Most of the talks are video recorded, and are viewable on this site or on our YouTube channel.
Lorrie Faith Cranor, Carnegie Mellon University
May 27, 2021 1:30pm, in Zoom
Users who wish to exercise privacy rights or make privacy choices must often rely on website or app user interfaces. However, too often, these user interfaces suffer from usability deficiencies ranging from being difficult to find, hard to understand, or time-consuming to use, to being deceptive and dangerously misleading. An emphasis on meeting legal and regulatory obligations is not sufficient to create privacy interfaces that are usable and useful for users. This talk will provide insights into the reasons why it can be difficult to design privacy interfaces that are usable and useful and suggest user-centric approaches to designing privacy interfaces that better meet user needs and reduce the overwhelming number of privacy choices. I’ll discuss some of our research along these lines at Carnegie Mellon University including our work on designing and evaluating privacy icons and link texts for the California Consumer Privacy Act and our design and evaluation of privacy "nutrition" labels for websites, mobile apps, and IoT devices.
Lorrie Faith Cranor is the Director and Bosch Distinguished Professor of the CyLab Security and Privacy Institute and FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. She is also co-director of the Collaboratory Against Hate: Research and Action Center at Carnegie Mellon and the University of Pittsburgh. In addition, she directs the CyLab Usable Privacy and Security Laboratory (CUPS) and co-directs the MSIT-Privacy Engineering masters program. In 2016 she served as Chief Technologist at the US Federal Trade Commission. She co-founded Wombat Security Technologies, a security awareness training company that was acquired by Proofpoint. She is a fellow of the ACM, IEEE, and AAAS; a member of the ACM CHI Academy; and a recipient of the IAPP Privacy Leadership Award. Her pandemic pet is a bass flute.
- 19 Jan 2012: Sonia Chiasson, Carleton University
- "The convergence of human factors and computer security"
- 12 Dec 2011: Nadia Heninger, UC San Diego
- "Approximate common divisors via lattices"
- 14 Nov 2011: Eugene Vasserman, Kansas State University
- "Censorship Resistant Overlay Publishing"
- 21 Nov 2011: Vinod Vaikuntanathan, University of Toronto
- "Computing Blindfolded: New Developments in Fully Homomorphic Encryption"
- 24 October 2011: Kevin Bauer, University of Waterloo
- "Improving Security and Performance in Low-Latency Anonymity Networks"
- 7 September 2011: Tamir Tassa, The Open University of Israel
- "Generalized Oblivious Transfer by Secret Sharing"
- 8 August 2011: Ahmad-Reza Sadeghi, Technical University Darmstadt
- "Cloudy and Phony: On the Convergence of Cloud and Smartphone Security"
- 26 July 2011: Jean-Pierre Hubaux, EPFL
- "Two Short Talks about the Security of Web Applications"
- 28 May 2011: Ryan Henry, University of Waterloo
- "Formalizing and Extending Anonymous Blacklisting Systems"
2010-2011 (MITACS Speaker Series on Privacy)
- 1 April 2011: Matthew Wright, University of Texas at Arlington
- "Removing Detectable Statistics from Covert Channels"
- 11 March 2011: Prateek Mittal, University of Illinois, Urbana-Champaign
- "Throughput Fingerprinting-based Traffic Analysis of Low Latency Anonymous Communication"
- 8 Mar 2011: Mohammad Hossein Manshaei, EPFL
- "Game Theory Meets Network Security and Privacy"
- 15 Dec 2010: Femi Olumofin, University of Waterloo
- "Preserving Access Privacy Over Large Databases"
- 10 Dec 2010: Aleksander Essex, University of Waterloo
- "Eperio: Mitigating Technical Complexity in Cryptographic Election Verificaiton"
- 9 Dec 2010: Ryan Henry, University of Waterloo
- "Nymbler: Privacy-enhanced Protection from Abuses of Anonymity"
- 3 Dec 2010: Jeremy Clark, University of Waterloo
- "Selections: An Internet Voting System with Over-the-shoulder Coercion Resistance"
- 1 Dec 2010: Femi Olumofin, University of Waterloo
- "Revisiting the Computational Practicality of Private Information Retrieval"
- 26 Nov 2010: Aleksander Essex, University of Waterloo
- "Hacking Democracy: An Election Fraudster's Tricks of the Trade"
- 12 Nov 2010: Stacey Jeffery, University of Waterloo
- "Dealing with Ghosts: Trading Robustness for Correctness and Privacy in Certain Multiparty Functions, Beyond an Honest Majority"
- 22 October 2010: Kevin Bauer, University of Colorado
- "Toward Improving Tor's Security and Performance"
- 24 September 2010: Alessandro Acquisti, Carnegie Mellon University
- "Privacy, Behavioral Economics, and the Control Paradox"
- 9 Sep 2010: Christian Henrich, Karlsruhe Institute of Technology
- "Bingo Voting — Verifiable Voting Scheme Based on a Trusted Random Number Generator"
- 26 July 2010: Maura Paterson, Birkbeck, University of London
- "Distinct-difference configurations: multihop paths and key predistribution in sensor networks"
- 14 July 2010: Atefeh Mashatan, EPFL
- "A Message Recognition Protocol Based on Standard Assumptions"
- 12 July 2010: Tara Whalen, Office of the Privacy Commissioner of Canada
- "Technology and Privacy: A Short Tour through an Emerging Landscape"
A video of the talk is available.
