8-533 / 8-733 / 19-608 / 95-818: Privacy Policy, Law, and Technology

Semester Project

All students in this course will be required to complete a project that they work on throughout the semester. Students will work in small groups of three to six students. Expectations about the size of the project will scale with the size of the group.


September 17 - Project assignment discussed in class
September 29 - Project selection survey due before class
October 6 - Project teams formed
October 13 - One-paragraph project description due (5 points)
October 29 - Project proposal due (10 points)
December 3 - Draft paper due (10 points)
December 10 - Poster fair (15 points)
December 18, noon - Final paper due (60 points)

The various project assignments due before the final paper are designed to make sure you are making progress on your project throughout the semester and to give you opportunities to get feedback on your work along the way. Your draft paper will be graded for completeness, not content. For example, you will receive full credit for your draft paper if it has all the expected components and it appears that you put some effort into your draft, even if the content is unpolished. However, if your draft is missing an essential component (for example, a bibliography), you will not receive full credit. You will also lose points for submitting project components late. All project-related assignments will be graded within one week if they are submitted on time. You may also submit these assignments early for early feedback.


One-paragraph Project Description

Turn in a one-paragraph description of the project you intend to complete. List all the team members. Please email your one-paragraph description as plain text (cut and paste into the body of your email) to privacy-homework AT cups DOT cs DOT cmu DOT edu and put "project description NAME1 NAME2" in the subject line (where NAME1 and NAME2 etc. are the names of the people proposing this project. If you want early feedback or help deciding between a few project ideas, please discuss with the professor or TA.

Project Proposal

The project proposal should include:

You might think of the project proposal as being similar to a grant proposal (without the need to fill out government forms or prepare a budget request). In the process of preparing this proposal you should conduct a literature review so that you can cite the relevant related work in your proposal. Besides being a graded assignment, the project proposal serves as a way for you to organize your thoughts about how to proceed with your semester project and to communicate them to your instructor. You will receive feedback on your proposal that may result in some changes to your project plans.

Writing quality (grammar, spelling, clarity, etc.) will be taken into account in your grade.

Please email your project proposal as a PDF file to privacy-homework AT cups DOT cs DOT cmu DOT edu and put "project proposal" in the subject line.

Draft Paper

Your draft paper should be a nearly complete version of your final project report. Please leave place holders for anything that is still incomplete and explain briefly what you expect to add in the final paper. If you developed software or created something as part of the project, please provide screen shots, a link to a demo, or other information so that the instructor can give you feedback on that part as well. Submit your draft paper BOTH via email and hard copy. Submit your draft double-spaced or with wide margins so that there is plenty of room for writing comments. Staple your draft in the top left corner. Do not submit it in a binder or report cover. Your electronic submission should be a PDF file emailed to privacy-homework AT cups DOT cs DOT cmu DOT edu and have "draft paper" in the subject line.

Final Paper

Your project report should document the work you have done on your project. It should include an updated version of the literature review, and background and motivation from your project proposal. If your project primarily involved writing a paper, then your project report may be the only artifact you submit. On the other hand, if you developed software or created something as part of this project, you should submit whatever you created in addition to the report. In the latter case, the report should document what you did and may include information about obstacles you encountered, testing and evaluation, design rationale, etc., as appropriate. Please consult with the instructor about what should be included in your report if you have any doubts. You will be graded both on your results as well as the accompanying explanation in your report.

Students enrolled in the 12-unit versions of this course are expected to write up their report in a format suitable as a conference paper submission.

Because of all the opportunities you have to get feedback on your project during the semester, the final paper and poster presentation will be graded with fairly high standards. What I will be looking for depends a lot on the particular project you choose. Here are some things I will be looking for in most papers.

Please submit your final paper BOTH via email and hard copy. Your electronic submission should be sent to privacy-homework AT cups DOT cs DOT cmu DOT edu and should have "final paper" in the subject line.


