Privacy and Security for Everyone, Anytime, Anywhere
5th Workshop on Inclusive Privacy and Security (WIPS)
Workshop early submission deadline: Thursday, June 25, 2020
Workshop date: August 9th, 2020
Anonymization: Submissions are NOT to be anonymized
Page limit: 4 pages (excluding references and/or appendix)
Formatting: Minimum 1” margins, minimum 11pt text
Alternatively, you can also email us your submission at firstname.lastname@example.org
WIPS is part of the SOUPS conference:
Scope and Focus
Security and privacy challenges confront all participants in modern society, but particular groups may experience unique or uneven privacy and security concerns. These groups may face distinctive obstacles to addressing issues, and their particular needs and concerns may not be well understood beyond those groups. Traditionally, inclusive design has addressed physical accessibility as well as needs arising from age, disability, or environment. While this work remains critical, our community also increasingly recognizes the importance of accounting for the needs of vulnerable users or marginalized groups. The workshop deliberately avoids any concrete definitions of what "vulnerable" means in this context. We encourage a diverse discussion of any group or situation that could be deemed as vulnerable, without prejudice.
In this workshop, we explore the privacy and security experiences and needs of vulnerable user groups. We are also interested in populations or roles in our society (e.g., lawyers, journalists, politicians, activists, medical providers) that support and/or affect the lives of vulnerable individuals. We will endeavor to uncover new ways of taking a more inclusive approach to appreciating and addressing privacy and security challenges. We also seek to identify the unintended harms that can result from privacy and security technology.
The objectives of our workshop are as follows:
i) To broaden participants' awareness of diverse privacy and security concerns.
ii) To compile design guidelines and best practices that are relevant to inclusive design.
iii) To explore the application, adaption, and extension of inclusive design guidelines to privacy and security challenges.
We expect participation from those who want technology respectful of society's diverse security and privacy needs, who seek to ensure that technology is accessible and appropriate for a wider user base, or who endeavour to improve the experience of vulnerable groups. We encourage participation from those who are not yet actively working in inclusive privacy and security!
We enthusiastically encourage participation from those who require accessibility accommodations. If you require accommodations, you can tell us about those by emailing the organizers at email@example.com.
We are soliciting short papers (<= 4 pages, excluding references and/or appendix) for brief presentation:
i) Previously published results
ii) Works-in-progress that evaluate current privacy or security solutions with respect to their inclusivity or exclusivity towards marginalized groups or populations with specific needs
iii) Proposals of design principles, processes, methodologies and/or solutions for specific situations, or generalizable to support a wide range of groups or operational environments
iv) Studies on the needs and experiences of marginalized groups, or for certain situations
Submissions should be made via the submission form. Questions about the workshop, including submissions, should be sent to the organizers (see below).
9:00am - 9:30am: Introduction: attendee introductions, discussion of goals, establishment of group norms
9:30am - 10:15am: Paper presentations
10:15am - 10:30am: Break
10:30am - 11:00am: Card activity
11:00am - 12:00pm: Jigsaw activity
12:00pm - 1:30pm: Lunch break
1:30pm - 3:00pm: Storytelling design activity
3:00pm - 3:30pm: Break
3:30pm - 4:30pm: Storytelling design presentations and discussion
4:30pm - 5:00pm: Wrap-up: Reflection and next steps
Authors of accepted papers will give lightning talks (~5 minutes) about their papers, with 5 minutes per paper for audience members to ask questions. Authors will provide A3/US legal paper sized posters for use in the workshop.
As the paper presentations take place, the organizers will pass around blank notecards in preparation for the card activity.
This will serve as an icebreaker for workshop participants as we transition to group-focused activities.
Set-up Phase (5 minutes)
The organizers will hand out differently-colored index cards to represent the following categories: population, privacy issue, guideline, and methodology. Participants will take five minutes to individually fill out these cards with topics of interest to them and relevance to WIPS.
Within Group Phase (10 minutes)
The organizers will sort participants into groups and have participants compare cards. The groups will begin to match their cards with each other, pairing populations with study methodologies that might be appropriate, privacy issues to design guidelines, and so on.
Summary Phase (10 minutes)
After participants finish matching cards, they will:
- write one (or more) relevant guideline for inclusive privacy and security design on a blank card
- write, on a blank card, one (or more) other population that could benefit from the guidelines they created, reflecting upon the issues that they see in their group’s cards
- write, on a blank card, one (or more) potential adversary/threat for their matched cards
Participants will be encouraged to use the blank cards generously in order to capture any interesting ideas coming out of their discussion.
Presentation Phase (optional, if time available: 5 minutes)
One person from each group will briefly talk about their set of cards.
At the end of the activity, the organizers will place matched card sets where they can be seen throughout the day, and participants can feel free to write on and add blank cards as the workshop develops.
