Ongoing news reports regarding global surveillance programs, massive personal data breaches in corporate databases, and notorious examples of personal tragedies due to privacy violations have intensified societal demands for privacy-friendly systems. In response, current legislative and standardization processes worldwide aim to strengthen individual’s privacy by introducing legal, organizational and technical frameworks that personal data collectors and processors must follow.

However, in practice, these initiatives alone are not enough to guarantee that organizations and software developers will be able to identify and adopt appropriate privacy engineering techniques in their daily practices. It is also difficult to systematically evaluate whether the systems developed comply with legal frameworks, provide necessary technical assurances, and fulfill users’ privacy requirements. It is evident that research is needed in developing techniques and tools that can aid the translation of legal and normative concepts, as well as user expectations into systems requirements. Furthermore, methods that can support organizations and engineers in developing systems that address these requirements are of increasing value.

In this context, privacy engineering research is emerging as an important topic. Engineers are increasingly expected to build and maintain privacy-preserving and data-protection compliant systems in domains such as health, energy, transportation, social computing, law enforcement, public services; based on different infrastructures such as cloud, grid, or mobile. While there is a consensus on the benefits of an engineering approach to privacy, concrete proposals for models, methods, techniques and tools that support engineers and organizations in this endeavor are few and in need of immediate attention.

To cover this gap, the topics of the International Workshop on Privacy Engineering (IWPE'19) focus on all the aspects of privacy engineering, ranging from its theoretical foundations, engineering approaches, and support infrastructures, to its practical application in projects of different scale. Specifically, we are seeking the following kinds of papers:

  1. technical papers that illustrate the engineering or application of a novel formalism, method or other research finding (e.g., a privacy enhancing protocol) with preliminary evaluation;
  2. experience and practice papers that describe a case study, challenge or lessons learned from in a specific domain;
  3. early evaluations of tools and other infrastructure that support privacy-related tasks;
  4. interdisciplinary studies or critical reviews of existing privacy engineering concepts, methods, tools and frameworks;
  5. vision papers that take a clear position informed by evidence based on a thorough literature review.