A poster session (open to the public) will be scheduled during the last week of classes. You should prepare a poster that provides an overview of your project. A 32x40 inch foam core board and easel will be provided to each student. I will also provide thumb tacks, construction paper, glue sticks and other supplies. You may prepare your poster as a set of up to 9 8.5x11 sheets of paper or print it as a single sheet. SCS provides a large format poster printer by the SCS computing facilities help desk. More details about the poster session will be provided in class.

Your poster grade will be based on the content of your poster, the visual presentation, your oral presentation, and your ability to answer questions. Be prepared to give a three-minute presentation to your instructor or other poster evaluator and answer their questions.

Project ideas

The following are a list of suggested projects. Students may select one of these projects or develop their own project idea in consultation with the instructor.

Integrating privacy information into online forms

Develop a browser extension that detects when websites present a form to users and identifies which data types are asked form the user. For each identified field the browser extension should determine whether the website's privacy policy specifies how this data will be used, e.g., for what purposes and whether it is shared with third parties (if yes, for what reasons). For the project it is sufficient to show information for a fixed set of websites of which privacy policies have been analyzed beforehand. The focus is on a proof-of-concept integration of privacy information into the website's form in a usable and meaningful manner. The project might include a small user study to evaluate the effectiveness of the developed approach.

Developing privacy personas

Design and conduct a survey or interview study to gain insights on motivations of individuals seeking to protect their privacy. What do they want to protect from whom and why? From the study results derive a set of “privacy personas,” i.e., prototypical characterizations of users with specific privacy motivations and associated needs for privacy-enhancing technologies. This project will require IRB approval, so get that early!

Standardized privacy notice for wearable and internet of things (IoT) devices

Standardized notice formats have been proposed and are in use in different domains (e.g., privacy nutrition labels for websites, Gramm-Leach-Bliley Act [GLBA] privacy notice requirements for financial institutions). Wearable devices, such as activity trackers, smart clothing or Google Glass, as well as IoT devices, such as smart thermostats or connected cameras, pose novel privacy challenges due to their continuous collection of data and physical proximity to the user's body. The goal of this project is to analyze requirements for a standardized notice format for such devices. What data practices should be emphasized? What user requirements and concerns need to be taken into account? The team should focus either on wearables or IoT devices. The project would include a review of the existing literature on privacy in this area (see A Design Space for Effective Privacy Notices to get started), interviews or surveys with wearable/IoT users and non-users, and a technical analysis of wearable/IoT data practices in order to derive design recommendations for a standardized short-form privacy notice for wearables or IoT devices. This project will require IRB approval, so get that early!

Electronic health records and the health insurance portability and accountability act (HIPAA)

HIPAA became law before electronic health records were wide-spread, and certainly before the popularity of sensors such as the FitBit that measure activity and can provide health related information. Given the current use of digital information in the health system, and the advent of the quantified self, what needs to be changed or improved in HIPAA to protect privacy while encouraging innovation? For this project, you will evaluate HIPAA and conduct a comparative analysis of other health privacy laws, and compare this to the types of information collected by and the data practices of popular consumer health smart devices.

Improving data security breach notices

The state of California has a bill that requires companies that experience a breach of their data security to provide a notice to the state and those affected that the breach has occured. A proposed amendment to this bill would require these breach notices to have a format that makes them easier to read. (Read the proposed amendment here.) This amendment provides two new options. For this project, you will perform user testing, through a survey or interviews, to determine the effectiveness and usability of the two new formats as compared to the status quo ante, examples of which can be found here. This project will require IRB approval, so get that early!

Privacy protection strategies used on social networks

Conduct a study of social network users (in general or pick a particular one -- Facebook, Twitter, etc.) to determine their strategies for protecting their privacy. Do they self-censor, setup multiple accounts, use protected tweets, etc.? What strategies are most popular? What privacy threats do people believe they are protecting against? What privacy threats do they feel they have not adequately protected against? You might use interviews, focus groups, or surveys for this project. You will need IRB approval for this project--plan to get it early.

Privacy art installation

Create an interactive art piece that illustrates a privacy-related concept, makes viewers more aware of privacy issues, or causes the viewer to reflect on their feelings about privacy. Write a report that documents the piece, describes how viewers interacted with it or reacted to it, and includes relevant background.

