Skip to main content

Event Description

The Federal Trade Commission held a conference on January 14, 2016 to bring together a diverse group of stakeholders, including whitehat researchers, academics, industry representatives, consumer advocates, and government regulators, to discuss the latest research and trends related to consumer privacy and data security. The FTC called for research to be presented at the conference.

Videos from the Workshop

View Research Submissions

The FTC sought presentations on consumer privacy and security issues in the commercial sector. View research submitted without a request for confidential treatment.

Research Completed After PrivacyCon

The FTC welcomes privacy and data security researchers to inform us of their latest findings. The dialogue between researchers and policymakers must continue well after the initial PrivacyCon event.  We invite you to reach out to Dan Salsburg, Chief Counsel of the Office of Technology Research and Investigation, at, if you are interested in discussing your research with us or have further questions.

  • Session 1: The Current State of Online Privacy

    Ibrahim Altaweel is an undergraduate student studying computer science at University of California, Santa Cruz. He is a web security engineer at Good Research, and a privacy engineer at More information about Ibrahim Altaweel is available at his website at

    Steven Englehardt is a Ph.D. candidate at Princeton University’s department of computer science and a graduate research fellow at the Center for Information Technology Policy. Mr. Englehardt’s research focuses on the privacy and security of the web. In his research, he has developed a web measurement platform, OpenWPM, and has published several impactful measurement studies on web tracking.

    Chris Jay Hoofnagle is adjunct full professor at the University of California, Berkeley, School of Information. An elected member of the American Law Institute, Mr. Hoofnagle is author of the forthcoming Federal Trade Commission Privacy Law and Policy (Cambridge University Press 2016).

    Joseph Turow is the Robert Lewis Shayon Professor of Communication at the Annenberg School for Communication.  Professor Turow is an elected Fellow of the International Communication Association and was presented with a Distinguished Scholar Award by the National Communication Association.   In 2012, the TRUSTe internet privacy-management organization designated him a “privacy pioneer” for his research and writing on marketing and digital-privacy.  His forthcoming book with Yale University Press explores how retailers are using mobile devices to replicate internet-like surveillance and data gathering in physical stores. He has authored ten books, edited five, and written more than 150 articles on mass media industries.

    Justin Brookman is the Policy Director of the Federal Trade Commission’s Office of Technology Research and Investigation. Prior to joining the FTC, Justin was Director of Consumer Privacy at the Center for Democracy & Technology and Chief of the Internet Bureau of the New York Attorney General’s Office.

    Omer Tene is Vice President of Research and Education at the International Association of Privacy Professionals. He is an Affiliate Scholar at the Stanford Center for Internet and Society; and a Senior Fellow at the Future of Privacy Forum.

    Elana Zeide is an attorney, consultant, and scholar focusing on student privacy, data-driven education, and algorithmic assessment and credentialing. She is a Research Fellow at New York University’s Information Law Institute, an Affiliate of the Data & Society Research Institute, and an Advisory Board member of the Future of Privacy Forum and iKeepSafe. She writes for both popular and academic publications, recently including Algorithms Can Be Lousy Fortunetellers on Slate, Moving Beyond FERPA and FIPPs: Student Privacy Principles for the Age of Big Data forthcoming in the Drexel Law Review, and Unpacking Student Privacy in the upcoming Handbook of Learning Analytics & Educational Data Mining.

    Session 2: Consumers’ Privacy Expectations

    Serge Egelman is a Senior Researcher at the International Computer Science Institute (ICSI) and holds a research faculty appointment in the Department of Electrical Engineering and Computer Sciences (EECS) at UC Berkeley. He directs the Berkeley Laboratory for Usable and Experimental Security (BLUES), where his research focuses on consumer decision-making with regard to computer security and online privacy. This involves studying how people make decisions about their privacy and security, and then creating data-driven improvements to systems and interfaces that help them make better decisions.

