Monday, March 20, 2017

5 Tips to Protect Your Privacy in Online Social Networks

Hi all,

I just started a new series about privacy in my new YouTube Channel. In the first video I talked about 5 Tips to Protect Your Privacy in Online Social Networks [to watch the video, press the play button below, or click here]. The title of each tip is listed below:

1- Avoid personal sensitive information on online social networks (such as address etc).

2- Avoid posting about your children online.

3- Always log out from your social networking accounts in computers that are not yours.

4- Avoid posting sensitive pictures online (which you might regret after).

5- Filter to whom you post what.

There will be more videos about privacy on online social networks. If you want to leave your comment, feel free to do it here or in the YouTube Channel.

All the best,

social networks

Monday, September 5, 2016

Browser Fingerprinting Study: Sign Up Today

Hi, all,

Please find below an invitation by Dr. Zinaida Benenson, from the University of Erlangen-Nuremberg, for you to participate in her browser fingerprinting study. Participation takes less than 1 minute per week and no account is needed to sign up.

If you would like to receive the next posts by email, don't forget to subscribe.

Luiza Rezende


"My research group seeks support for an innovative browser fingerprinting study. Participation takes less than 1 minute per week, no account is needed to sign up:

The study is running for 6 months, here are the first statistics:

Your support would help all research groups over the world that do research on browser fingerprinting, as we are going to release an open data set of fingerprints at the end of 2016. Till now, everybody has to compile their own data set, and this is extremely time-consuming.

Our data set will be unique, because through our novel study design we have an unprecedented level of ground truth: We can assign each fingerprint to a particular (of course, anonymized) participant. In all other projects, recurring participants are recognized through cookies, which is very error-prone, as people delete their cookies"

Dr. Zinaida Benenson
Human Factors in Security and Privacy Group
Chair for IT Security Infrastructures
University of Erlangen-Nuremberg

The Unintended Consequences of “People You May Know”

Post Written By Mark Warner - usable privacy and security researcher. Twitter: @privacurity

Going to see a psychiatrist can be a daunting prospect for many due to the often-intimate information being disclosed. The doctor-patient confidentiality regulations are designed to provide an environment in which the patient feels comfortable to disclose and discuss very sensitive information without fear of negative consequences. While the intimate information disclosed during a session must remain confidential, so too should the attendance itself.

Last week, an article written by Kashmir Hill at, reported on a psychiatrist who was made aware that her patients were being recommended as potential friends to one another over Facebook. While the psychiatrist herself reported only occasional use of the social messaging platform and never shared her e-mail or phonebook contacts, the recommendation engine was able to find common factors between her patients, recommending them to one another as “people you may know”. 

Facebook states that its suggestion engine works by analysing “mutual friends, work and education information, networks you’re part of, contacts you’ve imported and many other factors”. The vagueness of this statement leads to the question, what are these other factors?

Could it be that her patients have “checked-in” to similar places in and around the treatment location? Could these common locations be factors that Facebook analyse to generate friend suggestions? If the patients are sharing their email and phonebook contacts, could Facebook be linking them through their common contact with the psychiatrist? If so, could this be actively exploited to identify patient details?

This example illustrates the way technology is bridging the gap between the professional space and the personal. It also acts as a warning sign for the growing use of technologies that were never designed, or intended for medical use, which are now fast becoming everyday tools within the industry. WhatsApp is a great example of this. It’s inexpensive, simple to implement, has almost no integration with hospital or clinical systems, but enables real time, media rich communication between medical staff, and even patients.

The rapid adoption of these technologies into and on the boundaries of the medical industry could have huge benefits, but unintended consequences may result in significant personal and societal costs. How these technological changes are managed to allow society to benefit while maintaining fundamental values that protect the individuals right to privacy is at the forefront of the Privacy & Us project. These types of questions will be the focus of our multidisciplinary research over the next three years, so watch this space.

Post Written By Mark Warner - usable privacy and security researcher. Twitter: @privacurity

Wednesday, August 31, 2016

IFIP Summer School 2016 and 1st Privacy&Us Training Event

Last week happened the IFIP Summer School, in Karlstad, Sweden, in the Computer Science building at Karlstad University (KAU), which had as the main subject "Privacy and Identity Management".

"Egg room", one of the classes where the lectures happened, at Karlstad Univesity, Sweden. Picture taken by Michael Bechinie
It was a very diversified and interdisciplinary program: from Monday to Friday (August 21-26) the participants had the opportunity to join multiple sections varying from law to computer science, from ethics to HCI (human-computer Interaction), all of them investigating this very interesting and rich field of Privacy and Identity Management. You can check the entire program here.

