Norman Sadeh walks to the podium. He introduces himself simply as a professor of computer science at Carnegie Mellon University. True enough, but a glance at his bio reveals so much more: He leads two of the largest national research projects in data privacy and also cofounded and codirects CMU’s Master’s Program in Privacy Engineering. His privacy research has been credited with influencing the design of products at companies such as Facebook and Google, as well as activities at the U.S. Federal Trade Commission.

No wonder he is the one kicking off CMU’s Data Privacy Day, part of a global set of events coordinated in part by the nonprofit National Cyber Security Alliance and meant to create awareness about the importance of privacy and protecting personal information.

Sadeh is among the coordinators of what’s taking place in Pittsburgh, which is open to the university community, and that includes me, a senior undergraduate studying decision science and professional writing. The activities, also free and open to the public, include the following:

This year’s Data Privacy Day, which took place on January 28, has since passed; but the message—how all of us need to be aware of our digital footprint—is timeless, which is why Felten’s keynote address and the panel discussion were streamed live and continue to be available online.

“We’re inviting people to learn more about how they can better protect themselves…what are the tools that are available for people to be more in control about what information about them is being collected,” says Sadeh.

Some of the highlights for me:

“How can we make privacy more available and more accessible to people who are not experts? It shouldn’t require a law degree or an advanced degree in computer science to understand what’s going on, where your data goes when you browse the Web. So how can we get to the point where everyone, whether expert or not, whether rich or powerful or not, has the degree of privacy that makes sense, in the circumstances?” Felten asks. These points are the core of Data Privacy Day and are of international interest.

It’s no wonder there were no fewer than 18 CMU privacy research projects presented at the event’s poster session.

Felten’s remarks become a central theme for the rest of the event. The audience picks up on these issues in a remarkable way. Professors and students from the audience ask intelligent questions that span the issues of data privacy as well as the government’s involvement in these policies.

“Frequently, somebody else can decide to give up information about you in exchange for services. Do you have advice or thoughts about how you navigate life and society given that you don’t always have control over that decision?” an audience member asks. She pinpoints a key concern of the general public about how to navigate data privacy.

“It’s always been the case in privacy that we rely on each other to behave in ways that are reasonable,” Felten responds. His answer resonates with me; I realize that I have never before considered my role as a data user in the privacy of others.

The theme of data privacy in relation to our society continues as the panel members walk on stage and seat themselves in plush armchairs. The first speaker, Alessandro Acquisti, briefly discusses his research. Acquisti, a professor of information technology and public policy at Heinz, is immediately engaging, animatedly jumping into the topic of big data. Like Felten, he has impressive credentials but knows how to relate to his audience.

“We live apparently in the age of Big Data,” Acquisti says, as the PowerPoint presentation behind him displays the iconic Samuel L. Jackson from Pulp Fiction aiming a gun, with the text “Say Big Data one more time.” I laugh quietly in my seat.

One by one, the speakers walk to the podium and discuss their research in a different area within the scope of data privacy. Lorrie Cranor describes a past study of hers that determined whether people would spend hundreds of hours a year reading the privacy policies of every Web site or device that asks them to accept one. Obviously not.

“I don’t spend hundreds of hours a year reading privacy policies, and I do research in this area,” Cranor states, addressing the unrealistic expectations users face. The professor of computer science and engineering and public policy at CMU is currently chief technologist for the Federal Trade Commission. She also helped to organize the event along with Sadeh.

Sadeh’s panel presentation discusses how—by using Artificial Intelligence and Machine Learning techniques—his group has been able to make significant progress in helping automatically analyze privacy policies. He also discussed how Personalized Privacy Assistants can learn people’s privacy preferences and help them configure the increasingly overwhelming number of settings available to them, such as the number of mobile app permission settings users have on their smartphones.

Members of the audience are free to ask questions of the panelists and express their opinions. One gentleman’s statement stands out:

“[Companies] are tracking people in public places without really making a choice; it’s not like I’m choosing to go online and use a service for free, I’m just merely existing in this world, and marketers and retailers are collecting data from and about an individual and using this for profit,” he says.

This concern is a valid one, and it is central to the purpose of Data Privacy Day. There are no easy answers because, at the end of the day, even the panelists are vulnerable to the same issues of data privacy that they were just discussing so adeptly.

It’s no wonder there were no fewer than 18 CMU privacy research projects presented at the event’s poster session.

Learn more about Data Privacy Day 2016: https://cups.cs.cmu.edu/privacy-day/2016/#panel

Related Links