• Please find the biographies of invited speakers below the program!
  • Workshop summaries and extended abstracts/pre-proceedings are linked from the program below – please follow the links in blue color!
  • PhD student presentations are expected to use 45 minutes including time for setup. Please present your  student paper for 25-30 minutes, and leave at least 15  minutes for discussion!
  • Registration, all sessions and coffee breaks are placed in building 21. Please come to the 3rd floor for registration!
  • Lunch will be served at the “Solsta Inn” cafeteria in building 1, room 1B243 (next to the library building).libray – there you’ll see the cafeteria!

Sunday, 21st August 2016:

19:00 Welcome reception  – Drott Bar (Hotel Drott, Järnvägsgatan 1, near Karlstad central station)

Monday, 22nd August 2016:

8:15 Registration, Coffee

9:00 Opening Session

9:15 – 10:15 Keynote Session: Roger Clarke (Xamax Consultancy Pty Ltd/Australia): Big Data Privacy Risks and Their Assessment and Management (Room: 21A 342)
Chair: Sarah Spiekermann

10:15 – 10:45 Coffee 

10:45- 12:45 Parallel Sessions (shown in columns)

Privacy Forum (Forum Privatheit) Workshop: Smart Cars Cruising on the Road Paved with Good Intentions?  (Room: 21A 342) Workshop: Responsible Research and Innovation (RRI) (Room: 21A 347)
Workshop on Big Data Applications and Individual Rights under the New European General Data Protection Regulation   Felix Bieker, Barbara Büttner,  Murat Karaboga, Hervais Simo Fhom. Emad Yaghmaei (University of Southern Denmark), Bernd Stahl (De Montfort University), et al.

12:45 – 13:45 Lunch

13:45-14:45 Invited Talk: Charles Raab (Edinburgh University/UK): Privacy, Security and Safety: Intelligence and National Security, (Room: 21A 342)
Chair: Michael Friedewald

14:45- 15:15  Coffee

15:15-16:45  Parallel Sessions (shown in columns)

Session 1: Usable Privacy Notices and Transparency, (Room: 21A 342)
Chair: Michael Friedewald
Session 2: Mobile and App Privacy (Part 1) (Room: 21A 347)
Chair: Hans Hedbom
Jana Korunovska, Bernadette Kamleitner and Sarah Spiekermann: Psychological Ownership of Personal Data on Online Social Networks: The Effect of Privacy Notices Florian Otterbein, Tim Ohlendorf and Marian Margraf: Mobile Authentication with German eID
Farzaneh Karegar, Daniel Lindegren, Tobias Pulls and Simone Fischer-Hübner: Visualizing Exports of Personal Data by Exercising the Right of Data Portability in the Data Track – Are People Ready for This?  Andrijana Nikchevska: Clarifying the blurring line between medical, wellbeing and lifestyle apps – Does my app collect health data?

16:45-17:15  Amelia Andersdotter & Anders Jensen-Urstad ( Privacy and the Web –Are you doing what it takes? (Room: 21A 342)
Session Chair: Simone Fischer-Hübner

17:15-17:40 Wrap-up Day 1 (Room: 21A 342)


Tuesday, 23rd August 2016:

9:00-10:00 Bernd Stahl (De Montfort University/ UK): Privacy in the European Brain project  (Room: 21A 342)

10:00-10:30 Coffee

10:30-12:45 Parallel Sessions (shown in columns)

Session 3: Mobile and App Privacy (Part 2), (Room: 21A 342)
Chair: Sarah Spiekermann
Workshop: CREDENTIAL Project – Cloud-Based Sharing of eHealth Data, (Room: 21A 347)
Nurul Momen and Marta Piekarska: Towards Improving Privacy Awareness Regarding Apps’ Permissions on Linux Based Mobile OS by Stephan Krenn, Anna E. Schmaus-Klughammer, Felix Hörandner, Simone Fischer-Hübner et al.
Joseph W. Beckman and Filipo Sharevski: Understanding the Privacy Risk of Campus-wide Wireless Geolocation Information
Matt Voigts:  Inferences are many: protecting privacy
beyond definition and disclosure

