The information in this schedule is subject to change—please check back regularly!
Last updated: February 9, 2021.
| Week | Date | Topics | Readings | Leader | Deadlines |
|---|---|---|---|---|---|
| 1 | January 25 | Introduction | Ben | ||
| 1 | January 27 | Background: History | Ben | Law or regulation selection | |
| 2 | February 1 | Background: GDPR | Optional: “Position: GDPR Compliance by Construction” (Schwarzkopf et al., VLDB DMAH ‘19) | Ben | |
| 2 | February 3 | Background: ePD, COPPA, COPRA | Yaguang, Ken, Shuo | ||
| 3 | February 8 | Background: HIPAA, NYPA, CPRA | Michael, Steve, Jiachi | Paper sign-up | |
| 3 | February 10 | Requirements | “The Grace Period Has Ended: An Approach to Operationalize GDPR Requirements” (Ayala-Rivera and Pasquale, IEEE RE ‘18) | Ben | |
| 4 | February 15 | Requirements | “The General Data Protection Regulation: Requirements, Architectures, and Constraints” (Hjerppe et al., IEEE RE ‘19) | Shuo | |
| 4 | February 17 | Explainability | “Counterfactual Explanations Without Opening the Black Box: Automated Decisions and the GDPR” (Wachter et al., Harvard Journal of Law & Technology, 2018) | Jiachi | Project proposal |
| 5 | February 22 | Explainability | “Explainable Machine Learning in Deployment” (Bhatt et al., ACM FAT* ‘20) | Ken | |
| 5 | February 24 | Deletion | “Formalizing Data Deletion in the Context of the Right to be Forgotten” (Garg et al., EUROCRYPT ‘20) | Michael | |
| 6 | March 1 | Deletion | “Redactable Blockchain” (Ateniese et al., IEEE EuroS&P ‘17) | Steve | |
| 6 | March 3 | Deletion | “DELF: Safeguarding Deletion Correctness in Online Social Networks” (Cohn-Gordon et al., USENIX Security ‘20) | Ken | Project related work |
| 7 | March 8 | De-anonymization | “Towards Formalizing the GDPR’s Notion of Singling Out” (Cohen and Nissim, PNAS ‘20) | Kobbi Nissim (guest) | |
| 7 | March 10 | Deletion | “Machine Unlearning” (Bourtoule et al., IEEE S&P ‘21) | Shuo | |
| 8 | March 15 | Policy checking | “An AI-assisted Approach for Checking the Completeness of Privacy Policies Against GDPR” (Torre et al., IEEE RE ‘20) | Ken | |
| 8 | March 17 | Policy checking | “Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Data Flow Analysis with PoliCheck” (Andow et al., USENIX Security ‘20) | Michael | Project status update 1 |
| 9 | March 22 | Data provenance | “Practical Whole-System Provenance Capture” (Pasquier et al., ACM SoCC ‘17) | Ben | |
| 9 | March 24 | Data provenance | “A Blockchain-based Approach for Data Accountability and Provenance Tracking” (Neisse et al., ARES ‘17) | Steve | |
| 10 | March 29 | No class (spring break) | |||
| 10 | March 31 | No class (spring break) | |||
| 11 | April 5 | Web | “We Value Your Privacy… Now Take Some Cookies: Measuring the GDPR’s Impact on Web Privacy” (Degeling et al., NDSS ‘19) | Yaguang | |
| 11 | April 7 | Web | “(Un)informed Consent: Studying GDPR Consent Notices in the Field” (Utz et al., ACM CCS ‘19) | Shuo | |
| 12 | April 12 | Web | “Can I Opt Out Yet? GDPR and the Global Illusion of Cookie Control” (Sanchez-Rola et al., ACM AsiaCCS ‘19) | Jiachi | |
| 12 | April 14 | Web | “Do Cookie Banners Respect My Choice? Measuring Legal Compliance of Banners from IAB Europe’s Transparancy and Consent Framework” (Matte et al., IEEE S&P ‘20) | Yaguang | Project status update 2 |
| 13 | April 19 | Web | “Measuring the Emergence of Consent Management on the Web” (Hils et al., ACM IMC ‘20) | Jiachi | |
| 13 | April 21 | Databases | “Understanding and Benchmarking the Impact of GDPR on Database Systems” (Shastri et al., VLDB ‘20) | Michael | |
| 14 | April 26 | Mobile | “Automated Analysis of Privacy Requirements for Mobile Apps” (Zimmeck et al., NDSS ‘17) | Yaguang | |
| 14 | April 28 | Mobile | “An Empirical Evaluation of GDPR Compliance Violations in Android mHealth Apps” (Fan et al., IEEE ISSRE ‘20) | Steve | |
| 15 | May 3 | Project presentations | Project presentation | ||
| 15 | May 5 | Project presentations | |||
| 16 | May 10 | No class (study day) | |||
| 16 | May 12 | No class (final exam block) | |||
| 17 | May 17 | No class (final exam block) | Project report |