    Ashwini Rao is a Ph.D. candidate in the School of Computer Science at Carnegie Mellon University. Her research interests include privacy, security, and usability. 

    Heather Shoenberger is an assistant professor of Advertising at the University of Oregon School of Journalism and Communication. She received a J.D. from the University of Missouri School of Law and a Ph.D. from the University of Missouri School of Journalism. Her research focuses on “targeted” messages spanning multiple types of media. Her current interests in this area are privacy issues relating to digital media.

    Jasmine E. McNealy is an assistant professor in the Department of Telecommunication, in the College of Journalism and Communications at the University of Florida, where she studies information, communication, and technology with a view toward influencing law and policy. She holds a Ph.D. in Mass Communication with an emphasis on Media Law, and a J.D. from the University of Florida.

    Andelka M. Phillips recently defended her thesis for the degree of doctor of philosophy in law (D.Phil., equivalent to Ph.D.) in the Faculty of Law at the University of Oxford. Her current research is concerned primarily with the appropriate regulation of direct-to-consumer genetic testing (DTC). She is also working on responsible innovation and the appropriate regulation of new and disruptive technologies more generally. Her doctoral research considered the regulation of DTC and included a review of the wrap contracts (clickwrap and browsewrap) of DTC companies that provide testing for health purposes. Her future work will examine the contracts and privacy policies of DTC companies offering non-health related testing. Ms. Phillips will be resident at the Brocher Foundation in August and September 2016.

    Jan Charbonneau is an academic who has taught Marketing at the undergraduate, postgraduate, MBA, and Executive MBA levels in Canada, Hong Kong, New Zealand, Australia, and throughout the Asia Pacific region. Her publications focus on public attitudes and behaviors, survey methodology, and educational materials, including two textbooks. She has honors and postgraduate qualifications in Political Science, Economics, and Business from Queen’s University in Canada, as well as honors and postgraduate qualifications in Law from Queensland University of Technology in Australia. She is taking time off from marketing to pursue an evidence-based Ph.D. in Law at the Centre for Law & Genetics, Faculty of Law, University of Tasmania, looking at how best to protect consumers in the emerging DTC Genetic Testing market.

    Kristen Anderson is an attorney at the Federal Trade Commission, in the Bureau of Consumer Protection’s Division of Privacy and Identity Protection. Her practice focuses on consumer privacy and data security. Ms. Anderson joined the FTC in 2011 after earning her J.D. at the Georgetown University Law Center and her M.P.P at the Georgetown Public Policy Institute (now the McCourt School of Public Policy).

    Alan McQuinn is a Research Assistant with the Information Technology and Innovation Foundation. His research areas include a variety of issues related to information technology and Internet policy, such as cybersecurity, privacy, virtual currencies, e-government, Internet governance, and commercial drones. He graduated from the University of Texas at Austin with a B.S. in Public Relations and Political Communications.

    Darren Stevenson is a Ph.D. Candidate in Communication Studies at the University of Michigan and an Affiliate Scholar at the Center for Internet and Society at Stanford Law School. He graduated summa cum laude from the University of Illinois at Urbana-Champaign. Mr. Stevenson’s research examines the personalization of digital media, investigating the roles of trust, privacy concerns, algorithms, and data analytics. He provides digital strategy expertise to organizations and has served as a consultant on a range of technology projects for Fortune 500 companies, governments, and non-profit organizations.

    Session 3: Big Data and Algorithms: Transparency Tools Revealing Data Discrimination

    Michael Carl Tschantz is a researcher at the International Computer Science Institute, with a Ph.D. in Computer Science from Carnegie Mellon University. He uses the models of artificial intelligence and statistics to solve the problems of privacy and security. His current research includes automating information flow experiments, circumventing censorship, and securing machine learning.