12:45-13:45 Lunch

13:45-14:45: Invited Talk: Jan Camenisch (IBM Research Zurich/ Switzerland): Cryptography to the aid! (Room: 21A 342)
Chair: Thomas Gross

14:45- 15:15 Coffee

15:15-16:45 Parallel Sessions (shown in columns)

Workshop: Evidence-Based Methods for Privacy and Identity Management, (Room: 21A 347) Technical Tutorial: The state of academic research in Tor, (Room: 21A 342)
Kovila  Coopamootoo and Thomas Gross (Newcastle University)

Please find the workshop slides and reading materials here!

Linus Nordberg (SUNET/NORDUnet & Tor Project)

16:45-17:05 Wrap-up Day 2 (Room: 21A 342)

18:30 Social event: Boat Tour – Karlstad seen from the waterfront. Meet up before 18:30 at Café Slussvakten, Västra Kanalgatan 2.


Wednesday, 24th August 2016:

9:00-10:00 Invited Talk: Jolanda Girzl (Consumer Agency – Konsument Europa/ Sweden):  Consumer Privacy and Trust, (Room: 21A 342)
Chair: Lothar Fritsch

10:00-10:30 Coffee

10:30-11:30 Invited Talk: Vicenc Torra (Skövde University/ Sweden): Big Data Privacy & Anonymisation, (Room: 21A 342)
Chair: Anja Lehmann

11:30- 14:45 Parallel Sessions (shown in columns – session chair will call for lunch at 13:00)

Session 4: Anonymity and Personalisation, (Room: 21A 342)
Chair: Anja Lehmann
Session 5: Profiling and Privacy, (Room: 21A 345)
Chair: Leonardo Martucci
Workshop: Productisation of Secure eWorking Environments, (Room: 21A 347)
Carlos Rodrigo Gómez Rodríguez and Elena Gabriela Barrantes S.: Using Differential Privacy for the Internet of Things Benjamin Heurich: The value of personal data – trust and reputation within a chaotic network. This is a PET Rescue Mission. Can we get PETs out of the Laboratory?
Led by Roger Clarke.Please refer to Roger’s lecture “Can We  Productise Secure eWorking Environments?”, and to the workshop primer.
Anna Maja Wallin: Is anonymity dead? Anders Persson: Implicit Bias when using Data Profiling within Recruitments and Human-Resource Management.
Roghaiyeh (Ramisa) Gachpaz Hamed, Kaniz Fatema, Owen Conlan, and  Declan O’Sullivan:  Dynamically Semantic Reasoning for Privacy-Preserving Personalisation . Claus-Georg Nolte, Christian Brenig and Günter Müller: Coherences on Privacy in Social Network Services: A Qualitative System Dynamics Analysis

14:45-15:15 Coffee

15:15-16:15 Invited Talk: Steven Murdoch (University College London & VASCO & Tor Project/ UK): Anonymity & Censorship-free Communication, (Room: 21A 342)
Chair: Stephan Krenn

16:15 – 16:30 Wrap us Day 3 (Room: 21A 342)

18:00-19:00 Mariebergsskogen – Guided Tour “Karlstad city park over the last 100 years”, Meet up before 18:00 at the park’s entrance gate at Treffenbergsvägen, 652 29 Karlstad.

19:00 Dinner at Mariebergsskogen at Restaurant Terrassen
& Panel on “Ethical responsibility of the IS discipline when working on privacy and personal data markets” with Sarah Spiekermann, Roger Clarke and Charles Raab.

