (EPFL)
• Athena: Probabilistic Verification of Machine Unlearning [PDF] [Artifact]
  David M. Sommer (Zühlke), Liwei Song (Princeton University), Sameer Wagh (Princeton University), Prateek Mittal (Princeton University)
• Fully Secure PSI via MPC-in-the-Head [PDF]
  S. Dov Gordon (George Mason University), Carmit Hazay (Bar-Ilan University), Phi Hung Le (George Mason University)
• Trace Oddity: Methodologies for Data-Driven Traffic Analysis on Tor [PDF] [Artifact]
  Vera Rimmer (imec-DistriNet, KU Leuven), Theodor Schnitzler (Ruhr-Universität Bochum), Tom Van Goethem (imec-DistriNet, KU Leuven), Abel Rodríguez Romero (imec-DistriNet, KU Leuven), Wouter Joosen (imec-DistriNet, KU Leuven), Katharina Kohls (Radboud University)
• SoK: SCT Auditing in Certificate Transparency [PDF]
  Sarah Meiklejohn (Google LLC), Joe DeBlasio (Google LLC), Devon O’Brien (Google LLC), Chris Thompson (Google LLC), Kevin Yeo (Google LLC), Emily Stark (Google LLC)
• In Search of Lost Utility: Private Location Data [PDF]
  Szilvia Lestyán (Department of Networked Systems and Services,CrySyS Lab, Budapest University of Technology and Economics), Gergely Ács, Gergely Biczók
• Are You Really Muted?: A Privacy Analysis of Mute Buttons in Video Conferencing Apps [PDF] [Artifact]
  Yucheng Yang (University of Wisconsin-Madison), Jack West (Loyola University Chicago), George K. Thiruvathukal (Loyola University Chicago), Neil Klingensmith (Loyola University Chicago), Kassem Fawaz (University of Wisconsin-Madison)
• “We may share the number of diaper changes”: A Privacy and Security Analysis of Mobile Child Care Applications [PDF]
  Moritz Gruber (AWARE7 GmbH), Christian Höfig (AWARE7 GmbH), Maximilian Golla (Max Planck Institute for Security and Privacy), Tobias Urban (Institute for Internet Security – if(is); secunet Security Networks AG), Matteo Große-Kampmann (Ruhr University Bochum; AWARE7 GmbH; Institute for Internet Security – if(is))
• Deletion inference, reconstruction, and compliance in machine (un)learning [PDF] [Artifact]
  Ji Gao (University of Virginia), Sanjam Garg (University of California, Berkeley and NTT Research), Mohammad Mahmoody (University of Virginia), Prashant Nalini Vasudevan (National University of Singapore)
• Leave No Data Behind – Empirical Insights into Data Erasure from Online Services [PDF]
  Eduard Rupp (Technical University of Munich), Emmanuel Syrmoudis (Technical University of Munich), Jens Grossklags (Technical University of Munich)
• Mixnet optimization methods [PDF] [Artifact]
  Iness Ben Guirat (imec-COSIC KU Leuven), Claudia Diaz (imec-COSIC KU Leuven and Nym Technologies SA)
• On dark patterns and manipulation of website publishers by CMPs [PDF]
  Michael Toth (Centre Inria de l’Université Grenoble-Alpes), Nataliia Bielova (Nataliia Bielova, LINC team, CNIL, France), Vincent Roca (Centre Inria de l’Université Grenoble-Alpes)
• Leveraging strategic connection migration-powered traffic splitting for privacy [PDF] [Artifact]
  Mona Wang (Princeton University), Anunay Kulshrestha (Princeton University), Liang Wang (Princeton University), Prateek Mittal (Princeton University)
• DALock: Password Distribution-Aware Throttling [PDF]
  Jeremiah Blocki (Purdue University), Wuwei Zhang (Purdue University)
• On Defeating Graph Analysis of Anonymous Transactions [PDF] [Artifact]