    Anupam Datta is an Associate Professor at Carnegie Mellon University where he holds a joint appointment in the Computer Science and Electrical and Computer Engineering Departments. His research area is security and privacy. His current focus is on information accountability — foundations and tools that can be used to provide oversight of complex information processing ecosystems (including big data systems) to examine whether they respect privacy, and other desirable values in the personal data protection area, such as fairness and transparency. His work has produced accountability tools deployed in industry, and studies that rigorously demonstrate concerns with privacy, fairness, and transparency in online behavioral advertising. He holds a Ph.D. in Computer Science from Stanford University.

    Roxana Geambasu is an Assistant Professor of Computer Science at Columbia University. She joined Columbia in the fall of 2011 after finishing her PhD at the University of Washington.  For her work in cloud and mobile data privacy, she received an Early Career Award in Cybersecurity from the University of Washington Center for Academic Excellence, a Microsoft Research Faculty Fellowship, a 2014 “Brilliant 10” Popular Science nomination, an NSF CAREER award, an Honorable Mention for the 2013 inaugural Dennis M. Ritchie Doctoral Dissertation Award, a William Chan Dissertation Award, two best paper awards at top systems conferences, and the first Google Ph.D. Fellowship in Cloud Computing.

    Daniel Hsu is an assistant professor in the Department of Computer Science and a member of the Data Science Institute, both at Columbia University. Previously, he was a postdoc at Microsoft Research New England, and the Departments of Statistics at Rutgers University and the University of Pennsylvania. He holds a Ph.D. in Computer Science from UC San Diego, and a B.S. in Computer Science and Engineering from UC Berkeley. His research interests are in algorithmic statistics, machine learning, and privacy. His work has produced the first computationally efficient algorithms for numerous statistical estimation tasks (including many involving latent variable models such as mixture models, hidden Markov models, and topic models), provided new algorithmic frameworks for tackling interactive machine learning problems, and led to the creation of highly scalable tools for machine learning applications.

    James C. Cooper is an Associate Professor of Law, and director of the Program on Economics & Privacy, at George Mason University School of Law. Prior to moving to George Mason, Professor Cooper spent several years at the Federal Trade Commission, including serving as Deputy and then Acting Director of the FTC’s Office of Policy Planning, and later as an advisor to Commissioner William E. Kovacic. He also worked in the antitrust group at Crowell & Moring LLP in Washington, DC, for several years before joining the FTC. James is the editor of The Regulatory Revolution at the FTC: A Thirty-Year Perspective on Competition and Consumer Protection, and his research has appeared in academic journals including the Antitrust Law Journal, Journal of Regulatory Economics, and the International Review of Law & Economics. He has a Ph.D. in Economics from Emory University and a J.D. (magna cum laude) from George Mason University School of Law, where he was a Levy Fellow and a member of the George Mason Law Review.

    Dan Salsburg is the Chief Counsel and Acting Chief of the Office of Technology, Research and Investigation (OTech) in the Bureau of Consumer Protection (BCP) at the Federal Trade Commission. Prior to joining OTech, Dan served as an Assistant Director in BCP, where he supervised investigations and cases involving spam, Internet fraud, and mobile technologies. Previously, he served as a Senior Trial Attorney in the Commodity Futures Trading Commission’s Division of Enforcement. Dan received his B.A. and J.D. degrees from the University of Pennsylvania.

    Deirdre K. Mulligan is an Associate Professor in the School of Information at UC Berkeley and a co-Director of the Berkeley Center for Law & Technology. Prior to joining the School of Information in 2008, she was a Clinical Professor of Law, founding Director of the Samuelson Law, Technology & Public Policy Clinic, and Director of Clinical Programs at the UC Berkeley School of Law (Boalt Hall). Ms. Mulligan is the Policy lead for the NSF-funded TRUST Science and Technology Center, which brings together researchers at UC Berkeley, Carnegie-Mellon University, Cornell University, Stanford University, and Vanderbilt University. Her current research agenda focuses on information privacy, security, and cybersecurity. She is Chair of the Board of Directors of the Center for Democracy and Technology, and a Fellow at the Electronic Frontier Foundation.

