Lunch and discussion begin at 12:30 pm. No RSVP required for Princeton faculty, staff, and students. Open to members of the public by invitation only. Please contact Jean Butcher at if you are interested in attending a particular lunch.

“The social proof of privacy’s irrelevance vanished, just like that. If Apple thinks that customers will buy its products because no one, not even Apple, can break into the data stored on them, what does it say about the privacy zeitgeist?” Cory Doctorow, Forget Apple’s fight with the FBI, The Guardian, 3/4/2016

The number of privacy debacles of the last years in social networks, web tracking, NSA/GCHQ surveillance, and mass scale breaches have been adding up. Contrary to claims that “privacy is dead”, the popularity of court cases with national and international implications, like Apple vs. FBI, are indicators that people around the world do care about their privacy, and the ambition to design and maintain systems that respond to relevant privacy issues can no longer be dismissed as “anti-progressivism”. However, assuming it is meant to be more than marketing, getting privacy right is challenging. The emerging field of privacy engineering responds to this challenge. It intends to address the gap between privacy research and and engineering practice by systematizing and evaluating methods, techniques and tools to capture and address privacy issues while engineering information systems. In addition, privacy engineering demands paying attention to the context in which these methods, techniques and tools can be applied, e.g., domain, type of organization, engineering expertise and practices, or software and hardware infrastructures.

This talk will first give an overview of the nascent field of privacy engineering. Preliminary results will then be presented from an ongoing empirical study on the impact of the shift from shrink wrap software to services and apps on software engineering practice. Instead of organizing around stable versions of client specific binaries released at longer time intervals, and installed on user owned devices, software provided as a service or in the form of apps tends toward continuous, networked and centrally controlled functionality. What kind of challenges does this shift to services and apps pose to computer science research on privacy? And, have computer scientists understood and responded to these challenges in the privacy solutions they develop?

Bio:

Seda Gürses is a Postdoctoral Research Associate at CITP, Princeton University and an FWO fellow at COSIC, University of Leuven in Belgium. She works on privacy and requirements engineering, privacy enhancing technologies and surveillance. Previously she was a post-doctoral fellow at the Department of Media, Culture and Communications and the Law School at NYU and at COSIC at the Department of Engineering (KUL), after completing her PhD at the Department of Computer Science at the University of Leuven, Belgium. For her current empirical project on the impact of Service Oriented Architectures on engineering practice Seda is collaborating with Joris Van Hoboken, Hadi Asghari and Richmond Wong. Together with Jose M. del Alamo she co-organizes the International Workshop on Privacy Engineering co-located with IEEE Security and Privacy Conference.