  Christoph Egger (Friedrich-Alexander-Universität Erlangen-Nürnberg), Russell W. F. Lai (Friedrich-Alexander-Universität Erlangen-Nürnberg), Viktoria Ronge (Friedrich-Alexander-Universität Erlangen-Nürnberg), Ivy K. Y. Woo (Independent), Hoover H. F. Yin (The Chinese University of Hong Kong)
• User-friendly yet rarely read: A case study on the redesign of an online HIPAA authorization [PDF] [Artifact]
  Sarah Pearman (Carnegie Mellon University), Ellie Young (New College of Florida), Lorrie Faith Cranor (Carnegie Mellon University)
• OrgAn: Organizational Anonymity with Low Latency [PDF] [Artifact]
  Debajyoti Das (imecCOSIC, KU Leuven, Leuven, Belgium), Easwar Vivek Mangipudi (Department of Computer Science, Purdue University, West Lafayette, USA), Aniket Kate (Department of Computer Science, Purdue University, West Lafayette, USA)
• FingerprinTV: Fingerprinting Smart TV Apps [PDF] [Artifact]
  Janus Varmarken (University of California, Irvine), Jad Al Aaraj (University of California, Irvine), Rahmadi Trimananda (University of California, Irvine), Athina Markopoulou (University of California, Irvine)
• ZoomP3: Privacy-Preserving Publishing of Online Video Conference Recordings [PDF]
  Yuanyi Sun (Penn State University), Sencun Zhu (Penn State University), Yu Chen (Binghamton University, SUNY)
• PrivacyScout: Assessing Vulnerability to Shoulder Surfing on Mobile Devices [PDF]
  Mihai Bâce (University of Stuttgart, Germany), Alia Saad (University of Duisburg-Essen, Germany), Mohamed Khamis (University of Glasgow, United Kingdom), Stefan Schneegass (University of Duisburg-Essen, Germany), Andreas Bulling (University of Stuttgart, Germany)
• SoK: Assumptions Underlying Cryptocurrency Deanonymizations [PDF]
  Dominic Deuber (Friedrich-AlexanderUniversität Erlangen-Nürnberg), Viktoria Ronge (Friedrich-AlexanderUniversität Erlangen-Nürnberg), Christian Rückert (Universität Mannheim)
• Watch Over Your TV: A Security and Privacy Analysis of the Android TV Ecosystem [PDF] [Artifact]
  Marcos Tileria (Royal Holloway, University of London), Jorge Blasco (Royal Holloway, University of London)
• SoK: TEE-Assisted Confidential Smart Contract [PDF]
  Rujia Li (Southern University of Science and Technology & University of Birmingham), Qin Wang (CSIRO Data61), Qi Wang (Southern University of Science and Technology), David Galindo (University of Birmingham), Mark Ryan (University of Birmingham)
• Privacy-Preserving and Efficient Verification of the Outcome in Genome-Wide Association Studies [PDF] [Artifact]
  Anisa Halimi (IBM Research Europe - Dublin), Leonard Dervishi (Case Western Reserve University), Erman Ayday (Case Western Reserve University), Apostolos Pyrgelis (EPFL), Juan Ramón Troncoso-Pastoriza (Tune Insight), Jean-Pierre Hubaux (EPFL), Xiaoqian Jiang (University of Texas, Health Science Center), Jaideep Vaidya (Rutgers University)

Issue 4

• Editors’ Introduction
  Florian Kerschbaum (University of Waterloo), Michelle Mazurek (University of Maryland)
• Blocked or Broken? Automatically Detecting When Privacy Interventions Break Websites [PDF]
  Michael Smith (University of California, San Diego), Peter Snyder (Brave Software), Moritz Haller (Brave Software), Benjamin Livshits (Imperial College London), Deian Stefan (University of California, San Diego), Hamed Haddadi (Brave Software)
• SoK: Privacy-enhancing Smart Home Hubs [PDF]
  Igor Zavalyshyn (UCLouvain), Axel Legay (UCLouvain), Annanda Rath (Sirris), Etienne Rivière (UCLouvain)
• On the Cost of Suppressing Volume for Encrypted Multi-maps [PDF]