    Session 4: Economics of Privacy & Security

    Jens Grossklags is the Haile Family Early Career Assistant Professor of Information Sciences and Technology at the College of Information Sciences and Technology, the Pennsylvania State University. He directs the Security, Privacy and Information Economics Laboratory (SPIEL), which focuses on economic and behavioral foundations and applied challenges in the areas of privacy and security. Previously, he served as a Postdoctoral Research Associate at the Center for Information Technology Policy, and as a Lecturer of Computer Science at Princeton University. In 2009, he completed his doctoral dissertation at UC Berkeley’s School of Information. At UC Berkeley, he also completed master’s degrees in Computer Science, and Information Management and Systems.

    Veronica Marotta is a Ph.D. student in Public Policy and Management at the Heinz College, Carnegie Mellon University. Her background is in economics and quantitative analysis with a Master of Econometrics and Mathematical Economics from Tilburg School of Business and Economics. Ms. Marotta’s research interest is at the intersection of economics and information systems, with a particular focus on economics of privacy and digital economy.

    Alessandro Acquisti is a Professor of Information Technology and Public Policy at the Heinz College, Carnegie Mellon University. He researches the economics and behavioral economics of privacy. His studies have spearheaded the application of behavioral decision research to privacy decision making and the analysis of privacy and disclosure behavior in online social networks. He is an Andrew Carnegie Fellow, sits on the Board of Regents of the National Library of Medicine, and holds degrees from UC Berkeley (Ph.D., Master), London School of Economics and Trinity College Dublin (Masters), and University of Rome (Laurea).

    Catherine Tucker is the Sloan Distinguished Professor of Management Science and Professor of Marketing at MIT Sloan and Chair of the MIT Sloan Ph.D. Program. Her research interests lie in how technology allows firms to use digital data to improve their operations and marketing, and in the challenges this poses for regulations designed to promote innovation. She has particular expertise in online advertising, digital health, social media, and electronic privacy. Generally, most of her research lies in the interface between marketing, economics, and law. She holds a Ph.D. in economics from Stanford University, and a B.A. from the University of Oxford.

    Sasha Romanosky researches topics in cyber security, privacy, law enforcement, national security, and law & economics. He is a policy researcher at the RAND Corporation. Mr. Romanosky holds a Ph.D. in Public Policy and Management from Carnegie Mellon University and a B.S. in Electrical Engineering from the University of Calgary, Canada. He was a Microsoft research fellow in the Information Law Institute at New York University, and was a security professional for over ten years. Mr. Romanosky holds a CISSP certification and is co-author of the Common Vulnerability Scoring System (CVSS), an open standard for scoring computer vulnerabilities.

    Kevin Moriarty is an attorney in the Division of Privacy and Identity Protection in the Bureau of Consumer Protection of the Federal Trade Commission. He works on investigations and litigation involving privacy and data security.

    Doug Smith is an economist at the Federal Trade Commission in the Division of Consumer Protection of the Bureau of Economics. His focuses include consumer disclosures and online privacy and security. His research interests include mechanism design, online privacy, and markets with fraudulent goods. He received his B.A. from Harvard and his Ph.D. in Economics from the University of Michigan.

    Siona Listokin is an associate professor at George Mason’s School of Policy, Government, and International Affairs, where she specializes in regulation, privacy, public finance and corporate governance. She is also the director of the Master of Public Policy (MPP) program.

    Session 5: Security and Usability

    Sarthak Grover is a Ph.D. student at the Department of Computer Science, Princeton University. He received his bachelor’s and master’s in Electronics and Communications Engineering from the Indian Institute of Technology (IIT) Roorkee in 2010. Mr. Grover’s research focuses on home network measurement and security, in particular, measuring home broadband performance, traffic usage, and security & privacy of devices in a home network. He received the STEM Chateaubriand fellowship in 2015 for pursuing research on security of Internet of Things.

