Privacy, applied

Natural language privacy policies have become a de facto standard to address expectations of notice and choice on the Web. Yet, there is ample evidence that users generally do not read these policies and that those who occasionally do struggle to understand what they read. Initiatives aimed at addressing this problem through the development of machine implementable standards or other solutions that require website operators to adhere to more stringent requirements have run into obstacles, with many website operators showing reluctance to commit to anything more than what they currently do.

The security and integrity of elections is paramount in the furtherance of democracy. However, enhanced security often comes at the cost of making voting systems significantly more difficult for voters to use. With input from stakeholders in the voting process (most notably Travis County, Texas), we are constructing a prototype voting system and investigating how to design such a system so that it is significantly more secure than current solutions, without making it harder to participate in the election process.

Considerable research in the field has been focused on developing new technologies to enhance privacy; encryption of personal data is often presented as a potential solution. Many of the technologies resulting from this research are not being effectively utilized because of issues rooted in human judgment under risk and uncertainty. The majority of existing models and products related to human judgement are based on a limited number of documented incidents and on questionable assumptions about user intent and behavior.

The modernized Smart Grid (SG) is expected to enable several new applications such as dynamic pricing, demand response and fraud detection; however, collection of such fine-grained data raises privacy issues. This project aims to design and implement several novel mechanisms for securing data collection and communication in SG Advanced Metering Infrastructure applications while preserving user privacy when the data are to be accessed.

This project will help address the shortage of highly-skilled Cybersecurity professionals by bringing research results on pervasive and mobile computing security into education and by integrating them into existing Cybersecurity curricula. Although the research community is making progress towards effective solutions in mitigating security and privacy threats in pervasive computing, it still needs to find its way to university courses across the nation, especially, in the undergraduate curriculum.