  Megumi Ando (MITRE), Marilyn George (Brown University)
• XORBoost: Tree Boosting in the Multiparty Computation Setting [PDF]
  Kevin Deforth (Inpher, Switzerland), Marc Desgroseilliers (Inpher, Switzerland), Nicolas Gama (Inpher, Switzerland), Mariya Georgieva (Inpher, Switzerland), Dimitar Jetchev (Inpher, Switzerland), Marius Vuille (Inpher, Switzerland)
• Neural Fuzzy Extractors: A Secure Way to Use Artificial Neural Networks for Biometric User Authentication [PDF]
  Abhishek Jana (Kansas State University), Bipin Paudel (Kansas State University), Md Kamruzzaman Sarker (Kansas State University), Monireh Ebrahimi (Kansas State University), Pascal Hitzler (Kansas State University), George T Amariucai (Kansas State University)
• Analyzing the Monetization Ecosystem of Stalkerware [PDF]
  Cassidy Gibson (University of Florida), Vanessa Frost (University of Florida), Katie Platt (University of Florida), Washington Garcia (University of Florida), Luis Vargas (University of Florida), Sara Rampazzi (University of Florida), Vincent Bindschaedler (University of Florida), Patrick Traynor (University of Florida), Kevin Butler (University of Florida)
• A Global Survey of Android Dual-Use Applications Used in Intimate Partner Surveillance [PDF] [Artifact]
  Majed Almansoori (University of Wisconsin-Madison), Andrea Gallardo (Carnegie Mellon University), Julio Poveda (University of Maryland), Adil Ahmed (University of Wisconsin-Madison), Rahul Chatterjee (University of Wisconsin-Madison)
• On the Feasibility of Linking Attack to Google/Apple Exposure Notification Framework [PDF] [Artifact]
  Kazuki Nomoto (Waseda University), Mitsuaki Akiyama (NTT), Masashi Eto (Ministry of Internal Affairs and Communications (MIC)), Atsuo Inomata (Osaka University), Tatsuya Mori (Waseda University/NICT/RIKEN AIP)
• Towards Sparse Federated Analytics: Location Heatmaps under Distributed Differential Privacy with Secure Aggregation [PDF]
  Eugene Bagdasaryan (Cornell Tech), Peter Kairouz (Google), Stefan Mellem (Google), Adrià Gascón (Google), Kallista Bonawitz (Google), Deborah Estrin (Cornell Tech), Marco Gruteser (Google)
• 3LegRace: Privacy-Preserving DNN Training over TEEs and GPUs [PDF]
  Yue Niu (Electrical and Computer Engineering Department, University of Southern California), Ramy E. Ali (Electrical and Computer Engineering Department, University of Southern California, reali), Salman Avestimehr (Electrical and Computer Engineering Department, University of Southern California, reali)
• How Usable Are iOS App Privacy Labels? [PDF]
  Shikun Zhang (Carnegie Mellon University), Yuanyuan Feng (University of Vermont), Yaxing Yao (University of Maryland, Baltimore County), Lorrie Faith Cranor (Carnegie Mellon University), Norman Sadeh (Carnegie Mellon University)
• gOTzilla: Efficient Disjunctive Zero-Knowledge Proofs from MPC in the Head, with Application to Proofs of Assets in Cryptocurrencies [PDF] [Artifact]
  Foteini Baldimtsi (George Mason University), Panagiotis Chatzigiannis (George Mason University - Visa Research), S. Dov Gordon (George Mason University), Phi Hung Le (George Mason University), Daniel McVicker (George Mason University)
• Developers Say the Darnedest Things: Privacy Compliance Processes Followed by Developers of Child-Directed Apps [PDF]
  Noura Alomar (University of California, Berkeley), Serge Egelman (University of California, Berkeley and International Computer Science Institute)