    Vitaly Shmatikov is a professor of computer science at Cornell University and Cornell Tech. Dr. Shmatikov works on computer security and privacy. In recent years, his research group received the PET Award for Outstanding Research in Privacy Enhancing Technologies twice, Best Student Paper or Best Practical Paper Awards at the IEEE Symposium on Security and Privacy three years in a row, as well as the Best Applied Security Paper Award, NDSS Best Student Paper Award, and CCS Test-of-Time Award.

    Dr. Florian Schaub is a postdoctoral fellow in the School of Computer Science at Carnegie Mellon University. His research focuses on human factors of privacy, human-computer interaction, ubiquitous computing, and mobile security. Dr. Schaub has a doctoral degree and Diplom in Computer Science from the University of Ulm, Germany, and a Bachelor in Information Technology (Multimedia Technology) from Deakin University, Australia. He is an IAPP Certified Information Privacy Professional (CIPP/US) and Privacy Technologist (CIPT).

    Norman Sadeh is a professor in the School of Computer Science at Carnegie Mellon University, where he also co-founded and co-directs the Master’s Program in Privacy Engineering. His research focuses primarily on usable security and privacy, machine learning, mobile computing and the Internet of Things. Dr. Sadeh is currently serving as lead principal investigator on two of the largest domestic research projects in privacy, a National Science Foundation frontier project on “Usable Privacy Policies” that combines machine learning, natural language processing and crowdsourcing to semi-automate the annotation of privacy policies, and a DARPA Brandeis project to develop personalized privacy assistants for the Internet of Things.

    Aaron Alva is the Tech Policy Fellow at the Federal Trade Commission. Prior to joining the FTC, he focused on multidisciplinary cybersecurity research and policy. Mr. Alva has published work on a variety of topics including cloud forensics, digital evidence admissibility, and legal requirements engineering. Mr. Alva jointly completed a Master of Science in Information Management and a J.D. at the University of Washington as an NSF CyberCorps scholarship recipient.

    Geoffrey A. Manne is the founder and Executive Director of the International Center for Law and Economics (ICLE). A nationally recognized expert in the law and economics of antitrust, consumer protection, privacy & data security, and telecommunications, Mr. Manne is the editor, with former FTC Commissioner Joshua Wright, of Competition Policy and Intellectual Property Law Under Uncertainty: Regulating Innovation from Cambridge University Press. Formerly a professor at Lewis & Clark Law School, Mr. Manne left teaching to found ICLE in 2009. Mr. Manne’s publications have appeared in numerous journals, including the Journal of Competition Law and Economics, the Harvard Journal of Law and Public Policy, and the Columbia Business Law Journal.

    Davi Ottenheimer, President of flyingpenguin and faculty at IANS, is a strategist, consultant, and author focused on cultural disruption with emerging technology and the ethics of intervention. For more than twenty years, he has led global teams to ensure safety and freedom for billions of people. Mr. Ottenheimer is a noted expert on global security operations and assessments, including digital forensics and incident response, having worked within most industries and more than seventy countries.

FTC Privacy Policy

Under the Freedom of Information Act (“FOIA”) or other laws, we may be required to disclose to outside organizations the information you provide when you pre-register for events that require registration. The Commission will consider all timely and responsive public comments, whether filed in paper or electronic form, and as a matter of discretion, we make every effort to remove home contact information for individuals from the public comments before posting them on the FTC website.

The FTC Act and other laws we administer permit the collection of your pre-registration contact information and the comments you file to consider and use in this proceeding as appropriate. For additional information, including routine uses permitted by the Privacy Act, see the Commission’s Privacy Act system for public records and comprehensive privacy policy.

This event will be open to the public and may be photographed, videotaped, webcast, or otherwise recorded.  By participating in this event, you are agreeing that your image — and anything you say or submit — may be posted indefinitely at or on one of the Commission's publicly available social media sites.