PEPR '23 Call for Participation

Sponsored by USENIX, the Advanced Computing Systems Association.

The 2023 USENIX Conference on Privacy Engineering Practice and Respect (PEPR '23) will take place on September 11–12, 2023, at the Hyatt Regency Santa Clara in Santa Clara, CA, USA.

Important Dates

  • Submissions deadline: Tuesday, May 2, 2023 Tuesday, May 16, 2023
  • Notification to presenters: Tuesday, June 6, 2023 Tuesday, June 20, 2023

Conference Organizers

Program Co-Chairs

Divya Sharma, Google
Blase Ur, University of Chicago

Program Committee

Cara Bloom, MITRE
Greg Chappell, Meta
Chris Clifton, Purdue University
R. Jason Cronk, Institute of Operational Privacy Design
Rachel Cummings, Columbia University
Martin Degeling, Stiftung Neue Verantwortung and Ruhr-Universität Bochum
Damien Desfontaines, Tumult Labs
Giles Douglas, Betteromics
Steven Englehardt, DuckDuckGo
Nathaniel Fruchter, Google
Vaibhav Garg, Comcast Cable
Hana Habib, Carnegie Mellon University
Michael Hay, Tumult Labs and Colgate University
Maritza Johnson, University of San Diego
Sara Jordan
Apu Kapadia, Indiana University
Farzaneh Karegar, Karlstad University
Katharina Koerner, IAPP
Kevin Lee, JPMorgan Chase
Francesca Mosca, JPMorgan Chase
Nandita Narla, DoorDash
Kentrell Owens, University of Washington
Aleatha Parker-Wood, AWS
Madison Pickering, University of Chicago
Nuria Ruiz, Outschool.com
Shivan Kaul Sahib, Brave Software
Jayshree Sarathy, Harvard University
Florian Schaub, University of Michigan
Behrooz Shafiee, Stripe
Peter Snyder, Brave Software
Sha Sundaram, Apple
Lourdes Turrecha, The Rise of Privacy Tech and PIX LLC
Ben Weinshel, Apple
Molly Weiss, Nuna
Simone Wu, Google
Yaxing Yao, University of Maryland, Baltimore County
Tariq Yusuf

Steering Committee

Lorrie Cranor, Carnegie Mellon University
Lea Kissner, Lacework

Overview

The 2023 Conference on Privacy Engineering Practice and Respect (PEPR '23) is a single-track conference focused on designing and building products and systems that enhance privacy and respect for both users and society. Our goal is to improve the state of the art and practice in designing for privacy and respect, as well as to foster a deeply knowledgeable community of privacy practitioners and researchers who collaborate toward that goal.

We view diversity as a key enabler of this goal. Effectively designing for privacy and respect is a challenge in and of itself; attempting this without a range of perspectives is harder still. Thus, we encourage and welcome participation from all employment sectors, racial and ethnic backgrounds, nationalities, genders, disability statuses, ages, and all those other differences which make us richer as humanity.

PEPR '23 is committed to fostering a respectful and collaborative environment.

Call for Participation

PEPR '23 is soliciting proposals for 20-minute original talks, 10-minute short talks, and 45-minute panels featuring discussions with 3–5 speakers. Additional time will be added for Q&A. The program committee will select talks that best illuminate topics in the fields of practical privacy engineering and building systems that respect their users. PEPR is tilted toward constructive solutions, but also includes the illumination of challenges. We’re interested in talks from both practitioners and researchers about design proposals, research, deployed systems, case studies, and experience reports.

We are particularly interested in talks addressing the following themes:

Talks focused on building. Usability, crypto, and anonymization are all important, but these are only a small slice of what is needed to build for privacy and respect. PEPR is designed to take a comprehensive view, including topics like architecting large-scale systems for reliable and measurable data deletion, end-to-end consent (from the user all the way to infrastructure), data access and handling (how do you grant it, how do you understand it, how do you enforce it, how do you build a system so you can debug without granting too much, etc.), how to do a privacy review (design and code), privacy red-teaming, incident management, root cause analysis and coming full-circle, how to run an engineering-focused privacy program, and many, many, many more. We encourage case studies demonstrating the integration of practical considerations while building in any of these areas. In addition, we encourage talks related to building for a variety of privacy use-cases (e.g., compliance, consumer product innovation, new features).

Talks focused on practice. PEPR focuses on designing for privacy and respect in real-world systems. Everything technical is messier when it hits the real world, but privacy is messier than most because 1) there are a lot of humans and personal information involved; and 2) there are more regulatory and legal requirements than in many other technical fields. We encourage proposals that talk about the intersection of privacy and other fields as we build real world systems (e.g., the intersection of privacy and applied ethics).

Talks focused on applied research. We welcome proposals that focus on different aspects of privacy research that could help influence privacy designs in practice, as well as empirical studies that could be used by practitioners to make either better decisions or a stronger case for privacy engineering. Some examples include research related to privacy user interfaces, adoption/usage of privacy-related tools or features, attitudes and preferences related to privacy, surveys of how frequently various technologies are deployed, rates of compliance/non-compliance, and more.

Talks may include demos, if appropriate. New talks on previously published materials are also welcome. Please note that we do not accept product pitches or product demos.

Submission Guidelines

Please submit talk proposals via the submission form submission form.

Submissions require a proposed talk title, the names (and accompanying short bios) of the speakers, a short talk abstract (approximately 200 words), and a more detailed outline of the proposed talk/panel. Slides, videos, and supplemental materials are not required, and in fact not accepted, as part of this initial submission. Submissions will be reviewed by members of the program committee based on the proposal’s relevance to PEPR, as well as the quality and novelty of the proposal.

Note that PEPR is a venue for talks and panels discussing advances in privacy engineering, not a publication venue. While submissions undergo a rigorous peer-review process, there are neither formal proceedings nor archival publications. The final talk, talk abstract, talk video, and the names and bios of the speakers will appear on the conference website. Because PEPR is a venue for presentations, not publications, submissions are not anonymous during the review process.

If you have any questions, please reach out to pepr23chairs@usenix.org.