Among the speakers were Amelia Andersdotter (, Jan Camenisch (IBM Research – Zürich, Switzerland), Roger Clarke (Xamax Consultancy Pty Ltd., Australia), Jolanda Girzl (Konsument Europa, Director, ECC Sweden Swedish Consumer Agency), Marit Hansen (Privacy Commissioner of Schleswig-Holstein, ULD, Germany), Rainer Knyrim (Preslmayr Rechtsanwälte AG, Austria), Steven Murdoch (University College London, UK – TBC), Charles Raab (University of Edinburgh, UK), Angela Sasse (University College London, UK), Bernd Carsten Stahl (De Montfort University, Leicester, UK) and Vicenc Torra (University of Skövde).

As a continuation of the summer school on August 25th started the 1st Privacy&Us (Privacy & Usability) training event, having the presence of the PhD students, their supervisors and the business partners of the project. This was the first training event of the program, which had various interesting lectures, always dealing with privacy, usability, or the intersection of both fields. For example, the participants had a lecture on "Privacy of Personal Health Data", with Angela Sasse; another lecture about the General Data Protection Regulation with Rainer Knyrim and a workshop on "Introduction to Usability", with Angela Sasse and Michael Bechinie, all in the first day.

In the end, after such a productive week, we could all relax and enjoy a delicious barbecue - Swedish style! - in Karlstad, in a sunset atmosphere. You can check the beautiful pictures (all taken by the participants of the program) below.

Stay tuned to receive more news about Privacy&Us (and more news about privacy as well!). Don't forget to subscribe to the blog (on the right side of the page).

All the best,

Luiza Rezende

One of the lectures. Picture taken by Emiliano de Cristofaro

barbecue in karlstad
Our Swedish barbecue. Picture taken by Emiliano de Cristofaro
barbecue in karlstad
More about our barbecue. Picture taken by Alexandros Mittos
In the city of Karlstad. Picture by Michael Bechinie

The beautiful sunset. Picture taken by Alex Railean

Thursday, August 25, 2016

Ph.D. Position at Tel Aviv University on Usable Privacy

Dear all,

Please find below this very interesting PhD position on usable privacy at Tel Aviv University. Interested candidates should contact directly Prof. Joachim Meyer (

Luiza Rezende


Tel Aviv University in Israel is urgently looking for a candidate for a Ph.D. position in the field of usable privacy as part of the Privacy & Usability (Privacy & Us) EU H2020 MSCA Innovative Training Network (project 675730). The project will train Ph.D. candidates in collaboration with European top universities, private companies and government agencies. For general information on the project, see Privacy & Us.

The research will deal with Modeling Responses to Privacy-related Indications. The Ph.D. will develop models of user responses to privacy-related indications from systems or other information sources and validate these models with empirical research to generate effective privacy notifications and information. Supervisor: Prof. Joachim Meyer (Engineering).

The Ph.D. student will study in the Department of Industrial Engineering, at the Faculty of Engineering at Tel Aviv University (TAU) and will be part of the Interacting with Technologies Lab (IWiT lab) co-directed by Prof. Joachim Meyer and Dr. Eran Toch.

The program provides generous scholarships, full research funding and travel expenses for up to 3 years. During this time, the student will conduct research at Tel Aviv University and will participate in several training and development activities, such as summer schools and secondments with the various partners.

Applicant's profile:

- M.Sc. (or equivalent) in Industrial Engineering, Information Systems, Human-Computer Interaction, Cognitive Psychology, Computer Science, or related fields. The student must have completed a research thesis as part of the M.Sc. studies.
- Applicants should ideally have a background in behavioral research methods, statistics, and modeling of human behavior and should have some experience in software development.
- Excellent knowledge of English (preferably documented through a high TOEFL score or another standardized English language proficiency test).
- Applicants cannot have resided in Israel for more than 12 months over the past 3 years before beginning the program

Applications, written in English, should be submitted electronically to Joachim Meyer (

Applications should include:
- A Curriculum Vitae (including your contact address, work experience and list of publications)
- A cover letter explaining your motivation and career plans
- Transcripts of all courses and grades for your Bachelor and Master programs
- A copy of your Master's thesis
- Two letters of recommendation, at least one of which should be from the thesis supervisor, and contact information for up to five additional people that have consented to provide recommendations if asked to do so.

For further inquiries, please contact: Prof. Joachim Meyer (