Thursday, 25th August 2016:

9:00-10:00: Invited Talk: Angela Sasse (University College London/UK): Privacy of Personal Health Data, (Room: 21A 244)
Chair: Leonardo Matucci 

10:00-10:30 Coffee

10:30-12:45 Parallel Sessions (shown in columns)

Session 6: General Data Protection Regulation, (Room: 21A 345)
Chair: Charles Raab
Session 7: Cloud Privacy & Security, (Room: 21A 347)
Chair: Stephan Krenn
Felix Bieker: Enforcing Data Protection Law – the Role of the Supervisory Authorities in Theory and Practice Shyam S. Wagle: Cloud Computing Contracts – Regulatory Issues and Cloud Provider’s Offer: An Analysis
Sushant Agarwal: Towards dealing with GDPR uncertainty Karl Koch and Roland Urbano: Improved Privacy for Two Cloud Scenarios Using Advanced Signature Schemes
John Pearson: Does the GDPR Threaten Research in Europe? Roxana Marcela Farcasescu: Trust Models for Vehicular Cloud Computing

12:45-13:45 Lunch

13:45-14:45 Invited Talk: Rainer Knyrim (Preslmayr Rechtsanwälte OG/ Austria): General Data Protection Regulation – Next steps?  (Room: 21A 244)
Chair: Simone Fischer-Hübner

14:45-15:15 Coffee

15:15-17:30 Parallel Sessions (shown in columns)

Session 8: Policies and Privacy Notices, (Room: 21A 347)
Chair: Roger Clarke
Session 9: Cyber Security, Identity Management & Privacy, (Room: 21A 345)
Chair: Lothar Fritsch
Privacy & Us Workshop on Usability, (Room: 21A 342)
Phyllis Nwadike, Thomas Gross and Kovila Coopamootoo: The impact of Users’ affect states on Privacy Concern Jul Fredrik Kaltenborn: Rule of law – focusing on how the police use computer programs to detect and investigate economic crime by Michael Bechinie (USECON) and Angela Sasse(UCL)
Claudia Quelle: Not just user control in the General Data Protection
Regulation: On controller responsibility and how to
evaluate its suitability to achieve fundamental rights
Sean Simpson and Thomas Gross: A Survey of Security Analysis in Federated Identity Management
Margareth Kang: Beyond Regulation: Alternative Ways to Guarantee
of Privacy and Data Protection.
Meredydd Williams and Jason Nurse, A Taxonomy of Privacy Saliency Research

17:30-17:50: Wrap-up: Day 4, (Room: 21A 244)

Friday, 26th August 2016

9:00-10:00 Invited Talk: Marit Hansen (Data Protection Commissioner of Schleswig Holstein – ULD/ Germany): Data Protection by Design and Default à la European General Data Protection Regulation, (Room: 21A 244)
Chair: Melanie Volkamer

10:00-10:30 Coffee

10:30-12:00 Parallel Sessions (shown in columns)

Rump Session, (Room: 21A 347)
Chair:  Lothar Fritsch
Zinaida Benenson: Open Data Set of Browser Fingerprints – overview and results from a long-term study with more than 1000 participants. Click here to volunteer for survey or to see its results!Elena Barrantes: Why don’t we have a ‘maybe’ button for partial and temporary consent?Claus-Georg Nolte: Competition and privacy.Lothar Fritsch: Would society benefit from government-pushed mandatory TOR use in sensitive areas of society? Is there a moral obligation to provide nodes to society?

Thomas Gross and Lothar Fritsch: Nudging, gamification, neuroscience and informational self-determination – can good intentions restrict individual freedom?

Felix Hörander: Towards a User-friendly Key Management and Recovery Approach using Multi-Hop Proxy Re-Encryption with its Application in a Cloud Data-Sharing Platform

Privacy&Us Workshop on Privacy Law,  (Room: 21A 342)by Harald Zwingelberg (ULD), Michael Birnhack (Tel Aviv University), and Rainer Knyrim (Preslmayr Rechtsanwälte OG).

12:00-12:45 Panel: The Future of Privacy and Identity Management (moderated by Harald Zwingelberg), (Room: 21A 342)

12:45 Closing Session, Best Student Paper Award, (Room: 21A 342)

13:00 Lunch



Information on invited/keynote speakers:

Amelia Andersdotter ( has represented the Swedish Pirate Party in the European Parliament between December 2011 and July 2014. She is a highly sought after international speaker and expert on topics pertaining to the internet, intellectual property and IT-policy. Amelia is on the multistakeholder advisory group for the Internet Governance Forum at the UN since 2014.