- 8 July 2010: Greg Zaverucha, University of Waterloo
- "Constant-Size Commitments to Polynomials and Their Applications"
- 5 July 2010: Qi Xie, University of Waterloo
- "Privacy-Preserving Interest Matching for Mobile Social Networking"
- 25 June 2010: Michael Reiter, University of North Carolina
- "Defending Against Client Compromises in Client-Server Applications"
- 21 Jun 2010: Can Tang, University of Waterloo
- "An Improved Algorithm for Tor Circuit Scheduling"
- 27 May 2010: Aniket Kate, University of Waterloo
- "Distributed Private-Key Generators for Identity-Based Cryptography"
- 11 May 2010: Roger Dingledine, The Tor Project
- "Tor and censorship: lessons learned"
- 7 May 2010: Rachel Greenstadt, Drexel University
- "Privacy & Stylometry: Exploring the Limitations and Potential of Automated Authorship Recognition"
2009-2010 (MITACS Speaker Series on Privacy)
- 19 March 2010: Rosario Gennaro, IBM Research
- "Non-Interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers"
- 9 March 2010: Tadayoshi Kohno, University of Washington
- "Increasing Privacy with Self-destructing Data"
- 5 March 2010: Wanying Luo, University of Waterloo
- "Designing a Privacy-Aware Location Proof Architecture"
- 5 February 2010: Jeremy Clark, University of Waterloo
- "The First Governmental Election with a Voter Verifiable Tally: Experiences using Scantegrity II at Takoma Park"
- 15 January 2010: Nick Hopper, University of Minnesota
- "Scalable Anonymous Overlay Networks"
- 14 January 2010: Aniket Kate, University of Waterloo
- "Using Sphinx to Improve Onion Routing Circuit Construction"
- 3 December 2009: Sherman Chow, New York University
- "Improving Privacy and Security in Multi-Authority Attribute-Based Encryption"
- 1 December 2009: Periklis Papakonstantinou, University of Toronto
- "On the Impossibility of Basing Identity Based Encryption on Trapdoor Permutations"
- 29 October 2009: Berkant Ustaoğlu, NTT Information Sharing Platform Laboratories
- "Multi-party Off-the-Record Messaging"
- 15 October 2009: Greg Zaveruca, University of Waterloo
- "The Identity Mixer Anonymous Credential System"
- 1 October 2009: Jason Hinek, University of Calgary
- "Towards Attribute-Based Encryption Without Key Delegation"
- 22 July 2009: Ian Goldberg, University of Waterloo
- "Sphinx: A Compact and Provably Secure Mix Format"
- 15 June 2009: Aniket Kate, University of Waterloo
- "Distributed Key Generation for the Internet"
- 27 May 2009: Aniket Kate, University of Waterloo
- "Anonymous Key Agreement in an Identity-Based Infrastructure"
- 8 May 2009: Prof. Nikita Borisov, University of Illinois, Urbana-Champaign
- "Peer-to-peer Anonymous Communication: Approaches and Pitfalls"
2008-2009 (MITACS Speaker Series on Privacy)
- 30 March 2009: Chris Alexander, University of Waterloo
- "Plinko: Polling with a Physical Implementation of a Noisy Channel"
- 23 February 2009: Jennifer Granick, Electronic Frontier Foundation
- "Cutting Edge Cases in Digital Privacy and Crime"
- 18 February 2009: Greg Zaverucha, University of Waterloo
- "Private Intersection of Certified Sets"
- 11 November 2008: Atefeh Mashatan, University of Waterloo
- "Message recognition protocols for ad hoc networks"
- 29 September 2008: Ontario Information and Privacy Commissioner Ann Cavoukian
- "Change the Paradigm: Embed Privacy into Technology and Ride the Next Wave"
A video of the talk is available.
- 18 September 2008: Joel Reardon, University of Waterloo
- "Improving Tor using a TCP-over-DTLS tunnel"
- 19 August, 2008: Kevin Henry, University of Waterloo
- "The theory and applications of homomorphic cryptography"
- 16 July 2008: Ge Zhong, University of Waterloo
- "Distributed approaches for location privacy"
- 9 July 2008: Ryan Stedman, University of Waterloo
- "A user study of Off-the-Record Messaging"
- 2 July 2008: Maura Paterson, Royal Holloway, University of London
- "Aspects of key management in wireless sensor networks"
- 9 June 2008: Chengxi Zhang, University of Waterloo
- "On achieving security and privacy preservation for vehicular communications"
- 8 April 2008: Stefan Saroiu, University of Toronto
- "Towards eradicating phishing attacks"