Call for Papers

Privacy and Data Protection in a Rapidly Changing World

The 20th IFIP Summer School on Privacy and Identity Management aims to create a platform for spreading awareness and facilitating interactions and knowledge exchanges around old and new issues by taking a holistic approach to society and technology. We support interdisciplinary research exchange and foster discussions through keynote lectures, tutorials, and workshops. Participants will benefit from presenting their research and receiving meaningful feedback. The IFIP Summer School culminates in the publication of selected papers by the participants as an edited volume published by Springer.

We welcome contributions addressing these issues from any of the following perspectives (and especially the interdisciplinary combination of more than one): sociological, legal, technical, ethical, political, surveillance, intersectional, anthropological, economic, historical, media & communication, regulatory, philosophical, critical, disabilities, and psychological studies in the areas of privacy, data protection, and identity management.

The IFIP Summer School encourages not only interdisciplinarity but also broader diversity. It particularly welcomes submissions on how to foster gender and cultural balance in privacy and identity research and policy, and notably, tutorials and workshops about how to raise awareness in these matters.

More information on this year’s theme will be added soon.

Possible Topics (tentative)

Topics of interest include, but are not limited to:

  • Technical and Organisational Measures, Methods, and Tools for Privacy and Data Protection that address:
    • Transparency and information provision to data subjects: Addressing the entire lifecycle of generative AI systems, from data collection (including unstructured data scraped from the Web) to secondary uses such as improving models from the contents of user prompts. This includes developing tools to detect unlawful use of personal data by generative AI systems.
    • Intervenability and control over personal data: Focusing on mechanisms within generative AI systems, such as machine un-learning, to support deleting personal data from existing models.
    • Unlinkability and anonymization: Ensuring the anonymization of personal data during the training and fine-tuning of models to prevent identification.
    • Confidentiality in generative AI tools: Exploring local training, federated learning, and encrypted processing (e.g., homomorphic encryption) in generative AI systems.
    • Accuracy in AI-generated personal data: Investigating approaches like humility rules, external verification for triangulation, human-on-the-loop (HOTL) feedback mechanisms, and self-improvement protocols that include learning from mistakes.
    • Integrity of generative models: Focusing on preventing, detecting, and correcting model poisoning and data poisoning.
    • Explainability of AI models: Including both external analyses (e.g., probing, counterfactuals) and internal model improvements (e.g., backtracking to identify influential model features, and source provenance in AI responses). This also encompasses detecting and avoiding bias in generated content and decisions.
    • Purpose limitation in data processing: Implementing binding policies to ensure data is used solely for its intended purpose in the context of generative AI.
    • Evaluation and performance assessment: Assessing generative AI solutions’ adherence to privacy goals.
    • Trustworthiness and Privacy by Design: Incorporating trustworthiness and privacy considerations into the development process of generative AI solutions, focusing on system assurance and compliance traceability.
  • Law, Regulation and Governance:
    • Data Protection and/or privacy implications of recent political, legal and technological developments (transparency, lawfulness, special categories of data, (joint)controllers, data subjects’ rights, DPIAs, publicly available personal data, explainability, etc).
    • European and other legislation on data and data governance (Data Act, Data Governance Act, Digital Services Act, Digital Markets Act, Artificial Intelligence Act, etc.).
    • The interaction of data protection with liability regulation (product liability reform) and/or AI (AI Act).
    • Socio-legal implications for children, workers, disadvantaged groups, companies, public bodies, governments, society, etc.
    • Governance institutions and policy processes, and regulatory bodies at different levels (e.g., national. regional, global).
    • The role of experts and the general public in shaping regulation and governance.
    • Data justice, data fairness and equality.
    • Fundamental rights and accountability in technology and data practices.
    • Certification and standardisation.
    • AI solutions for regulatory compliance, which aid organizations in adhering to privacy regulations.
  • Effects and Impacts (negative or positive):
    • Discriminatory effects of technology.
    • Technology-enabled social profiling and social exclusion.
    • Digital divides, digital dividends, data sovereignty.
    • Communities, societies, cultures, and technological mediation.
    • Data practices, AI, and the Global South.
  • Socio-Technical Perspectives:
    • Awareness, attitudes, skills, and behavior of citizens and public and private organizations.
    • Approaches for diversity, non-discrimination and democratic enhancement.
    • Surveillance, surveillance pressures, chilling effects.
    • Critical perspectives on data practices.
    • Welfare, solidarity, and care.
    • Data economy and ecosystems, new business models.
    • Trade-offs, tensions and conflicts between participation in digital cultures and privacy aspects.
    • Historical development of data practices.
    • Training, awareness, and empowerment of end-users, focusing on educating and equipping them to recognize and address privacy issues in AI effectively.

Why should I submit?

Accepted papers will receive thorough discussions during the school and will allow students to publish their papers in the IFIP AICT series by Springer.

All individual members of IFIP member societies (over 40 national IT societies plus ACM and others) plus all members of IFIP Technical Committees and Working Groups are entitled to a discount of at least 10% on all registration fees.

A course certificate for 1,5 ECTS can be granted to students who attend the Summer School and write a short essay on how their research is relevant to or can be inspired by the Summer School sessions. A course certificate for 3 ECTS can be granted to students who attend the Summer School, submit and present an abstract for a research article, and demonstrate that they have addressed the feedback from the Summer School in an extended version or rebuttal.

We encourage submissions from students from emerging economies: applying for support from the IFIP Digital Equity Fund is possible to ease student travel.

Call for Workshops and Tutorials Proposals

A workshop is an interactive session scheduled for one or two hours and focuses on involving students in discussion. In it, participants jointly work on a topic or project related to the Summer School theme. Workshop activities are summarized in short papers that recapitulate the outcome and the kinds of discussion raised in the Summer School for inclusion in the proceedings. Proposals for workshops should contain a 2-page statement presenting the topic and summarising the planned activity and the expected contributions from the audience members, e.g., responding to a questionnaire or conducting a small experiment. Proposers should indicate whether any special equipment is needed for the workshop, such as audio-visual systems or computational equipment and support.

Tutorials are one or two-hour-long presentations. They should deal with topics that interest the interdisciplinary audience in the Summer School. Tutorials should provide knowledge on theoretical, empirical, methodological, practical, or other aspects relevant to the Summer School. Tutorial Proposals should contain a 2-page summary and state the level and background required for audience members to follow the tutorial.

Workshop and tutorial proposals need to be in English language, and must be submitted electronically.