• LLAMA: A Low Latency Math Library for Secure Inference [PDF] [Artifact]
  Kanav Gupta (Microsoft Research), Deepak Kumaraswamy (Microsoft Research), Nishanth Chandran (Microsoft Research), Divya Gupta (Microsoft Research)
• ATOM: Ad-network Tomography [PDF] [Artifact]
  Maaz Bin Musa (University of Iowa), Rishab Nithyanand (University of Iowa)
• Investigating GDPR Fines in the Light of Data Flows [PDF]
  Marlene Saemann (Bosch), Daniel Theis (Institute for Internet Security), Tobias Urban (Institute for Internet Security & secunet Security Networks AG), Martin Degeling (Ruhr University Bochum)
• Machine Learning with Differentially Private Labels: Mechanisms and Frameworks [PDF] [Artifact]
  Xinyu Tang (Princeton University), Milad Nasr (University of Massachusetts Amherst), Saeed Mahloujifar (Princeton University), Virat Shejwalkar (University of Massachusetts Amherst), Liwei Song (Princeton University), Amir Houmansadr (University of Massachusetts Amherst), Prateek Mittal (Princeton University)
• Pika: Secure Computation using Function Secret Sharing over Rings [PDF]
  Sameer Wagh (Devron Corporation and UC Berkeley)
• Flexible and scalable privacy assessment for very large datasets, with an application to official governmental microdata [PDF] [Artifact]
  Mário S. Alvim (UFMG, Brazil), Natasha Fernandes (Macquarie University, Australia), Annabelle McIver (Macquarie University, Australia), Carroll Morgan (UNSW and Trustworthy Systems, Australia), Gabriel H. Nunes (UFMG, Brazil)
• “You offer privacy like you offer tea”: Investigating Mechanisms for Improving Guest Privacy in IoT-Equipped Households [PDF]
  Karola Marky (Leibniz University Hannover and University of Glasgow), Nina Gerber (Technical University of Darmstadt), Michelle Gabriela Pelzer (Technical University of Darmstadt), Mohamed Khamis (University of Glasgow), Max Mühlhäuser (Technical University of Darmstadt)
• Effects of Privacy Permissions on User Choices in Voice Assistant App Stores [PDF]
  Gary Liu (University of California, Berkeley), Nathan Malkin (University of California, Berkeley)
• Collection, usage and privacy of mobility data in the enterprise and public administrations [PDF]
  Alexandra Kapp (Hochschule für Technik und Wirtschaft Berlin (HTW), University of Applied Sciences)
• Ctrl-Shift: How Privacy Sentiment Changed from 2019 to 2021 [PDF]
  Angelica Goetzen (Max Planck Institute for Software Systems), Samuel Dooley (University of Maryland & Max Planck Institute for Software Systems), Elissa M. Redmiles (Max Planck Institute for Software Systems)
• Keeping Privacy Labels Honest [PDF] [Artifact]
  Simon Koch (Technische Universität Braunschweig, Institute for Application Security), Malte Wessels (Technische Universität Braunschweig, Institute for Application Security), Benjamin Altpeter (Datenanfragen.de e. V.), Madita Olvermann (Technische Universität Braunschweig, Industrial/Organizational and Social Psychology), Martin Johns (Technische Universität Braunschweig, Institute for Application Security)
• Zswap: zk-SNARK Based Non-Interactive Multi-Asset Swaps [PDF] [Artifact]
  Felix Engelmann (IT University of Copenhagen), Thomas Kerber (University of Edinburgh, IOHK, thomas.), Markulf Kohlweiss (University of Edinburgh, IOHK), Mikhail Volkhov (University of Edinburgh)
• Formalizing and Estimating Distribution Inference Risks [PDF] [Artifact]
  Anshuman Suri (University of Virginia), David Evans (University of Virginia)
