November 21, 2017

CFP: Fourth International Workshop on Privacy Engineering (IWPE'18) - co-located to the 3rd IEEE European Symposium on Security and Privacy - 27 April 2018 - LONDON!!! 

Deadline of abstract submission: 12 January, 2018
Deadline of paper submission: 19 January, 2018
Notification of acceptance: 5 February, 2018
Accepted Paper camera ready: 23 February, 2018 

We are pleased to invite you to participate in the premier annual event of the International Workshop on Privacy Engineering (IWPE'18).

This year’s program seeks to highlight challenges to privacy posed by widespread adoption of machine learning and artificial intelligence technologies. One motivation for this focus stems from goals and provisions of the European General Data Protection Regulation (GDPR), including requirements for privacy and data protection by design, providing notices and information about the logic of automated decision-making, and emphasis on privacy management and accountability structures in organizations that process personal data. Interpreting and operationalizing these requirements for systems that employ machine learning and artificial intelligence technologies is a daunting task.

As engineering is asked to play a larger role in privacy governance, software developers need tools for understanding, systematizing, and embedding privacy into systems and workflows. This work also requires greater engagement with design, legal, and public policy departments.
Methods and tools for bridging privacy work across these communities are essential to success. Furthermore, research that focuses on techniques and tools that can aid the translation of legal and normative concepts into systems requirements are of great value.

Organizations also need tools for systematically evaluating whether systems fulfill users’ privacy needs and requirements and for providing necessary technical assurances. Methods that can support organizations and engineers in developing (socio-)technical systems that address these requirements is of increasing value to respond to the existing societal challenges associated with privacy.

In this context, privacy engineering research is emerging as an important topic. Engineers are increasingly expected to build and maintain privacy-preserving and data-protection compliant systems in different ICT domains such as health, energy, transportation, social computing, law enforcement, public services; based on different infrastructures such as cloud, grid, or mobile computing. While there is a consensus on the benefits of an engineering approach to privacy, concrete proposals for models, methods, techniques and tools that support engineers and organizations in this endeavor are few and in need of immediate attention. Also of great relevance are the development and evaluation of approaches that go beyond the one size fits all mantra, and that attend to the ever evolving practice of software engineering in agile service environments across different domains.

To cover this gap, the topics of the International Workshop on Privacy Engineering (IWPE'18) focus on all the aspects surrounding privacy engineering, ranging from its theoretical foundations, engineering approaches, and support infrastructures, to its practical application in projects of different scale across the software ecosystem. Specifically, we are seeking the following kinds of papers: (1) technical papers that illustrate the engineering or application of a novel formalism, method or other research finding (e.g., engineering a privacy enhancing
protocol) with preliminary evaluation; (2) experience and practice papers that describe a case study, challenge or lessons learned in a specific domain; (3) early evaluations of tools and other infrastructure that support engineering tasks in privacy requirements, design, implementation, testing, etc.; (4) interdisciplinary studies or critical reviews of existing privacy engineering concepts, methods, tools and frameworks; or !
 (5) vision papers that take a clear position informed by evidence based on a thorough literature review.

IWPE’18 welcomes papers that focus on novel solutions on the recent developments in the general area of privacy engineering. Topics of interests include, but are not limited to:

  • grating law and policy compliance into the development process 
  • Privacy or data protection impact assessments in the engineering context 
  • Privacy engineering and data driven software development 
  • Privacy engineering and machine learning 
  • Privacy engineering and artificial intelligence 
  • Privacy engineering and data subject access rights 
  • Privacy risk management models 
  • Privacy breach recovery methods 
  • Privacy engineering and data portability 
  • Technical standards, heuristics and best practices for privacy engineering 
  • Privacy engineering in technical standards 
  • Privacy requirements elicitation and analysis methods 
  • User privacy and data protection requirements 
  • Management of privacy requirements with other system requirements 
  • Privacy requirements elicitation and analysis techniques 
  • Privacy design patterns Privacypreserving architectures 
  • Privacy engineering and databases, services, and the cloud 
  • Privacy engineering in networks 
  • Engineering techniques for fairness, transparency, and privacy in databases 
  • Privacy engineering in the context of interaction design and usability 
  • Privacy testing and evaluation methods 
  • Validation and verification of privacy requirements 
  • Privacy Engineering and design 
  • Engineering Privacy Enhancing Technologies (PETs) 
  • Integration of PETs into systems or the development ecosystem 
  • Models and approaches for the verification of privacy properties 
  • Tools and formal languages supporting privacy engineering 
  • Usable privacy for developers 
  • Teaching and training privacy engineering 
  • Adaptations of privacy engineering into specific software development processes 
  • Pilots and realworld applications 
  • Evaluation of privacy engineering methods, technologies and tools 
  • Privacy engineering and accountability 
  • Privacy engineering and business processes 
  • Privacy engineering and manageability of data in (large) enterprises 
  • Organizational, legal, political and economic aspects of privacy engineering

This topic list is not meant to be exhaustive; since IWPE'18 is interested in all aspects of privacy engineering. However, to screen out off-topic papers early in the review process, we request authors to submit an abstract prior to their paper submission. Abstracts of papers without a clear application to privacy engineering will be considered outside the scope of this workshop and may be rejected.

We solicit unpublished short position papers (up to 4 pages) and long papers reporting technical, research or industry experience (up to 8
pages) on all dimensions of the privacy engineering domain. Each paper, written in English, must follow IEEE Proceedings format. Authors must submit an extended abstract prior to the paper submission. This abstract is aimed at 1) helping organizers understand whether the paper is on-topic early in the review process; and, 2)  Allowing reviewers to choose their preferred manuscripts in advance of the paper submission. 

Submission of a paper should be regarded as an undertaking that, should the paper  be accepted, at least one of the authors will attend the workshop to present the paper. All papers must be submitted via EasyChair at

If you have any questions regarding IWPE'18, please contact

IWPE’18 Organizing Committee

  • Jose M. del Alamo
  • Anupam Datta
  • Aleksandra Korolova
  • Deirdre K. Mulligan
  • Seda Gürses
  • Jose M. Such
  • Arunesh Sinha