Jan Camenisch (IBM Research – Zürich, Switzerland). Dr. Jan Camenisch is a Principal Research Staff Member at IBM Research – Zurich and leads the Privacy & Cryptography research team. He’s a member of the IBM Academy of Technology and an IEEE Fellow. He is a leading scientist in the area of privacy and cryptography, has published over 100 widely cited papers, and has received a number of awards for his work, including the 2010 ACM SIGSAC outstanding innovation award and the 2013 IEEE computer society technical achievement award. Jan is also a co-inventor of Identity Mixer, a unique cryptographic protocol suite for privacy-preserving authentication and transfer of certified attributes.

Roger Clarke (Xamax Consultancy Pty Ltd., Australia). Roger Clarke is a consultant and academic with a particular focus on strategic and policy aspects of eBusiness, information infrastructure, and dataveillance and privacy.  Dr Roger Clarke is the Principle AL Xamax Consultancy Pty Ltd and a Visiting Professor at UNSW and ANU. Roger Clarke is a consultant and
academic with a particular focus on  strategic and policy aspects of eBusiness, information infrastructure, and dataveillance and privacy.  His degrees are from the University of New South Wales (UNSW) and the Australian National University (ANU) and he is a Fellow of both the ACS and AIS. He spent a decade as a senior academic at ANU before returning to  full-time consultancy 20 years ago. Roger was a member of the Committee that established the ACIS conference series in 1990. He has held Visiting Professorships in Bern, Linz, and Hong Kong. He also continues as a visiting Professor in Cyberspace Law and Policy at UNSW and in Computer Science at ANU. His website provides access to most of his 150 refereed publications and
to many other papers. The site has accumulated 50 million hits since it was launched at the beginning of 1995.Roger Clarke has long been active in consumer and privacy advocacy. He is Company Secretary at the Internet  Society of Australia, and recently completed an 8-year term as Chair of the  Australian Privacy Foundation.

Jolanda Girzl (Konsument Europa, Director, ECC Sweden Swedish Consumer Agency). Jolanda has over 15 years of experience in Consumer Affairs. Since December 2007, she is the Director of European Consumer Centre in Sweden. The centre offers free information and counseling to all consumers within the EU, Norway and Iceland. The ECC-offices cooperates closely, share cases and mediates between consumers and traders on cross-border problems. Prior to her current position, she has worked several years as a local consumer advisor and she built up the local consumer advice centre in the Municipality of Karlstad, who is very successful and now serves five municipalities and have a good national reputation. She has studied Law at Uppsala University. Jolanda is very interested in promoting safe and responsible use of the Internet and mobile devices. She was awarded for her commitment and involvement in the Surf Calm campaign in Sweden for promoting safety and security on the web. Jolanda is a board member of HumanIT at Karlstad University, a multidisciplinary research centre, exploring the impact of information technology on society, in close cooperation with the industry. The research is focused around two main research clusters, ICT for Development and Surveillance and Integrity in Information Society.

Marit Hansen (Privacy Commissioner of Schleswig-Holstein, ULD, Germany). Marit Hansen Marit Hansen is Privacy & Information Commissioner of Land Schleswig-Holstein, Germany, and Chief of Unabhaengiges Landeszentrum fuer Datenschutz (ULD). Within ULD she is in charge of the ‘Privacy Enhancing Technologies (PET)’ Division and the ‘Innovation Centre Privacy & Security’. Since her diploma in computer science in 1995 she has been working on security and privacy aspects especially concerning anonymity, pseudonymity, identity management, biometrics, multilateral security, and e-privacy from both the technical and the legal perspectives. In several projects Marit Hansen and her team actively participate in technology design in order to support PET and give feedback on legislation.

