Call for Papers: Privacy Research Day 2022

The first edition of the annual Privacy Research Day is organized by the French Data Protection Authority (CNIL) that brings together experts around the world to present their results in privacy and data protection research.

The goal of Privacy Research Day is to create a dialog between the CNIL legal and technical experts and academics in computer science, and human and social sciences. The CNIL teams will present the priorities of the CNIL for the upcoming year and explain how the presented work can be used by the Data Protection Authorities in France and in Europe. 

After this Privacy Research Day, the CNIL contemplates several possible types of collaborations with researchers: involvement in research projects, joint development of studies or tools, co-supervision of doctoral or post-doctoral students, hosting of researchers in residence and internship opportunities for young researchers, etc.

Call for Papers

For this new annual Privacy Research Day conference, the CNIL invites the scientific community to present academic publications and research projects in the field of privacy and personal data protection.

The CNIL is particularly interested in rigorous and empirical research from computer scientists and social scientists. Multidisciplinary research, including several fields, will be particularly encouraged.

CNIL is inviting contributions of the following types:

• Recently published research papers in international peer-reviewed conferences of journals;
• Research projects in advanced state or close to completion;
• Demonstrations of privacy-protective technologies (PETs).

Suggested topics include:

Video surveillance by AI

There are many more video surveillance streams available than people to watch them, what is the consequence of using AI to improve video protection? How are the algorithms trained? The risks of new discriminations? The new risks in terms of privacy?

Smartphones, the spies we love

In 10 years, smartphones have become an integral part of our daily lives and, despite the evolution of their OS, are collecting more and more data.

What are the new practices of players to collect data? How to analyze them and make them more transparent? How to apprehend bad actors? Are users aware of the risks they face? What were the design efforts for what consequences? Do users really have freedom of choice?

Data marketplaces

What are the practices of data resale? Is it possible to trace the sale of data? Are users aware that their data is being resold? What have been the consequences of data resales? What is the value of our data?

The exercise of rights and data protection in everyday life, what concrete implementation by individuals

The General Data Protection Regulation (GDPR) has created the right to portability, but the right to erasure and the right of access already existed in several EU countries (e.g. in French law).

What are the difficulties encountered in exercising these rights, especially the right to portability? What are the justifications? What are the problems encountered in responding to users' requests? Can we identify examples to follow? How can we facilitate the use of the law? What are the alternative strategies to exercising rights to protect one's data and privacy?

Economic incentives for compliance

The GDPR is perceived by some only as a cost while others see a factor of value creation and competitive advantage and by other.

What are the economic incentives for actors to comply? To what extent can these economic incentives become regulatory levers? What are the instruments available to the regulator for this (sunshine regulation)?

“I'm sorry Dave, I'm afraid I can't explain that”

While it is not present in the form we expected, nevertheless, artificial intelligence is well present in many aspects of our lives.

What are the effects of this wide adoption on our data protection, how does an AI inherit our data? How do we exercise our rights over an AI if it pools data? What are the effects on our freedoms and on the risks of discrimination? AI is often not as intelligent as we think, is it really artificial? What are the impacts on the processing of our data?

Surveillance at work, surveillance by peers

Surveillance in the workplace has been a major subject of complaints to the CNIL for many years, notably through surveillance cameras or vehicle geolocation devices. With the pandemic and the development of remote work, this subject has evolved in some organizations.

What are these new surveillance devices at work? How do they fit in with new forms of work organization? What are their effects on organizations and workers? How can employers be encouraged to comply with this issue? At the same time, easier access to technology is leading to increased surveillance of individuals among themselves, for example among neighbors or within couples. What are the dynamics of this peer surveillance?

Other topics proposed if the contributions relate to privacy protection, and in particular the following themes:

The environmental impact of data and data protection

The issue of the environmental footprint of digital technology has become a key issue in the public debate. What is the place of data protection in this debate? Are privacy by design architectures also greener? Can we protect our data and our environment?

New forms of data capture

What are the weak signals that allow us to learn more about users? How is user data collected without their knowledge? Are new hidden paths being used?

Other research related to personal data and privacy protection can be submitted.

More Information and Submission Process:

Call for Papers: Privacy Research Day 2022