• Connect the Dots: Tighter Discrete Approximations of Privacy Loss Distributions [PDF]
  Vadym Doroshenko (Google), Badih Ghazi (Google Research), Pritish Kamath (Google Research), Ravi Kumar (Google Research), Pasin Manurangsi (Google Research)
• Hidden Issuer Anonymous Credential [PDF] [Artifact]
  Daniel Bosk (KTH), Davide Frey (Univ Rennes, CNRS, Inria, IRISA), Mathieu Gestin (Univ Rennes, CNRS, Inria, IRISA), Guillaume Piolle (CentraleSupélec, Inria, Univ Rennes, CNRS, IRISA)
• A novel reconstruction attack on foreign-trade official statistics, with a Brazilian case study [PDF]
  Danilo Fabrino Favato (Universidade Federal de Minas Gerais, Brazil), Gabriel Coutinho (Universidade Federal de Minas Gerais, Brazil), Mário S. Alvim (Universidade Federal de Minas Gerais, Brazil), Natasha Fernandes (Macquarie University, Australia)
• Private Aggregation of Trajectories [PDF]
  Badih Ghazi (Google Research), Neel Kamal (Google), Ravi Kumar (Google Research), Pasin Manurangsi (Google Research), Annika Zhang (Google)
• On the Challenges of Developing a Concise Questionnaire to Identify Privacy Personas [PDF] [Artifact]
  Tom Biselli (Science and Technology for Peace and Security (PEASEC) Technical University of Darmstadt), Enno Steinbrink (Science and Technology for Peace and Security (PEASEC) Technical University of Darmstadt), Franziska Herbert (Science and Technology for Peace and Security (PEASEC) Technical University of Darmstadt), Gina M. Schmidbauer-Wolf (Science and Technology for Peace and Security (PEASEC) Technical University of Darmstadt), Christian Reuter (Science and Technology for Peace and Security (PEASEC) Technical University of Darmstadt)
• Homomorphically counting elements with the same property [PDF]
  Ilia Iliashenko (Ciphermode Labs), Malika Izabachène (Cosmian), Axel Mertens (imec-COSIC - KU Leuven), Hilder V. L. Pereira (imec-COSIC - KU Leuven)
• Time- and Space-Efficient Aggregate Range Queries over Encrypted Databases [PDF]
  Zachary Espiritu (Brown University), Evangelia Anna Markatou (Brown University), Roberto Tamassia (Brown University)
• How Not to Handle Keys: Timing Attacks on FIDO Authenticator Privacy [PDF]
  Michal Kepkowski (Macquarie University), Lucjan Hanzlik (CISPA Helmholtz Center for Information Security), Ian Wood (Macquarie University), Mohamed Ali Kaafar (Macquarie University)
• Replay (Far) Away: Exploiting and Fixing Google/Apple Exposure Notification Contact Tracing [PDF] [Artifact]
  Christopher Ellis (The Ohio State University), Haohuang Wen (The Ohio State University), Zhiqiang Lin (The Ohio State University), Anish Arora (The Ohio State University)
• Adam in Private: Secure and Fast Training of Deep Neural Networks with Adaptive Moment Estimation [PDF]
  Nuttapong Attrapadung (AIST), Koki Hamada (NTT), Dai Ikarashi (NTT), Ryo Kikuchi (NTT), Takahiro Matsuda (AIST), Ibuki Mishina (NTT), Hiraku Morita (University of St. Gallen), Jacob C. N. Schuldt (AIST)
• Privately Connecting Mobility to Infectious Diseases via Applied Cryptography [PDF] [Artifact]
  Alexandros Bampoulidis (Research Studio Data Science, RSA FG, Vienna, Austria), Alessandro Bruni (Katholieke Universiteit Leuven, Belgium), Lukas Helminger (Graz University of Technology / KnowCenter GmbH, Austria), Daniel Kales (Graz University of Technology, Austria), Christian Rechberger (Graz University of Technology, Austria), Roman Walch (Graz University of Technology / Know-Center GmbH, Austria)