01/12/17: PrivacyCon: Call for Presentations [deadline: Oct 3] | Federal Trade Commission

The FTC is seeking research presentations on consumer privacy and security issues. We are seeking empirical research, rather than opinion pieces on law and policy, and are particularly interested in the following areas: Quantifying Consumers’ Privacy & Security Interests. For example: Valuations of privacy: What do consumers care most about – for example, are consumers most concerned about disclosure of data to third parties, or about particular uses of data? Under what circumstances do consumers who have complete information about how their information would be collected and shared choose to exchange their data (e.g., for content, entertainment, or service)? Which kinds of data-sharing and analyses provide the biggest benefits to the public (e.g., insights into public health, crime, resource-allocation and targeted interventions), and how should those benefits be weighed against privacy risks to individual consumers? Privacy risk from exposure of information Apportioning harm or risk to particular breaches or practices Modeling harm, based upon the existence of exploitable vulnerabilities (e.g., risk-modeling) Attack Trends and Responses. For example: Ransomware Medical identity theft Card-not-present fraud Internet of Things vulnerabilities (e.g., insecure APIs or insecure transmissions – in smart homes, health and fitness wearables, voice-controlled technologies, connected cars, and commercial drones) Security-by-design techniques Privacy-protective technologies and behaviors Transparency and Control. For example: To what extent are consumers using opt-out mechanisms and privacy-controls, and how effective are they?   Multiparty relationships: Are first parties adequately informing consumers about third parties and their practices? Are third parties providing first parties sufficient information in order to be transparent with their customers? What are the most effective ways to provide information to consumers about the collection, use, disclosure, and control of their information? How should we measure the effectiveness of transparency and control mechanisms? How are companies tailoring practices to consumers’ privacy preferences, and what are their incentives to do so? How can companies account for variance in consumers’ privacy preferences? Tools that, for example: Allow users to exercise control over their personal information across contexts Detect deception (e.g., by determining whether apps’ data collection and sharing practices comport with the apps’ permissions) Detect discrimination in algorithms (especially in prices or with respect to employment, credit, tenancy, or education) Analyze apps’ code (e.g., to attribute app behavior to third-party libraries) Identify targeted advertising Identify cross-device tracking Quantify security and privacy risks Evaluate the content and meaning of statements in privacy policies Analyze packets of data at scale