International Privacy Survey

For decades, a small number of researchers have aimed to understand the international dimensions of privacy. For instance, in what ways do privacy norms compare and contrast across cultures? What types of behaviors are considered private in some countries, yet public in others? Are privacy concerns universal, or are some privacy concerns isolated to particular countries? Does the conception of privacy itself differ across countries? Many past studies of cultural differences in privacy have suffered from small or biased samples, surveys that were only available in English, or surveys that were restricted to only a small number of countries. Design and conduct an international privacy survey that investigates some of these questions using Amazon's Mechanical Turk or another popular crowdsourcing site. You will need IRB approval for this project--plan to get it early.

Privacy Notice-- In What Language?

The Internet has made the world smaller. Users from hundreds of different countries, speaking hundreds of different languages, access globally popular websites like Google, Facebook, Wikipedia, and Pinterest. However, members of Professor Cranor's CUPS lab have recently shown that even if a site is offered in a particular language, critical privacy information is not necessarily available at all in that language. The Dutch Data-Protection Authority took action against a company in part for failing to translate privacy information to Dutch for users in the Netherlands. In this project, you will systematically identify global websites or third-party advertising companies that regularly collect information from users around the world and quantify the extent to which they translate privacy-critical information into other languages.

Privacy software development

Design and implement a privacy-related software tool that offers functionality or features that are different from the other tools currently available. You might develop a stand-alone tool or develop a module for another piece of software, for example Mozilla. Depending on the scope of what you have in mind, it may not be feasible to implement your entire design during this semester, in which case you should implement one component of the design and document the rest of the design, perhaps also implementing a mocked up user interface. Your report should explain the rationale behind your design, the types of privacy protections this software offers, who would be interested in using it, and how it differs from other software currently available.

Web measurement study

Conduct a web measurement study that provides data on the prevalence of tracking, advertising, or privacy leakages. You might study whether Do Not Track is effective in preventing tracking or behavioral ads, or whether there is racial bias or price discrimination in e-commerce sites or ads. This could be a replication of previous work using more recent technologies, or focus on a new area.

Privacy and robots

What privacy issues are raised when robots operate in close proximity to people? How close is too close for drones to fly before they raise privacy concerns and heighten levels of fear and anxiety? Aerial robots are becoming increasingly capable of autonomously operating near people and animals. As the technology evolves (and safety guarantees increase), it is likely policies will allow systems to operate closer to people. As expected, one can empirically observe that these systems yield a heightened level of fear and anxiety when operating proximal to people. See http://www.popsci.com/article/technology/get-ready-robot-smog and http://www.wdrb.com/story/29650818/hillview-man-arrested-for-shooting-down-drone-cites-right-to-privacy. And it turns out bears don't like drones either. The evaluation of policies leading to FAA guidelines is based almost entirely on spatial safety. However, proximal safe operation will evolve. There may be some benefit of understanding the impact of the technology on the individual. This project will involve conducting background research on policy, precedents, related-lateral examples of psychological impact, and possibly some minimal/basic experimental evaluation (survey or experiment with people and drones) to establish correspondent empirical/primitive results suggesting potential guidelines and how these values change between individuals.

Kids and adults views of sharing on social networks

How do kids of various ages views of what they are comfortable sharing with friends (or their parents' friends) on social networks compare to parents views? This project will involve surveying kids and parents to see how comfortable they are sharing different types of information and photos with various audiences. This project will require IRB approval, so get that early! You will also need to figure out how to recruit qualifying kids and parents to take your survey, and will likely need to get parental consent.

Ad and tracker blocking

The Future of Privacy Forum is interested in gaining a better understanding of why people use ad and tracker blocking tools and understanding the implications of those tools for websites. Are people mostly concerned about the ads or the tracking? What websites break when people use these tools? Students working on this project could conduct a survey of tool users and/or conduct a study in which they use adblock+, Ghostery, and other tools and visit a large number of sites to determine how these tools impact the user experience at these sites. Note, that some sites have agreements with adblock+ so they won't have their ads blocked.