Northwestern University

Wed 2:00 PM

CS + X Colloquium: Law - Dr. Sebastian Zimmeck, Postdoc in CS at Carnegie Mellon University's Institute for Software Research, "Improving Privacy Policy Compliance ̶ An Interdisciplinary Approach"

Dr. Sebastian Zimmeck

When: Wednesday, February 21, 2018
2:00 PM - 3:00 PM  

Where: Ford Motor Company Engineering Design Center, ITW Room, 2133 Sheridan Road, Evanston, IL 60208 map it

Audience: Faculty/Staff - Student - Public - Post Docs/Docs - Graduate Students

Contact: Brianna Mello   847.467.6558

Group: Electrical Engineering & Computer Science

Category: Lectures & Meetings


The EECS Department welcomes Dr. Sebastian Zimmeck, Postdoc in CS at Carnegie Mellon University's Institute for Software Research.

Zimmeck will present a talk entitled "Improving Privacy Policy Compliance  ̶  An Interdisciplinary Approach", on Wednesday, February 21 at 2:00 PM in the Ford ITW Room.

Abstract: Privacy policies are intended to notify Internet users of organizations’ privacy practices and give them choices to opt out from behavioral advertising and other unwanted services. However, very few users actually read privacy policies and many remain oblivious to what happens to their data. In addition, software developers are oftentimes not aware of their legal obligations and fail to disclose their privacy practices. These cases of non-compliance can remain undetected for extended periods of time as the Federal Trade Commission and other privacy regulators do not have the resources to perform their oversight systematically and comprehensively. The use of machine learning technologies to analyze privacy policies automatically for compliance with privacy law requirements holds promise to alleviate these problems.

Whether a privacy policy satisfies applicable privacy law requirements can be analyzed based on supervised machine learning and domain-specific feature engineering. The analysis results can be converted to a format that is easier to comprehend than a full text policy. Such format also allows regulators to perform inter-policy comparisons. Regulators can further evaluate the compliance of software with developers’ privacy promises by comparing the policy analysis results to what the pertinent software actually does. To avoid privacy non-compliance developers can automatically generate privacy policies from their code by using privacy policy generation plugins integrated in their development environments. However, as many emerging practices, especially, on IoT devices, are not easily detectable, further challenges for notifying users of privacy practices remain and require further work at the intersection of law and computer science.

Bio: Dr. Sebastian Zimmeck is a postdoc in computer science at Carnegie Mellon University's Institute for Software Research. His research interests are Internet privacy and security. Before coming to Carnegie Mellon Sebastian studied computer science at Columbia University. He also studied information privacy and intellectual property law and practiced in these areas as an attorney with international law firm Freshfields Bruckhaus Deringer. He was a Google Research Fellow at the Berkeley Center for Law & Technology. Sebastian holds degrees in computer science from Columbia University (MS, PhD) as well as law degrees from the University of California, Berkeley (LLM) and the University of Kiel (JD, PhD). He is licensed to practice law in California and Germany (both admissions currently inactive).

Hosted by: CS Division & Pritzker School of Law

Add Event to Calendar

Add Event To My Group:

Please sign-in