Rainer Knyrim (Preslmayr Rechtsanwälte AG, Austria). Dr. Knyrim specialises in data protection. He is certified national expert for the European Privacy Seal EuroPrise, member of the Data Protection Task Force of the ICC in Paris, in the advisory board of the Austrian IT-Law Summit and an IT-Law and privacy review in Austria. He is author of a handbook on privacy and co-publisher of the largest data protection commentary in Austria. Rainer Knyrim has been representing the Austrian Energy Association (Österreichs Energie) in the Expert Group 2 (Data Protection) of the Smart Metering Task Force of the European Commission in Brussels and is advising several energy companies (electricity, gas and network) in smart metering pilot projects in Austria. He has been speaking on smart metering conferences in Vienna, Brussels, Munich and Amsterdam.

Steven Murdoch (University College London, UK – TBC). Dr Steven J. Murdoch is a Royal Society University Research Fellow in the Information Security Research Group of University College London, working on developing metrics for security and privacy. His research interests include authentication/passwords, banking security, anonymous communications, censorship resistance and covert channels. Following his PhD studies on anonymous communications, he worked with the OpenNet Initiative, investigating Internet censorship. He then worked for the Tor Project, on improving the security and usability of the Tor anonymity system. Currently he is supported by the Royal Society on developing methods to understand complex system security. He is also working on analyzing the security of banking systems especially Chip & PIN/EMV, and is Innovation Security Architect of Cronto, an online authentication technology provider and part of the VASCO group.

Charles Raab (University of Edinburgh, UK). Charles Raab is Professiorial Fellow, having held the Chair of Government from 1999 to 2007 and from 2012 to 2015. He has served as a member of the academic staff since 1964, and has held visiting positions in the Oxford Internet Institute, the Tilburg Institute for Law, Technology, and Society (Tilburg University, The Netherlands), Queen’s University, Kingston, Ontario, and the Victoria University of Wellington (NZ). He was a Fellow at the Hanse-Wissenschaftskolleg (Institute for Advanced Study) in Delmenhorst, Germany. With colleagues at the University of Stirling and the Open University, he is a Director of CRISP (Centre for Research into Information, Surveillance and Privacy, and is a founder of the Scottish Privacy Forum. He is a Fellow of the Academy of Social Sciences (FAcSS) and a Fellow of the Royal Society of Arts (FRSA). His main general research interests are in public policy, governance and regulation, and more specifically in information policy (privacy protection and public access to information; surveillance and security; identity and anonymity; information technology and systems in democratic politics, government and commerce; and ethical and human rights implications of information processes).

Angela Sasse (University College London, UK). Angela Sasse is Professor of Human-Centred Security, Head of Information Security Research and Director of the UK Research Institute in Science of Cyber Security (RISCS) at University College London. She read psychology in Germany and holds an M.Sc. in Occupational Psychology from Sheffield University, and a PhD in Computer Science (on Users’ Models) from the University of Birmingham. Angela worked as a Human Factors Specialist for Philips Corporate Industrial Design in 1990 and started as Lecturer in the Department of Computer Science at UCL in November 1990.

Bernd Carsten Stahl is Professor of Critical Research in Technology and Director the Centre for Computing and Social Responsibility at De Montfort University, Leicester, UK. His interests cover philosophical issues arising from the intersections of business, technology, and information. This includes the ethics of ICT and critical approaches to information systems.

Vicenc Torra (University of Skövde) Vicenc Torra is a Full Professor at the Univeristy of Skövde in Sweden since 2014. Before, he was a Assoc. Prof. Research Track (1999-2014) at the Artificial Intelligence Research Institute (IIIA-CSIC), Assoc. Prof. (1991-1999) at the Universitat Rovira i Virgili, and Visiting researcher at the University of Tsukuba (Japan). He is an ISI Elected member (2013), ECCAI Fellow (2010) and Senior Member of IEEE (2003). His Research interests include: approximate reasoning (fuzzy sets, belief functions and imprecise probabilities), data privacy (statistical disclosure control and privacy preserving data mining), aggregation operators and data fusion, decision making and game theory. He is the Editor-in-chief of the Transactions on Data Privacy.

Leave a Comment