Special Issue on Managing Multi-Party, Interdependent Privacy Risks
Privacy is a complex affair. One important facet of this complexity emerges via the many types of inherent connections among individuals, and, therefore, their personal data. These connections include friendship relations, geographic co-locations, familial ties, and many more. Given this interconnectedness, a person’s own privacy is not only affected by her own decisions but also by those of others, giving rise to the phenomenon referred to as interdependent privacy. Under interdependent privacy, personal information is shared without the knowledge and/or direct consent of the data subject. In economic terms, an externality arises that influences the welfare of the data subject negatively without a compensation being offered. In addition to being a fertile ground for academic study, interdependent privacy does have significant real impact on our everyday lives as evidenced by, e.g., the Cambridge Analytica debacle. Therefore, it is paramount that we discover further areas where interdependent privacy can emerge, to qualitatively understand its expressions and to quantify its impact. But we also need to offer concrete solution approaches to manage interdependent privacy in existing applications, and to apply engineering principles (such as privacy-by-design) to avoid its occurrence in future networked systems. Design choices at the provider-level are critical in further heightening the impact of interdependent privacy as the Cambridge Analytica scandal vividly illustrated.
The purpose of this special issue in COSE is two-fold: (i) to build a unified and multidisciplinary research community around interdependent privacy that is currently scattered across research fields, such as privacy enhancing technologies, information systems, economics, marketing and data protection law; and (ii) to gather the latest advances in interdependent privacy research and to disseminate new ideas and results in this emerging field to a broad computing audience. We encourage the submission of papers from different scientific disciplines and multidisciplinary work covering new theoretical and experimental/empirical insights, policy research, and systems research on countermeasures with a dedicated focus on interdependent privacy. For submissions not primarily rooted in computing, authors should make an honest effort to relate their contribution to the technical/system design aspects of interdependent privacy. Topics of interest include, but are not limited to:
● Empirical research and real-world case studies in different contexts: social networks, online services, location privacy, genomic privacy, etc.
● Research on privacy attacks: e.g., inference attacks
● Theoretical research: economic models investigating information sharing incentives with game theory, and mechanism design; probabilistic modeling approaches
● Legal/policy studies: e.g., GDPR (joint controllers, amateur controllers); California CPA; and their impact on system design
● Experimental/behavioral research: user surveys; experiments on decision-making in settings with multiple users; extensions of existing behavioral models (e.g., privacy calculus); and their impact on system design
● Research on economic, and legal countermeasures, and their impact on system design; technical solution approaches (e.g., privacy-by-design, access control, machine learning)
● Social science research (including ethics; science and technology studies) addressing aspects of interdependent privacy; and their impact on system design
The submitted papers must be written in English and describe original research which is not published nor currently under review by other journals or conferences. Author guidelines for preparation of manuscript can be found at
All manuscripts and any supplementary material should be submitted through the Elsevier journal Computers & Security submission system at https://ees.elsevier.com/cose/. The authors must select VSI:Interdependent Privacy when they reach the journal type selection.
Submission deadline: August 15, 2021
First round of reviews: November 1, 2021
Second round of reviews: January 1, 2022
Final decision: February 15, 2022
List of Guest Editors
Gergely Biczók, Budapest University of Technology and Economics, Hungary
Kévin Huguenin, University of Lausanne, Switzerland
Mathias Humbert, Cyber-Defence Campus, Switzerland
Jens Grossklags, Technical University of Munich, Germany