Jigsaw design activity
This activity will be a structured discussion of the ideas developed during card matching:
- Participants will rejoin their card-matching groups and choose one set of matched cards to develop further
- Participants will expand upon the concept from their matched card set, developing the concept into a research plan, in small groups in a structured manner. This will create "experts" from each group in a sub-area of inclusive privacy and security
Groups will spread out to combine "experts" of different areas into "diverse" groups that can contrast, compare, and combine the different areas
- The "diverse" groups will present what common ground they found to all attendees
- Besides combining, workshop attendees could also look out for (1) trade-offs, where something that would be "better" for one population is "worse" for others, and (2) universal design, where the research identified can not only benefit people from diverse populations, but also people who do not belong in any of the populations listed.
Stories put people at the heart of the design process; they can help us put a human face on our research data. Through storyboards, images are presented in an order which allows us to visualise the scenario. Storyboarding has been used in user experience design to visually explore a user’s experience with a product. The focus is not the design of the product; rather, the focus is on the role the product plays in the life of the user and what the product needs to provide to fulfil that role. The goal in this activity is to envision design concepts that fit into the stories being explored.
This is not about your ability to draw, the aim is to formulate and describe the story that presents a common understanding of the problem, how it comes about, and how it might be solved.
Steps to developing a story:
- Develop the character by identifying their behaviours and expectations. There may be more than one character to be developed, for instance the vulnerable user and a possible attacker.
- Describe the scene. This outlines the environment that the character finds themselves and the digital technologies they are using.
- Develop the plot. Create a structure to the story. This should start with a specific trigger and end with either the solution or a problem that the character is left with.
- Annotate the scenes in the plot with design suggestions.
- Once you have finished exploring, document what you think needs done next: more research, a design solution, etc.
Translate your story into a storyboard starting with plain text. By the end of this activity, each group will have a poster describing the scenario and the character they have explored. Groups will present this story to the rest of the workshop participants.
Organizer Bios (alphabetical order)
Tousif Ahmed is a researcher at Samsung Research America. His research span various topics in usable security and privacy including accessible privacy and security, mobile and digital health, security and privacy of wearable devices, and privacy preserving health monitoring. He investigated the ways to improve the privacy and security issues of people with visual impairments using wearable cameras.
Taslima Akter is a fourth-year PhD student in the School of Informatics, Computing, and Engineering at Indiana University Bloomington. Her research focuses on understanding the privacy risks and concerns of people with visual impairments and bystanders with camera-based assistive technology designed for people with visual impairments. In her dissertation, she is working towards designing privacy-aware assistive systems for people with visual impairments.
Joe Calandrino is the research director of the Federal Trade Commission’s Office of Technology Research and Investigation. His office conducts technical research related to the FTC’s consumer protection mission, examining topics such as consumer fraud, online advertising, financial technologies, and connected devices. His agency seeks to ensure that its efforts benefit consumers including older adults, military service members and veterans, non-English-speaking consumers, and a wide variety of other groups.
Lynne Coventry is a research professor in the school of health and life sciences at Northumbria University, UK. She is director of PactLab – a research group exploring the role of technology in our everyday lives and the interdisciplinary Academic Centre of Excellence in Cybersecurity Research. Her research focuses on the interaction between psychology, design and security/privacy behaviours for a wide range of user types and contexts of use including children and cyberbullying, security compliance in the workplace, older adults, stigmatised groups including those living with HIV, and universal design of privacy and security to optimise inclusion and accessibility.
Roberto Hoyle is an Assistant Professor of Computer Science at Oberlin College. His research focuses on extending the benefits of security and privacy to underserved populations that may not benefit from the same privacy protection settings as the general population. He has investigated privacy needs and preferences of children in foster care, transgender activists, and people with a visual impairment, and how current technology, such as egocentric cameras, could be used to protect privacy.
Ada Lerner is an Assistant Professor of Computer Science at Wellesley College, where their research program focuses on inclusive security and privacy. Their work seeks to understand and design technology, using a mix of qualitative, quantitative, design, and measurement methods, in order to enable technology and computation to support the needs of key actors and marginalized groups in our democratic free society. Examples of populations with whom they have worked include lawyers, journalists, resettled refugees, and transgender people.
Abigail Marsh is an Assistant Professor of Computer Science at Macalester College, where their research focuses on the usable privacy concerns of situations where multiple stakeholders have access to one account or device, including familial and romantic relationships, older adults and their caretakers, and many other groups. They additionally research privacy and security concerns introduced by assistive technology.
Yang Wang is an associate professor of information science, and by courtesy, computer science, in the University of Illinois at Urbana-Champaign (UIUC) where he co-directs the Social Computing Systems (SALT) Lab. . His research is centered around usable privacy and security, and social computing. His recent research focuses on designing privacy mechanisms for underserved groups such as people with disabilities.
Yaxing Yao is a post-doctoral fellow in the School of Computer Science at Carnegie Mellon University. His research focuses on understanding privacy risks and people’s privacy concerns in emerging technologies, and designing, implementing, and evaluating privacy mechanisms to protect people’s privacy. In his dissertation work, he looked at the privacy expectations of different stakeholders in smart homes as well as their expected privacy mechanisms.